From d245d603268e5d2dc5c9279da8ebcb8b3955ef12 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Wed, 9 Jul 2025 17:40:30 -0400 Subject: [PATCH 01/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index b430e418307..ea110b89e85 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -37,11 +37,11 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | cd matchbox-engine - mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation + mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation - name: Build and analyze env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | cd matchbox-server - mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation + mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation From b638ce3e552326efbfe7650f2d467a5e5414a17c Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 12:28:47 -0400 Subject: [PATCH 02/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index ea110b89e85..bce4527b549 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -36,12 +36,12 @@ jobs: env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | - cd matchbox-engine - mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation - - name: Build and analyze - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: | - cd matchbox-server - mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation + # cd matchbox-engine + mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation + # - name: Build and analyze + # env: + # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + # run: | + # cd matchbox-server + # mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation From 1bb6183354850e484e02815777fb7b798eebab30 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 12:45:36 -0400 Subject: [PATCH 03/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index bce4527b549..de4b02ff544 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -36,8 +36,13 @@ jobs: env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | - # cd matchbox-engine - mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation + export MAVEN_OPTS="$MAVEN_OPTS -Dorg.slf4j.simpleLogger.defaultLogLevel=error" + mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation -l build.log + - name: Upload build log + uses: actions/upload-artifact@v4 + with: + name: build-log + path: build.log # - name: Build and analyze # env: # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 2a35ea676c3dcc68b8acabbb6e9a0ea0bcf48cac Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 12:55:20 -0400 Subject: [PATCH 04/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index de4b02ff544..74e82ec0ac5 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -33,6 +33,7 @@ jobs: key: ${{ runner.os }}-m2 restore-keys: ${{ runner.os }}-m2 - name: Build and analyze + continue-on-error: true env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | From 1068a78030ece083bd8e7badb383ed7b76297f16 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 13:22:30 -0400 Subject: [PATCH 05/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index 74e82ec0ac5..36f7fc1eda9 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -44,10 +44,4 @@ jobs: with: name: build-log path: build.log - # - name: Build and analyze - # env: - # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - # run: | - # cd matchbox-server - # mvn -B -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation From 0c681e2bfde222323c61f634f58550464d2ea21d Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 13:23:42 -0400 Subject: [PATCH 06/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index 36f7fc1eda9..73e76759e8a 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -39,6 +39,8 @@ jobs: run: | export MAVEN_OPTS="$MAVEN_OPTS -Dorg.slf4j.simpleLogger.defaultLogLevel=error" mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation -l build.log + # Log is too large and so we are creating a log file and uploading it. + # this is why we need continue on error on the step above. - name: Upload build log uses: actions/upload-artifact@v4 with: From 5af200e299c8f5dc61d94c73aed05960bdea8f65 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 16:40:23 -0400 Subject: [PATCH 07/11] Update java-sonar-build.yml updated project key --- .github/workflows/java-sonar-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index 73e76759e8a..5063aa09eeb 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -38,7 +38,7 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: | export MAVEN_OPTS="$MAVEN_OPTS -Dorg.slf4j.simpleLogger.defaultLogLevel=error" - mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_cicd-jira-automation -l build.log + mvn -B --no-transfer-progress -q verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=AccessDigitalHealth_matchbox -l build.log # Log is too large and so we are creating a log file and uploading it. # this is why we need continue on error on the step above. - name: Upload build log From e0c69171a1681b447aaa0ac615258ec7ea4effac Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 16:47:24 -0400 Subject: [PATCH 08/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index 5063aa09eeb..ccb704d070c 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -46,4 +46,11 @@ jobs: with: name: build-log path: build.log - + # Get Analysis on the Angular app as well. + - name: SonarCloud Frontend Scan + uses: SonarSource/sonarcloud-github-action@v2 + with: + projectBaseDir: ./matchbox-frontend + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + From 646b2e9421233059849b6bb54e36fbe0e97f83eb Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 18:37:01 -0400 Subject: [PATCH 09/11] Update java-sonar-build.yml --- .github/workflows/java-sonar-build.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/java-sonar-build.yml b/.github/workflows/java-sonar-build.yml index ccb704d070c..db33c77382f 100644 --- a/.github/workflows/java-sonar-build.yml +++ b/.github/workflows/java-sonar-build.yml @@ -46,11 +46,4 @@ jobs: with: name: build-log path: build.log - # Get Analysis on the Angular app as well. - - name: SonarCloud Frontend Scan - uses: SonarSource/sonarcloud-github-action@v2 - with: - projectBaseDir: ./matchbox-frontend - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From e1413611917c60e52a5183a23d67b93b812bd3c0 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 18:44:53 -0400 Subject: [PATCH 10/11] Create angular-sonar-build.yml --- .github/workflows/angular-sonar-build.yml | 35 +++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/angular-sonar-build.yml diff --git a/.github/workflows/angular-sonar-build.yml b/.github/workflows/angular-sonar-build.yml new file mode 100644 index 00000000000..66c2c21218f --- /dev/null +++ b/.github/workflows/angular-sonar-build.yml @@ -0,0 +1,35 @@ +name: Build +on: + workflow_dispatch: + schedule: + - cron: '0 0 * * 3' + +jobs: + sonarqube: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./matchbox-frontend + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: npm + cache-dependency-path: matchbox-frontend/package-lock.json + + - name: Install dependencies + run: npm ci + + - name: Test the build + run: npm run build + + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v5 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 798e91ab93c55468f63877aafe28d7524ca3e266 Mon Sep 17 00:00:00 2001 From: "Azhar Saleem (Infoway)" <127252512+azhar-saleem-infoway@users.noreply.github.com> Date: Thu, 10 Jul 2025 18:48:47 -0400 Subject: [PATCH 11/11] Create sonar-project.properties --- matchbox-frontend/sonar-project.properties | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 matchbox-frontend/sonar-project.properties diff --git a/matchbox-frontend/sonar-project.properties b/matchbox-frontend/sonar-project.properties new file mode 100644 index 00000000000..1dd0d87737d --- /dev/null +++ b/matchbox-frontend/sonar-project.properties @@ -0,0 +1,8 @@ +sonar.projectKey=accessdigitalhealth_matchbox_frontend +sonar.organization=accessdigitalhealth +sonar.projectName=matchbox angular frontend +sonar.host.url=https://sonarcloud.io +sonar.sources=. +sonar.sourceEncoding=UTF-8 +sonar.exclusions=**/node_modules/**,**/*.spec.ts,src/environments/** +