CCS-4 Fix sonar get report method #58

Workflow file for this run

.github/workflows/sonar-evidence-example.yml at 5089322

	name: sonar-evidence-example

	on:
	workflow_dispatch: # This allows manual triggering of the workflow
	push:
	branches:
	- carmit_examples
	pull_request:
	branches:
	- carmit_examples
	permissions:
	id-token: write
	contents: read

	jobs:
	docker-build-with-sonar-evidence:
	runs-on: ubuntu-latest
	env:
	DOCKER_REPO: 'test-docker-local'
	IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}'
	steps:
	- name: Display workflow and job names
	run: \|
	echo "Workflow name: $GITHUB_WORKFLOW"
	echo "Job name: $GITHUB_JOB"

	- name: Install jfrog cli
	id: setup-cli
	uses: jfrog/setup-jfrog-cli@v4
	env:
	JF_URL: ${{ vars.ARTIFACTORY_URL }}
	with:
	oidc-provider-name: jfrog-github-oidc

	- uses: actions/checkout@v4

	- name: Install SonarQube Scanner
	run: \|
	curl -sL -sSLo sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610.zip
	unzip sonar-scanner.zip
	export PATH=$PATH:$PWD/sonar-scanner-6.2.1.4610/bin
	pwd
	ls -l $PWD/sonar-scanner-6.2.1.4610/bin/
	echo "$PWD/sonar-scanner-6.2.1.4610/bin"
	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '21' # Specify the desired Java version here
	distribution: 'temurin' # You can also use 'temurin', 'zulu', etc.

	- name: Run SonarScanner
	id: run-sonar-scanner
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: \|
	$PWD/sonar-scanner-6.2.1.4610/bin/sonar-scanner \
	-Dsonar.projectKey=test-evidence \
	-Dsonar.organization=my-evidence-test-org \
	-Dsonar.host.url=https://sonarcloud.io \
	-Dsonar.java.jdkHome=$JAVA_HOME \
	-Dsonar.verbose=true \
	-Dsonar.token=$SONAR_TOKEN
	# create evidence from sonar-scan analysis
	set +e
	./examples/sonar-scan-example/bin/sonar-scan-extractor-linux-amd64 --reportTaskFile=$PWD/.scannerwork/report-task.txt --FailOnAnalysisFailure > predicate.json
	EXIT_CODE=$?
	set -e
	echo "Sonar scan extractor exist code: $EXIT_CODE"
	echo "Sonar scan report:"
	cat $PWD/.scannerwork/report-task.txt
	echo "Sonar scan extractor output:"
	cat predicate.json
	echo "Sonar scan extractor log:"
	cat sonar-scan.log

	echo "create-sonar-evidence=$EXIT_CODE" >> $GITHUB_OUTPUT


	- name: Create evidence
	if: ${{ steps.run-sonar-scanner.outputs.create-sonar-evidence == 0 }}
	run: \|
	echo "create-sonar-evidence=${{ steps.run-sonar-scanner.outputs.create-sonar-evidence}}

	# Attach evidence onto build using JFrog CLI
	jf evd create \
	--build-name $GITHUB_WORKFLOW \
	--build-number "${{ github.run_number }}" \
	--predicate ./predicate.json \
	--predicate-type https://jfrog.com/evidence/sonar-scan/v1 \
	--key "${{ secrets.JIRA_TEST_PKEY }}" \
	--key-alias ${{ vars.JIRA_TEST_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CCS-4 Fix sonar get report method #58

Workflow file

CCS-4 Fix sonar get report method #58

Jobs

Run details

Workflow file for this run