diff --git a/.github/workflows/iroha2-pr.yml b/.github/workflows/iroha2-pr.yml index 25c3d492..cb29682a 100644 --- a/.github/workflows/iroha2-pr.yml +++ b/.github/workflows/iroha2-pr.yml @@ -3,12 +3,12 @@ name: Iroha2-java pull requests workflow on: pull_request: branches: [ iroha2-dev, iroha2-main ] + jobs: build: runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v3 with: @@ -23,8 +23,23 @@ jobs: key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} restore-keys: | ${{ runner.os }}-gradle- - - name: Build with Gradle - run: ./gradlew build --info + - name: Build with Gradle & Sonarqube analysis + run: ./gradlew build testCoverage sonar -Dsonar.token=${{ secrets.SONAR_TOKEN }} --info + - name: DefectDojo + if: always() + uses: C4tWithShell/defectdojo-action@1.0.4 + with: + token: ${{ secrets.DEFECTOJO_TOKEN }} + defectdojo_url: ${{ secrets.DEFECTOJO_URL }} + product_type: iroha2 + engagement: ${{ github.ref_name }} + tools: "SonarQube API Import,Github Vulnerability Scan" + sonar_projectKey: hyperledger:iroha-java + github_token: ${{ secrets.GITHUB_TOKEN }} + github_repository: ${{ github.repository }} + product: ${{ github.repository }} + environment: Test + reports: '{"Github Vulnerability Scan": "github.json"}' - name: Upload build reports if: failure() uses: actions/upload-artifact@v3 diff --git a/build.gradle b/build.gradle index 96eeba45..2accec4e 100644 --- a/build.gradle +++ b/build.gradle @@ -15,6 +15,8 @@ plugins { id 'org.jmailen.kotlinter' version "$kotlinLinterVer" id 'maven-publish' id 'com.github.johnrengelman.shadow' version '8.1.1' + id 'org.sonarqube' version "5.1.0.4882" + id 'jacoco' } allprojects { @@ -30,6 +32,7 @@ subprojects { apply plugin: 'org.jetbrains.kotlin.jvm' apply plugin: 'org.jmailen.kotlinter' apply plugin: 'com.github.johnrengelman.shadow' + apply plugin: 'jacoco' publishing { publications { @@ -105,3 +108,71 @@ task allShadowJars { check { dependsOn "installKotlinterPrePushHook" } + +jacoco { + toolVersion = "0.8.8" + reportsDirectory = file("$buildDir/reports/") +} + +task testCoverage(type: JacocoReport) { + executionData fileTree(project.rootDir.absolutePath).include("**/build/jacoco/*.exec") + + subprojects.each { + sourceSets it.sourceSets.main + } + + reports { + xml.required = true + html.required = true + } +} + +test { + useJUnitPlatform() + dependsOn testCoverage +} + +sonar { + properties { + property "sonar.projectKey", "hyperledger:iroha-java" + property "sonar.host.url", "https://sonar.katana.soramitsu.co.jp" + property "sonar.projectName", "${project.group}:${rootProject.name}.${project.name}" + property "sonar.sources", "${project.projectDir}/src/main/java" + property "sonar.tests", "${project.projectDir}/src/test" + property "sonar.java.test.binaries", "${project.projectDir}/build/test-results/test/binary" + property "sonar.junit.reportPaths", "${project.projectDir}/build/test-results/test/" + property "sonar.coverage.jacoco.xmlReportPaths", "${project.projectDir}/build/reports/testCoverage/*.xml" + } +} + +tasks.named('testCoverage') { + dependsOn ":admin-client:processTestResources" +} + +tasks.named('testCoverage') { + dependsOn ":block:compileTestKotlin" +} + +tasks.named('testCoverage') { + dependsOn ":block:test" +} + +tasks.named('testCoverage') { + dependsOn ":block:processTestResources" +} + +tasks.named('testCoverage') { + dependsOn ":client:processTestResources" +} + +tasks.named('testCoverage') { + dependsOn ":codegen:test" +} + +tasks.named('testCoverage') { + dependsOn ":model:test" +} + +tasks.named('testCoverage') { + dependsOn ":test-tools:processTestResources" +} diff --git a/gradle.properties b/gradle.properties index e8a64ae7..cfe3410a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -18,3 +18,4 @@ junitVersion=5.9.3 # logging logbackVer=1.2.3 org.gradle.jvmargs=-XX:MetaspaceSize=128M -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8 +systemProp.sonar.host.url=https://sonar.katana.soramitsu.co.jp