Skip to content

Merge pull request #821 from terrestris/dependabot/npm_and_yarn/seman… #233

Merge pull request #821 from terrestris/dependabot/npm_and_yarn/seman…

Merge pull request #821 from terrestris/dependabot/npm_and_yarn/seman… #233

Workflow file for this run

name: On push main
on:
push:
branches:
- main
jobs:
sonarqube:
if: ${{ github.actor != 'dependabot[bot]' }}
name: SonarQube Trigger
runs-on: ubuntu-latest
steps:
- name: Checkout sources 🔰
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: Setup Node.js 🧮
uses: actions/setup-node@v4
with:
node-version: 20
- name: Cache Node.js modules 💾
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.OS }}-node-
${{ runner.OS }}-
- name: Install dependencies ⏬
run: npm ci
- name: Test code ✅
run: npm run test
env:
CI: true
- name: Get shogun-admin version 🔖
run: |
echo "sonar.projectVersion=$(node -pe "require('./package.json').version")" >> ./sonar-project.properties
- name: SonarQube Scan 🔬
uses: SonarSource/[email protected]
with:
projectBaseDir: .
env:
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}