From 550005e8ccaea8f497e3744f770de785aa144b02 Mon Sep 17 00:00:00 2001 From: HandyS11 Date: Tue, 23 Jun 2026 01:15:59 +0200 Subject: [PATCH] CI: add SonarQube analysis workflow + Codecov badge Add Sonar.yml running dotnet-sonarscanner on develop pushes (and workflow_dispatch). Community-Edition Sonar has no branch/PR support, so analysis is scoped to the long-lived develop branch; PR build/test feedback stays in CI.yml. Build/test run in Release with an explicit restore to mirror CI.yml, coverage is collected via coverlet (opencover) and uploaded to Codecov. Add the Codecov badge to the README. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/Sonar.yml | 78 +++++++++++++++++++++++++++++++++++++ README.md | 2 + 2 files changed, 80 insertions(+) create mode 100644 .github/workflows/Sonar.yml diff --git a/.github/workflows/Sonar.yml b/.github/workflows/Sonar.yml new file mode 100644 index 0000000..85639eb --- /dev/null +++ b/.github/workflows/Sonar.yml @@ -0,0 +1,78 @@ +name: SonarQube Analysis + +permissions: + contents: read + +# Analyze only the long-lived branch. Community-Edition Sonar has no branch/PR +# support — every analysis writes to the single main branch. PR build/test feedback +# is covered by CI.yml. +on: + push: + branches: + - develop + workflow_dispatch: + +jobs: + build: + name: Build and analyze + runs-on: ubuntu-latest + timeout-minutes: 15 + + steps: + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Set up JDK 17 + uses: actions/setup-java@v5 + with: + java-version: 17 + distribution: 'zulu' + + - name: Setup .NET + uses: actions/setup-dotnet@v5 + with: + dotnet-version: 10.0.x + + - name: Cache SonarQube packages + uses: actions/cache@v5 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Cache SonarQube scanner + id: cache-sonar-scanner + uses: actions/cache@v5 + with: + path: ./.sonar/scanner + key: ${{ runner.os }}-sonar-scanner + restore-keys: ${{ runner.os }}-sonar-scanner + + - name: Install SonarQube scanner + if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' + run: | + mkdir -p ./.sonar/scanner + dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner + + - name: Restore dependencies + run: dotnet restore + + - name: Build and analyze + run: | + ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{ secrets.SONAR_PROJECT_KEY }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="${{ secrets.SONAR_HOST_URL }}" /d:sonar.coverage.exclusions="**/tests/**" /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml" + dotnet build --no-restore --configuration Release + dotnet test --no-build --configuration Release --collect:"XPlat Code Coverage;Format=opencover" --blame-hang-timeout 60s + ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}" + + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v7 + with: + token: ${{ secrets.CODECOV_TOKEN }} + + - name: Upload test results to Codecov + if: ${{ !cancelled() }} + uses: codecov/codecov-action@v7 + with: + token: ${{ secrets.CODECOV_TOKEN }} + report_type: test_results diff --git a/README.md b/README.md index 0b0da48..55aa71a 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # RustPlusBot +[![codecov](https://codecov.io/gh/HandyS11/RustPlusBot/graph/badge.svg?token=jH6L7dDRrq)](https://codecov.io/gh/HandyS11/RustPlusBot) + A self-hosted Discord bot for the Rust+ companion app. ## Status