From 3cc615d0c8c509fa2492bdb6ad417cd21d3b7860 Mon Sep 17 00:00:00 2001 From: Thomas GRUSON Date: Tue, 20 Jul 2021 16:05:47 +0200 Subject: [PATCH 1/2] chore: monorepo analysis (#468) --- .github/codeql/codeql-api-config.yml | 4 + .github/codeql/codeql-web-ui-config.yml | 4 + .github/workflows/build-api.yaml | 95 ++++++++++++++++------ .github/workflows/build-web-ui.yaml | 85 ++++++++++++++----- .github/workflows/quality.yaml | 87 -------------------- code/Makefile | 1 - code/api/api/pom.xml | 1 + code/api/database/pom.xml | 1 + code/api/generated-cucumber-report/pom.xml | 1 + code/api/jacoco-aggregation/pom.xml | 1 + code/api/lib/pom.xml | 1 + code/api/pom.xml | 3 + code/sonar-project.properties | 24 ------ code/web-ui/sonar-project.properties | 9 ++ 14 files changed, 157 insertions(+), 160 deletions(-) create mode 100644 .github/codeql/codeql-api-config.yml create mode 100644 .github/codeql/codeql-web-ui-config.yml delete mode 100644 .github/workflows/quality.yaml delete mode 100644 code/sonar-project.properties create mode 100644 code/web-ui/sonar-project.properties diff --git a/.github/codeql/codeql-api-config.yml b/.github/codeql/codeql-api-config.yml new file mode 100644 index 000000000..c425bc431 --- /dev/null +++ b/.github/codeql/codeql-api-config.yml @@ -0,0 +1,4 @@ +name: "CodeQL api config" + +paths: + - code/api diff --git a/.github/codeql/codeql-web-ui-config.yml b/.github/codeql/codeql-web-ui-config.yml new file mode 100644 index 000000000..030408857 --- /dev/null +++ b/.github/codeql/codeql-web-ui-config.yml @@ -0,0 +1,4 @@ +name: "CodeQL web-ui config" + +paths: + - code/web-ui diff --git a/.github/workflows/build-api.yaml b/.github/workflows/build-api.yaml index 0fb2fef52..7795c0ec9 100644 --- a/.github/workflows/build-api.yaml +++ b/.github/workflows/build-api.yaml @@ -5,8 +5,20 @@ on: branches: - 'main' pull_request: + types: [opened, synchronize, reopened] branches: - main + schedule: + # ┌───────────── minute (0 - 59) + # │ ┌───────────── hour (0 - 23) + # │ │ ┌───────────── day of the month (1 - 31) + # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) + # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) + # │ │ │ │ │ + # │ │ │ │ │ + # │ │ │ │ │ + # * * * * * + - cron: '30 1 * * 0' jobs: code_api_change: @@ -22,48 +34,68 @@ jobs: github_token: ${{ github.token }} paths: '["code/api/**"]' cancel_others: 'true' - do_not_skip: '["push", "workflow_dispatch"]' - docker_image: - runs-on: ubuntu-latest - outputs: - should_skip: ${{ steps.skip_check.outputs.should_skip }} - steps: - - name: Checkout - uses: actions/checkout@v2 - - name: Install xmllint - run: sudo apt-get install libxml2-utils - - id: skip_check - run: | - if [[ $GITHUB_REF == refs/pull/* ]]; then - API_EXISTS=false - else - pushd code - API_EXISTS=$(make -s check-api-image) - popd - fi - echo ::set-output name=should_skip::${API_EXISTS} + do_not_skip: '["push", "workflow_dispatch", "schedule"]' build-api: needs: - code_api_change - - docker_image - if: ${{ needs.code_api_change.outputs.should_skip != 'true' && needs.docker_image.outputs.should_skip != 'true' }} + if: ${{ needs.code_api_change.outputs.should_skip != 'true' }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - - - name: Install xmllint - run: sudo apt-get install libxml2-utils + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up JDK uses: actions/setup-java@v2.1.0 with: distribution: 'adopt' java-version: '16' + - + name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + lanquages: java + config-file: ./.github/codeql/codeql-api-config.yml + - + name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - + name: Cache Maven packages + uses: actions/cache@v1 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - + name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -f code/api -B clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + - + name: Install xmllint + run: sudo apt-get install libxml2-utils + - + id: skip_check + run: | + if [[ $GITHUB_REF == refs/pull/* ]]; then + API_EXISTS=false + else + pushd code + API_EXISTS=$(make -s check-api-image) + popd + fi + echo ::set-output name=docker_skip::${API_EXISTS} - name: Prepare id: prep + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} run: | PUSH=FALSE if [[ $GITHUB_REF == refs/heads/* ]]; then @@ -84,19 +116,28 @@ jobs: echo ::set-output name=suffix::${SUFFIX} - name: Set up QEMU + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} uses: docker/setup-buildx-action@v1 - name: Login to DockerHub - if: ${{ steps.prep.outputs.push == 'true' }} + if: ${{ steps.skip_check.outputs.docker_skip != 'true' && steps.prep.outputs.push == 'true' }} uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} run: | - cd code + pushd code make build-api SUFFIX=${{ steps.prep.outputs.suffix }} PUBLISH=${{ steps.prep.outputs.push }} + popd + - + name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 + with: + category: "ara_api" diff --git a/.github/workflows/build-web-ui.yaml b/.github/workflows/build-web-ui.yaml index 89afea858..ad0ef67fd 100644 --- a/.github/workflows/build-web-ui.yaml +++ b/.github/workflows/build-web-ui.yaml @@ -5,8 +5,20 @@ on: branches: - 'main' pull_request: + types: [opened, synchronize, reopened] branches: - main + schedule: + # ┌───────────── minute (0 - 59) + # │ ┌───────────── hour (0 - 23) + # │ │ ┌───────────── day of the month (1 - 31) + # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) + # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) + # │ │ │ │ │ + # │ │ │ │ │ + # │ │ │ │ │ + # * * * * * + - cron: '30 1 * * 0' jobs: code_web_ui_change: @@ -22,15 +34,44 @@ jobs: github_token: ${{ github.token }} paths: '["code/web-ui/**"]' cancel_others: 'true' - do_not_skip: '["push", "workflow_dispatch"]' - docker_image: + do_not_skip: '["push", "workflow_dispatch", "schedule"]' + build-web-ui: + needs: + - code_web_ui_change + if: ${{ needs.code_web_ui_change.outputs.should_skip != 'true' }} runs-on: ubuntu-latest - outputs: - should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@v2 - - id: skip_check + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - + name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: javascript + config-file: ./.github/codeql/codeql-web-ui-config.yml + - + name: Get project version + id: getVersion + run: | + pushd code + PROJECT_VERSION=$(make -s get-web-ui-version) + popd + echo ::set-output name=projectVersion::${PROJECT_VERSION} + - + name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: code/web-ui + args: > + -Dsonar.projectVersion=${{ steps.getVersion.outputs.projectVersion }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - + id: skip_check run: | if [[ $GITHUB_REF == refs/pull/* ]]; then WEB_UI_EXISTS=false @@ -39,19 +80,11 @@ jobs: WEB_UI_EXISTS=$(make -s check-web-ui-image) popd fi - echo ::set-output name=should_skip::${WEB_UI_EXISTS} - build-web-ui: - needs: - - code_web_ui_change - - docker_image - if: ${{ needs.code_web_ui_change.outputs.should_skip != 'true' && needs.docker_image.outputs.should_skip != 'true' }} - runs-on: ubuntu-latest - steps: - - - name: Checkout - uses: actions/checkout@v2 - - name: Prepare + echo ::set-output name=docker_skip::${WEB_UI_EXISTS} + - + name: Prepare id: prep + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} run: | PUSH=FALSE if [[ $GITHUB_REF == refs/heads/* ]]; then @@ -72,18 +105,28 @@ jobs: echo ::set-output name=suffix::${SUFFIX} - name: Set up QEMU + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} uses: docker/setup-buildx-action@v1 - name: Login to DockerHub - if: ${{ steps.prep.outputs.push == 'true' }} + if: ${{ steps.skip_check.outputs.docker_skip != 'true' && steps.prep.outputs.push == 'true' }} uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Build and push + - + name: Build and push + if: ${{ steps.skip_check.outputs.docker_skip != 'true' }} run: | - cd code + pushd code make build-web-ui SUFFIX=${{ steps.prep.outputs.suffix }} PUBLISH=${{ steps.prep.outputs.push }} + popd + - + name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 + with: + category: "ara_web-ui" diff --git a/.github/workflows/quality.yaml b/.github/workflows/quality.yaml deleted file mode 100644 index 588b3315e..000000000 --- a/.github/workflows/quality.yaml +++ /dev/null @@ -1,87 +0,0 @@ -name: Quality analysis -on: - push: - branches: - - main - pull_request: - types: [opened, synchronize, reopened] - branches: - - main - schedule: - # ┌───────────── minute (0 - 59) - # │ ┌───────────── hour (0 - 23) - # │ │ ┌───────────── day of the month (1 - 31) - # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) - # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) - # │ │ │ │ │ - # │ │ │ │ │ - # │ │ │ │ │ - # * * * * * - - cron: '30 1 * * 0' -jobs: - code_change: - # continue-on-error: true # Uncomment once integration is finished - runs-on: ubuntu-latest - # Map a step output to a job output - outputs: - should_skip: ${{ steps.skip_check.outputs.should_skip }} - steps: - - id: skip_check - uses: fkirc/skip-duplicate-actions@v3.4.0 - with: - github_token: ${{ github.token }} - paths: '["code/**"]' - cancel_others: 'true' - do_not_skip: '["push", "workflow_dispatch", "schedule"]' - sonar: - name: SonarCloud Analysis - needs: code_change - if: ${{ needs.code_change.outputs.should_skip != 'true' && github.event_name != 'schedule' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK - uses: actions/setup-java@v2.1.0 - with: - distribution: 'adopt' - java-version: '16' - - name: Build api - run: mvn -B -f code/api/pom.xml clean install dependency:copy-dependencies - - name: Install xmllint - run: sudo apt-get install libxml2-utils - - name: Get project version - id: getVersion - run: | - pushd code - API_VERSION=$(make -s get-api-version) - WEB_UI_VERSION=$(make -s get-web-ui-version) - popd - PROJECT_VERSION="${API_VERSION}-${WEB_UI_VERSION}" - echo ::set-output name=projectVersion::${PROJECT_VERSION} - - name: Setup sonar-scanner - uses: warchant/setup-sonar-scanner@v3 - - name: Perform SonarCloud Analysis - run: sonar-scanner -Dsonar.projectBaseDir=code -Dsonar.projectVersion=${{ steps.getVersion.outputs.projectVersion }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - codeQL: - name: CodeQL Analysis - needs: code_change - if: ${{ needs.code_change.outputs.should_skip != 'true' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Set up JDK - uses: actions/setup-java@v2.1.0 - with: - distribution: 'adopt' - java-version: '16' - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - - name: Build api - run: mvn -B -f code/api/pom.xml clean install - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 diff --git a/code/Makefile b/code/Makefile index 37565613e..6822a6b4c 100644 --- a/code/Makefile +++ b/code/Makefile @@ -60,7 +60,6 @@ build-web-ui: ## Build ara-web-ui build-api: ## Build ara-api @echo '-- Build API image --' @$(eval FULL_IMAGE = $(API_IMAGE):$(API_VERSION)) - $(MAKE) -C api mvn-install $(MAKE) -C api mvn-build-image FULL_IMAGE=$(FULL_IMAGE) @./tools/docker-tags-version.sh "$(API_IMAGE)" "$(API_VERSION)" "$(PUBLISH)" diff --git a/code/api/api/pom.xml b/code/api/api/pom.xml index 0464daad6..536a57388 100644 --- a/code/api/api/pom.xml +++ b/code/api/api/pom.xml @@ -47,6 +47,7 @@ initialize verify generate-sources + ${project.artifactId} diff --git a/code/api/database/pom.xml b/code/api/database/pom.xml index 8492c288b..1f488283e 100644 --- a/code/api/database/pom.xml +++ b/code/api/database/pom.xml @@ -43,6 +43,7 @@ src/main/resources/liquibase-XX.properties generate-sources + ${project.artifactId} diff --git a/code/api/generated-cucumber-report/pom.xml b/code/api/generated-cucumber-report/pom.xml index 0335dd8f1..e3cf2a188 100644 --- a/code/api/generated-cucumber-report/pom.xml +++ b/code/api/generated-cucumber-report/pom.xml @@ -39,6 +39,7 @@ 14 UTF-8 1.2.4 + ${project.artifactId} diff --git a/code/api/jacoco-aggregation/pom.xml b/code/api/jacoco-aggregation/pom.xml index c88031a6d..51d0dd115 100644 --- a/code/api/jacoco-aggregation/pom.xml +++ b/code/api/jacoco-aggregation/pom.xml @@ -16,6 +16,7 @@ verify + ${project.artifactId} diff --git a/code/api/lib/pom.xml b/code/api/lib/pom.xml index b957b5ff9..2946fd108 100644 --- a/code/api/lib/pom.xml +++ b/code/api/lib/pom.xml @@ -37,6 +37,7 @@ initialize verify generate-sources + ${project.artifactId} ARA Libraries diff --git a/code/api/pom.xml b/code/api/pom.xml index eca9b1da4..07f3cfd17 100644 --- a/code/api/pom.xml +++ b/code/api/pom.xml @@ -37,6 +37,9 @@ + decathlon_ara_api + decathlon + https://sonarcloud.io ${project.basedir}/jacoco-aggregation/target/site/jacoco-aggregate/jacoco.xml diff --git a/code/sonar-project.properties b/code/sonar-project.properties deleted file mode 100644 index a3a33375f..000000000 --- a/code/sonar-project.properties +++ /dev/null @@ -1,24 +0,0 @@ -sonar.organization=decathlon -sonar.projectKey=Decathlon_ara -sonar.host.url=https://sonarcloud.io -sonar.modules=api,web-ui -sonar.sourceEncoding=UTF-8 - -# JAVA -api.sonar.projectName=ARA API -api.sonar.sources=. -api.sonar.exclusions=src/main/resources/custom-authentication.yaml,**src/test/** -api.sonar.language=java -api.sonar.java.source=14 -api.sonar.java.binaries=**target/classes -api.sonar.java.test.binaries=**target/test-classes -api.sonar.java.libraries=**target/dependency/*.jar -#api.sonar.java.libraries=**target/**/*.jar -api.sonar.coverage.jacoco.xmlReportPaths=jacoco-aggregation/target/site/jacoco-aggregate/jacoco.xml -api.sonar.coverage.exclusions=**src/test/** - -# NODE -web-ui.sonar.projectName=ARA WEB-UI -web-ui.sonar.sources=. -web-ui.sonar.exclusions=node_modules -web-ui.sonar.language=js diff --git a/code/web-ui/sonar-project.properties b/code/web-ui/sonar-project.properties new file mode 100644 index 000000000..b2eef8117 --- /dev/null +++ b/code/web-ui/sonar-project.properties @@ -0,0 +1,9 @@ +sonar.organization=decathlon +sonar.projectKey=decathlon_ara_web-ui +sonar.host.url=https://sonarcloud.io + +# Path is relative to the sonar-project.properties file. Defaults to . +sonar.sources=src + +# paths or files to exclude for the analysis +sonar.exclusions=node_modules From 634ff1b5719385b9007bbc4a858717ae3284baf9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Jul 2021 14:08:27 +0000 Subject: [PATCH 2/2] chore(deps-dev): bump babel-eslint from 9.0.0 to 10.1.0 in /code/web-ui Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 9.0.0 to 10.1.0. - [Release notes](https://github.com/babel/babel-eslint/releases) - [Commits](https://github.com/babel/babel-eslint/compare/v9.0.0...v10.1.0) --- updated-dependencies: - dependency-name: babel-eslint dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- code/web-ui/package-lock.json | 26 ++++++++------------------ code/web-ui/package.json | 2 +- 2 files changed, 9 insertions(+), 19 deletions(-) diff --git a/code/web-ui/package-lock.json b/code/web-ui/package-lock.json index d936f553d..d275a5cba 100644 --- a/code/web-ui/package-lock.json +++ b/code/web-ui/package-lock.json @@ -2753,17 +2753,17 @@ } }, "babel-eslint": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/babel-eslint/-/babel-eslint-9.0.0.tgz", - "integrity": "sha512-itv1MwE3TMbY0QtNfeL7wzak1mV47Uy+n6HtSOO4Xd7rvmO+tsGQSgyOEEgo6Y2vHZKZphaoelNeSVj4vkLA1g==", + "version": "10.1.0", + "resolved": "https://registry.npmjs.org/babel-eslint/-/babel-eslint-10.1.0.tgz", + "integrity": "sha512-ifWaTHQ0ce+448CYop8AdrQiBsGrnC+bMgfyKFdi6EsPLTAWG+QfyDeM6OH+FmWnKvEq5NnBMLvlBUPKQZoDSg==", "dev": true, "requires": { "@babel/code-frame": "^7.0.0", - "@babel/parser": "^7.0.0", - "@babel/traverse": "^7.0.0", - "@babel/types": "^7.0.0", - "eslint-scope": "3.7.1", - "eslint-visitor-keys": "^1.0.0" + "@babel/parser": "^7.7.0", + "@babel/traverse": "^7.7.0", + "@babel/types": "^7.7.0", + "eslint-visitor-keys": "^1.0.0", + "resolve": "^1.12.0" } }, "babel-generator": { @@ -6862,16 +6862,6 @@ "integrity": "sha512-ZL7+QRixjTR6/528YNGyDotyffm5OQst/sGxKDwGb9Uqs4In5Egi4+jbobhqJoyoCM6/7v/1A5fhQ7ScMtDjaQ==", "dev": true }, - "eslint-scope": { - "version": "3.7.1", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-3.7.1.tgz", - "integrity": "sha1-PWPD7f2gLgbgGkUq2IyqzHzctug=", - "dev": true, - "requires": { - "esrecurse": "^4.1.0", - "estraverse": "^4.1.1" - } - }, "eslint-utils": { "version": "1.4.3", "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-1.4.3.tgz", diff --git a/code/web-ui/package.json b/code/web-ui/package.json index 15e4aa76f..8f0cf583d 100644 --- a/code/web-ui/package.json +++ b/code/web-ui/package.json @@ -48,7 +48,7 @@ "@babel/register": "^7.0.0", "@babel/runtime": "^7.0.0", "autoprefixer": "^7.1.2", - "babel-eslint": "^9.0.0", + "babel-eslint": "^10.1.0", "babel-loader": "^8.0.6", "babel-plugin-istanbul": "^5.0.0", "chai": "^3.5.0",