From c23dbf2346cef8cbf97189b93e80e658e3eea228 Mon Sep 17 00:00:00 2001 From: Antonio Aversa Date: Thu, 19 Dec 2024 19:18:46 +0100 Subject: [PATCH 1/4] SQCPPGHA-13 Use unified sonarqube-scan-action --- .github/workflows/build.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index faca96d..8be80d1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -15,9 +15,9 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Install sonar-scanner and build-wrapper - uses: sonarsource/sonarcloud-github-c-cpp@v3 - - name: Run build-wrapper + - name: Install Build Wrapper + uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v4 + - name: Run Build Wrapper run: | build-wrapper-macosx-x86 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} xcodebuild -project macos-xcode.xcodeproj -scheme macos-xcode - name: Run tests to generate coverage statistics @@ -27,12 +27,11 @@ jobs: - name: Collect coverage into one XML report run: | bash xccov-to-generic.sh build/Logs/Test/*.xcresult/ > generic-coverage.xml - - name: Run sonar-scanner + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v4 env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} # Put the name of your token here - run: | - sonar-scanner \ + with: + args: > --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" \ --define sonar.coverageReportPaths=generic-coverage.xml - From 20f393502f4d604cdbb530f046283cedecef7797 Mon Sep 17 00:00:00 2001 From: Antonio Aversa Date: Thu, 19 Dec 2024 19:23:44 +0100 Subject: [PATCH 2/4] Update README.adoc --- README.adoc | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/README.adoc b/README.adoc index 9e17838..98ae182 100644 --- a/README.adoc +++ b/README.adoc @@ -8,7 +8,7 @@ image:{img-build-status}[Build Status, link={uri-build-status}] image:{img-qg-status}[Quality Gate Status,link={uri-qg-status}] -*The test coverage shown here works on both SonarQube and SonarCloud. This project is analyzed on https://sonarcloud.io/dashboard?id=sonarsource-cfamily-examples_macos-xcode-coverage-gh-actions-sc[SonarCloud]!* +*The test coverage shown here works on both SonarQube Server and Cloud. This project is analyzed on https://sonarcloud.io/dashboard?id=sonarsource-cfamily-examples_macos-xcode-coverage-gh-actions-sc[SonarQube Cloud]!* :note-caption: :information_source: NOTE: This simple example aims at demonstrating code coverage in action. It explains how to add coverage on a project for which the analysis is already configured. Analysis configuration examples are available https://github.com/sonarsource-cfamily-examples?q=topic:xcode[here]. + @@ -20,20 +20,19 @@ After your build and before running `sonar-scanner`, proceed with the following . Run the test binaries with `-enableCodeCoverage YES` to count covered lines . Run link:xccov-to-generic.sh[xccov-to-generic.sh] on the `*.xcresult` files to produce a https://docs.sonarcloud.io/enriching/test-coverage/generic-test-data/[Generic Test Data] format that is compatible with SonarCloud and SonarQube . Point the `sonar.coverageReportPaths` property to the generated coverage-report file -. Run `sonar-scanner` as the final step +. Run the SonarQube scan using https://github.com/SonarSource/sonarqube-scan-action[the SonarSource/sonarqube-scan-action action] as final step You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:.github/workflows/build.yml[build.yml] to see it in practice. = Documentation - https://github.com/SonarSource/sonar-scanning-examples/blob/master/swift-coverage/swift-coverage-example/xccov-to-sonarqube-generic.sh[Script to create a Generic Test Data format from *.xcresult] -- https://docs.sonarcloud.io/advanced-setup/languages/c-c-objective-c/[Documentation overview of the C, C++ and Objective-C analyzer] -- https://docs.sonarcloud.io/getting-started/github/[Documentation of using SonarCloud with GitHub] -- https://docs.sonarcloud.io/advanced-setup/languages/c-family/prerequisites/#generating-a-compilation-database[Generating a compilation database (compile_commands.json)] -- https://docs.sonarsource.com/sonarcloud/advanced-setup/languages/c-family/running-the-analysis/[Running the analysis in Compilation Database mode] -- https://docs.sonarcloud.io/enriching/test-coverage/test-coverage-parameters/[Test coverage parameters] -- https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/github-actions-for-sonarcloud/[GitHub Action for C and C++ usage] - +- https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/languages/c-family/overview/[C/C++/Objective-C analysis overview] +- https://docs.sonarsource.com/sonarqube-cloud/getting-started/github/[Getting started with GitHub] +- https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/languages/c-family/prerequisites/#generating-a-compilation-database[Generating a compilation database] +- https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/languages/c-family/running-the-analysis/[Running the CFamily analysis] +- https://docs.sonarsource.com/sonarqube-cloud/enriching/test-coverage/test-coverage-parameters/[Test coverage parameters] +- https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/ci-based-analysis/github-actions-for-sonarcloud/[Analyze your repository with GitHub Actions] = Code Description From ca441497a6738f4cf48d4e4816632348504f1efa Mon Sep 17 00:00:00 2001 From: Antonio Aversa Date: Thu, 19 Dec 2024 19:29:09 +0100 Subject: [PATCH 3/4] Update build.yml --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8be80d1..1dc0d78 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,5 +33,5 @@ jobs: SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} # Put the name of your token here with: args: > - --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" \ + --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" --define sonar.coverageReportPaths=generic-coverage.xml From f3c20ed44039857229b2b9339578abbea6574fd5 Mon Sep 17 00:00:00 2001 From: Antonio Aversa Date: Thu, 19 Dec 2024 19:32:47 +0100 Subject: [PATCH 4/4] Update README.adoc --- README.adoc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.adoc b/README.adoc index 98ae182..85eae01 100644 --- a/README.adoc +++ b/README.adoc @@ -18,7 +18,7 @@ Adding code coverage is done the same way regardless of whether you use the Buil After your build and before running `sonar-scanner`, proceed with the following steps: . Run the test binaries with `-enableCodeCoverage YES` to count covered lines -. Run link:xccov-to-generic.sh[xccov-to-generic.sh] on the `*.xcresult` files to produce a https://docs.sonarcloud.io/enriching/test-coverage/generic-test-data/[Generic Test Data] format that is compatible with SonarCloud and SonarQube +. Run link:xccov-to-generic.sh[xccov-to-generic.sh] on the `*.xcresult` files to produce a https://docs.sonarcloud.io/enriching/test-coverage/generic-test-data/[Generic Test Data] format that is compatible with SonarQube Server and Cloud . Point the `sonar.coverageReportPaths` property to the generated coverage-report file . Run the SonarQube scan using https://github.com/SonarSource/sonarqube-scan-action[the SonarSource/sonarqube-scan-action action] as final step @@ -39,7 +39,7 @@ You can take a look at the link:sonar-project.properties[sonar-project.propertie An example of a flawed C++ code. The https://github.com/sonarsource-cfamily-examples/code[code repository] can be https://github.com/sonarsource-cfamily-examples/automatic-analysis-sc[analyzed automatically], but it can also be compiled with different build systems using different CI pipelines on Linux, macOS, and Windows. The https://github.com/sonarsource-cfamily-examples/code[code repository] is forked into other repositories in https://github.com/sonarsource-cfamily-examples[this collection] to add a specific build system, platform, and CI. -The downstream repositories are analyzed either with https://www.sonarqube.org/[SonarQube] or https://sonarcloud.io/[SonarCloud]. +The downstream repositories are analyzed either with https://www.sonarqube.org/[SonarQube Server] or https://sonarcloud.io/[SonarQube Cloud]. You can find examples for: @@ -66,8 +66,8 @@ Running on the following CI services: Configured for analysis on: -* https://github.com/sonarsource-cfamily-examples?q=-sq[SonarQube] -* https://github.com/sonarsource-cfamily-examples?q=-sc[SonarCloud] +* https://github.com/sonarsource-cfamily-examples?q=-sq[SonarQube Server] +* https://github.com/sonarsource-cfamily-examples?q=-sc[SonarQube Cloud] You can find also a few examples demonstrating: