From 6c32d6d21011739ff5580f4f74d46d45a22a1b9e Mon Sep 17 00:00:00 2001 From: Gonzalo Diaz Date: Wed, 20 Aug 2025 22:15:27 -0400 Subject: [PATCH 1/2] [CONFIG] [REFACTOR] [Github Actions] codecov and sonarcloud now runs in parallel. --- .github/workflows/python-coverage.yml | 56 ++++++++++++++++++++++----- Makefile | 3 ++ sonar-project.properties | 2 +- 3 files changed, 51 insertions(+), 10 deletions(-) diff --git a/.github/workflows/python-coverage.yml b/.github/workflows/python-coverage.yml index 016f660a..0326a811 100644 --- a/.github/workflows/python-coverage.yml +++ b/.github/workflows/python-coverage.yml @@ -47,23 +47,61 @@ jobs: run: | python3 -m coverage report - - name: Coverage lcov + - name: Coverage lcov (codecov) run: | python3 -m coverage lcov -o coverage/lcov.info - - name: Upload coverage reports to Codecov with GitHub Action + - name: Coverage xml (sonarcloud) + run: | + python3 -m coverage xml -o coverage/coverage.xml + + - name: Upload coverage artifact + uses: actions/upload-artifact@v4 + with: + name: coverage-report + path: coverage + + codecov: + name: Upload to Codecov + runs-on: ubuntu-24.04 + needs: coverage + + steps: + - name: Checkout repository + uses: actions/checkout@v5 + with: + fetch-depth: 0 + - name: Download coverage artifact + uses: actions/download-artifact@v5 + with: + name: coverage-report + path: coverage + + - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v5 with: - token: ${{ secrets.CODECOV_TOKEN }} # required - verbose: true # optional (default = false) + token: ${{ secrets.CODECOV_TOKEN }} + verbose: true - - name: Coverage XML - run: | - python3 -m coverage xml + sonarqube: + name: Analyze with SonarQube + runs-on: ubuntu-24.04 + needs: coverage + + steps: + - name: Checkout repository + uses: actions/checkout@v5 + with: + fetch-depth: 0 + + - name: Download coverage artifact + uses: actions/download-artifact@v5 + with: + name: coverage-report + path: coverage - - name: Analyze with SonarQube / SonarCloud + - name: SonarQube Scan uses: SonarSource/sonarqube-scan-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - # Needed to get PR information, if any GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Makefile b/Makefile index 666104b4..f897de88 100644 --- a/Makefile +++ b/Makefile @@ -139,6 +139,9 @@ test: env dependencies coverage: test ${RUNTIME_TOOL} -m coverage lcov -o coverage/lcov.info +coverage/xml: test + ${RUNTIME_TOOL} -m coverage xml -o coverage/coverage.xml + coverage/html: test ${RUNTIME_TOOL} -m coverage html open htmlcov/index.html diff --git a/sonar-project.properties b/sonar-project.properties index 10a5ac0a..f220da13 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -16,7 +16,7 @@ sonar.exclusions=**/*test.py,**/__init__.py sonar.python.version=3.12 # Coverage -sonar.python.coverage.reportPaths=coverage.xml +sonar.python.coverage.reportPaths=coverage/coverage.xml # Ignore sonar.issue.ignore.multicriteria=e1 From 8440d30fb93f4252ccd06a2c4b3cf20bd964106d Mon Sep 17 00:00:00 2001 From: Gonzalo Diaz Date: Wed, 20 Aug 2025 22:41:51 -0400 Subject: [PATCH 2/2] [CONFIG] [Github Actions] sonarcloud "security issues" fixed. --- .github/workflows/python-coverage.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/python-coverage.yml b/.github/workflows/python-coverage.yml index 0326a811..35fe04f2 100644 --- a/.github/workflows/python-coverage.yml +++ b/.github/workflows/python-coverage.yml @@ -78,7 +78,7 @@ jobs: path: coverage - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@3cb13a12348ef4ffcf9783ac0f74954f92113e33 with: token: ${{ secrets.CODECOV_TOKEN }} verbose: true @@ -101,7 +101,8 @@ jobs: path: coverage - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@master + # yamllint disable-line rule:line-length + uses: SonarSource/sonarqube-scan-action@8c71dc039c2dd71d3821e89a2b58ecc7fee6ced9 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}