Update sonar_test.yml #23

Workflow file for this run

.github/workflows/sonar_test.yml at 5842150

	name: "Test-with-sonar"
	on: [push]
	permissions:
	id-token: write
	contents: read
	attestations: write
	jobs:
	test:
	runs-on: ubuntu-latest
	steps:
	# Checkout and install prerequisites
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup NodeJS
	uses: actions/setup-node@v4
	with:
	node-version: "20.x"

	- name: Install jfrog cli
	id: setup-cli
	uses: jfrog/setup-jfrog-cli@v4
	env:
	JF_URL: https://${{ vars.JF_URL }}
	JF_PROJECT: "carmit-prj-1"
	with:
	oidc-provider-name: jfrog-github-oidc
	- name: Generate .npmrc
	run: \|
	jfrog c show
	jf npm-config --global --repo-resolve=carmit-prj-1-npm-remote --repo-deploy=carmit-prj-1-npm-local

	# Check build URL
	- name: Check build URL
	uses: wei/curl@master
	with:
	args: -I ${JFROG_CLI_BUILD_URL}
	if: runner.os == 'Linux'

	# Install and run tests
	- name: Install
	run: jf npm i --project takoshop

	- name: Install SonarQube Scanner
	run: \|
	curl -sL -sSLo sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610.zip
	unzip sonar-scanner.zip
	export PATH=$PATH:$PWD/sonar-scanner-6.2.1.4610/bin
	pwd
	ls -l $PWD/sonar-scanner-6.2.1.4610/bin/
	echo "$PWD/sonar-scanner-6.2.1.4610/bin"

	#- name: Run SonarScanner
	# id: run-sonar-scanner
	# env:
	# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	# run: \|
	# $PWD/sonar-scanner-6.2.1.4610/bin/sonar-scanner \
	# -Dsonar.projectKey=setup-jfrog-cli \
	# -Dsonar.organization=my-evidence-test-org1 \
	# -Dsonar.host.url=https://sonarcloud.io \
	# -Dsonar.java.jdkHome=$JAVA_HOME \
	# -Dsonar.verbose=true \
	# -Dsonar.token=$SONAR_TOKEN
	#- name: get task id
	# run: \|
	# cat $PWD/.scannerwork/report-task.txt
	- name: publish to artifactory
	run: \|
	jf npm publish --project takoshop --registry https://${{ vars.JF_URL }}/artifactory/api/npm/carmit-prj-1-npm-local/
	- name: check file system
	run: \|
	echo "-------/home/runner/work/setup-jfrog-cli/---------"
	ls /home/runner/work/setup-jfrog-cli/
	echo "-------/home/runner/work/setup-jfrog-cli/setup-jfrog-cli/---------"
	ls /home/runner/work/setup-jfrog-cli/setup-jfrog-cli/

	- name: Authenticate Docker
	uses: docker/login-action@v3
	with:
	registry: ${{ vars.JF_URL }}
	username: ${{ steps.setup-cli.outputs.oidc-user }}
	password: ${{ steps.setup-cli.outputs.oidc-token }}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	platforms: linux/amd64,linux/arm64
	install: true

	- name: docker build through
	run: \|
	docker buildx ls
	jf docker --version
	jf docker build --tag ${{ vars.JF_URL }}/carmit-prj-1-carmit-docker-local/cli-docker:1.0.0 --platform linux/amd64 --metadata-file metadata.json --push .

	- name: get docker digest
	id: set_vars
	run: \|
	echo "----------------"
	cat metadata.json
	echo "----------------"
	digest=$(cat metadata.json \| jq '.["containerimage.digest"]')
	echo "digest=$digest"
	echo "docker_digest=$digest" \| tr -d '"' >> $GITHUB_OUTPUT

	- name: Generate docker attestation
	id: attest
	uses: actions/attest-build-provenance@v1
	with:
	subject-name: ${{ vars.JF_URL }}/carmit-prj-1-carmit-docker-local/cli-docker
	subject-digest: ${{ steps.set_vars.outputs.docker_digest }}
	push-to-registry: true

	- name: check attestation bundle
	run: \|
	echo "bundle-path=${{ steps.attest.outputs.bundle-path }} "
	echo "----------------"
	cat ${{ steps.attest.outputs.bundle-path }}
	echo "----------------"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update sonar_test.yml #23

Workflow file

Update sonar_test.yml #23

Uh oh!

Workflow file for this run