search

casbin / Casbin.NET

An authorization library that supports access control models like ACL, RBAC, ABAC in .NET (C#)
https://casbin.org
Apache License 2.0
1.14k stars 110 forks source link

Monitor with sonar cloud? #220

Closed Leonardo-Ferreira closed 2 years ago

Leonardo-Ferreira commented 2 years ago

Sonarcloud is free for open source projects. Let's use it!

casbin-bot commented 2 years ago

@sagilio @xcaptain @huazhikui

hsluoyz commented 2 years ago

@Leonardo-Ferreira hi, can you make a PR to integrate it?

Leonardo-Ferreira commented 2 years ago

@hsluoyz I could do the whole thing if you add me as member of the casbin org with rights to manage/add secrets... each repo would need its own build yml.

hsluoyz commented 2 years ago

@Leonardo-Ferreira invited, and I also added the secret:

image

But I'm not quite sure about how to add the yml file correctly. The following info is what I got from the Sonarcloud site. Can you help make it work (by making a PR)?

Create or update your .github/workflows/build.yml

Here is a base configuration to run a SonarCloud analysis on your master branch and Pull Requests. If you already have some GitHub Actions, you might want to just add some of these new steps to an existing one.

name: Build
on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, synchronize, reopened]
jobs:
  build:
    name: Build
    runs-on: windows-latest
    steps:
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 1.11
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Cache SonarCloud packages
        uses: actions/cache@v1
        with:
          path: ~\sonar\cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Cache SonarCloud scanner
        id: cache-sonar-scanner
        uses: actions/cache@v1
        with:
          path: .\.sonar\scanner
          key: ${{ runner.os }}-sonar-scanner
          restore-keys: ${{ runner.os }}-sonar-scanner
      - name: Install SonarCloud scanner
        if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
        shell: powershell
        run: |
          New-Item -Path .\.sonar\scanner -ItemType Directory
          dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        shell: powershell
        run: |
          .\.sonar\scanner\dotnet-sonarscanner begin /k:"casbin_Casbin.NET" /o:"casbin" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
          <insert_your_build_command>
          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"

Replace by the actual one.

Leonardo-Ferreira commented 2 years ago

image missing a permission here on sonarcloud

hsluoyz commented 2 years ago

Fixed by: https://github.com/casbin/Casbin.NET/pull/223