search

objectionary / eo

EOLANG, an Experimental Pure Object-Oriented Programming Language Based on 𝜑-calculus
https://www.eolang.org
MIT License
1.01k stars 127 forks source link

sonar CI workflow keeps failing #2251

Open yegor256 opened 1 year ago

yegor256 commented 1 year ago

https://github.com/objectionary/eo/actions/workflows/sonar.yml

Let's find out what is the reason and fix

yegor256 commented 1 year ago

@maxonfjvipon please, take a look

yegor256 commented 8 months ago

@maxonfjvipon

this is the recent one: https://sonarcloud.io/project/issues?resolved=false&types=BUG&sinceLeakPeriod=true&severities=BLOCKER%2CCRITICAL%2CMAJOR%2CMINOR&id=com.objectionary%3Aeo

this is the failure in CI: https://github.com/objectionary/eo/actions/runs/7721848475/job/21049050225

maybe we should add Sonar to pull request checks?

maxonfjvipon commented 7 months ago

@c71n93 can you take it?

c71n93 commented 7 months ago

@maxonfjvipon yeah, I can try.

c71n93 commented 7 months ago

That's the output of sonar analysis: Failed conditions 0.0% Coverage on New Code (required ≥ 80%) E Reliability Rating on New Code (required ≥ A)

Issues with reliability of code is just places in code that was identified by sonar as bug. They needs to be fixed or ignored. Issues with code coverage is sort of problem, it doesn't work properly. I created new project in sonar with my up to date fork of objectionary/eo for testing. I ran this locally:

$ mvn clean install -Pjacoco
$ mvn sonar:sonar -Dsonar.token=my-sonar-token

and there was the result: https://sonarcloud.io/summary/overall?id=c71n93_eo%3Aeo. Code coverage is correct here. I suppose, that coverage data is not collected in our CI, because jacoco is not launched here before sonar analysis. Sonar requires jacoco.xml to show code coverage analysis.

I was trying to test my ideas in #2874, by adding "on pull-request" check to sonar workflow. But it doesn't work, because it requires SONAR_TOKEN (https://github.com/objectionary/eo/actions/runs/7873343508/job/21480455544?pr=2874).

@yegor256 How can I properly enable "on pull-request" check for this workflow? I need it to debug sonar CI locally in my PR.

yegor256 commented 7 months ago

@c71n93 try this way: https://github.com/objectionary/eo/blob/master/.github/workflows/mvn.yml#L8-L11

c71n93 commented 7 months ago

@yegor256 In master branch CI token is provided by the 'SONAR_TOKEN' environment variable:

mvn --batch-mode -DskipTests -Dinvoker.skip verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.qualitygate.wait=true
  shell: /usr/bin/bash -e {0}
  env:
    JAVA_HOME: /opt/hostedtoolcache/Java_Zulu_jdk/20.0.2-9/x6[4](https://github.com/objectionary/eo/actions/runs/7887482792/job/21522819589#step:7:4)
    JAVA_HOME_20_X[6](https://github.com/objectionary/eo/actions/runs/7887482792/job/21522819589#step:7:6)4: /opt/hostedtoolcache/Java_Zulu_jdk/20.0.2-9/x64
    GITHUB_TOKEN: ***
    SONAR_TOKEN: ***

For some reasons in CI on PR the token is not provided.

mvn --batch-mode -DskipTests -Dinvoker.skip verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.qualitygate.wait=true
  shell: /usr/bin/bash -e {0}
  env:
    JAVA_HOME: /opt/hostedtoolcache/Java_Zulu_jdk/20.0.2-9/x6[4](https://github.com/objectionary/eo/actions/runs/7914383347/job/21604003667?pr=2874#step:7:4)
    JAVA_HOME_20_X[6](https://github.com/objectionary/eo/actions/runs/7914383347/job/21604003667?pr=2874#step:7:6)4: /opt/hostedtoolcache/Java_Zulu_jdk/20.0.2-9/x64
    GITHUB_TOKEN: ***
    SONAR_TOKEN:

I don't have access to this token, it is private.

@yegor256 Do you know how to make this token accessible from CI on PR? This token needs to see analysis results in SonarCloud.

c71n93 commented 7 months ago

@yegor256 It looks like secrets.SONAR_TOKEN is not accessible from CI on pull-request. I think this issue from stackoverflow is related to our issue.

c71n93 commented 7 months ago

@yegor256 So what about adding Sonar to PR checks? Do we need it now?

I need to add Sonar to PR checks here #2874 just to make sure if the test coverage in sonar will be fixed. Or we can just merge this changes. I'm 90% sure it will fix test coverage in sonar because I tried it on my fork of eo (https://github.com/objectionary/eo/issues/2251#issuecomment-1944132286).

yegor256 commented 7 months ago

@c71n93 I merged #2874

c71n93 commented 7 months ago

@yegor256 the coverage is working: https://sonarcloud.io/summary/new_code?id=com.objectionary%3Aeo. Now this 5 bugs need to be fixed.

But now CI in PRs will fail because I added Sonar to PR check. We have to remove this PR check or fix issue with sonar token.

yegor256 commented 7 months ago

@c71n93 let's fix these five bugs

c71n93 commented 7 months ago

@yegor256 Okay, I will check this bugs and create issues

c71n93 commented 7 months ago

Some useful materials about sharing secrets with workflows on PRs from forks: Stackoverflow (safe pull_request_target) Stackoverflow (using workflow_run event on PR)

0pdd commented 2 months ago

@yegor256 4 puzzles #3298, #3299, #3300, #3301 are still not solved.