admin/labFusion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: Update SonarQube project configuration for CI workflows
Some checks failed
Integration Tests / performance-tests (push) Has been cancelled
Details
Integration Tests / integration-tests (push) Has been cancelled
Details
Frontend (React) / test (16) (push) Failing after 1m37s
Details
Frontend (React) / test (20) (push) Failing after 1m28s
Details
Docker Build and Push / build-and-push (push) Failing after 37s
Details
Service Adapters (Python FastAPI) / test (3.1) (push) Failing after 20s
Details
API Docs (Node.js Express) / test (20) (push) Successful in 1m37s
Details
API Docs (Node.js Express) / test (16) (push) Successful in 1m40s
Details
Service Adapters (Python FastAPI) / test (3.11) (push) Failing after 24s
Details
API Docs (Node.js Express) / test (18) (push) Successful in 1m39s
Details
Frontend (React) / test (18) (push) Failing after 1m53s
Details
API Gateway (Java Spring Boot) / test (17) (push) Failing after 1m56s
Details
Frontend (React) / build (push) Has been skipped
Details
Service Adapters (Python FastAPI) / test (3.12) (push) Failing after 26s
Details
LabFusion CI/CD Pipeline / service-adapters (push) Failing after 23s
Details
LabFusion CI/CD Pipeline / api-gateway (push) Failing after 1m47s
Details
Service Adapters (Python FastAPI) / test (3.9) (push) Failing after 26s
Details
Service Adapters (Python FastAPI) / build (push) Has been skipped
Details
API Gateway (Java Spring Boot) / test (21) (push) Failing after 2m1s
Details
API Docs (Node.js Express) / build (push) Successful in 40s
Details
API Gateway (Java Spring Boot) / build (push) Has been skipped
Details
API Gateway (Java Spring Boot) / security (push) Has been skipped
Details
LabFusion CI/CD Pipeline / api-docs (push) Successful in 1m46s
Details
LabFusion CI/CD Pipeline / frontend (push) Failing after 1m57s
Details
Frontend (React) / lighthouse (push) Has been skipped
Details
LabFusion CI/CD Pipeline / integration-tests (push) Has been skipped
Details

Browse Source 
### Summary of Changes
- Changed SonarQube project keys and names for all services to follow a consistent naming convention.
- Replaced `sonar-scanner` with `@sonar/scan` in the frontend and other workflows for improved compatibility.
- Simplified SonarQube analysis commands by removing unnecessary parameters and ensuring each service reports to its dedicated project.

### Expected Results
- Enhanced clarity and maintainability of CI configurations.
- Improved isolation of quality metrics for each service in SonarQube.
- Streamlined integration process for better reporting and analysis.
This commit is contained in:
GSRN
2025-09-15 20:36:19 +02:00
parent db870538a0
commit b42125fb39
6 changed files with 120 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitea/workflows/api-docs.yml
View File

@@ -114,7 +114,8 @@ jobs:
sonar-scanner \ sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion -Dsonar.projectKey=labfusion-api-docs \
-Dsonar.projectName=LabFusion API Docs
- name: Test results summary - name: Test results summary
if: always() if: always()

33
.gitea/workflows/api-gateway.yml
View File

@@ -129,36 +129,11 @@ jobs:
if: env.TEST_REPORTS_EXIST == 'true' if: env.TEST_REPORTS_EXIST == 'true'
run: | run: |
echo "Sending test results to SonarQube..." echo "Sending test results to SonarQube..."
# Configure SonarQube properties ./mvnw clean verify sonar:sonar \
cat > sonar-project.properties << EOF -Dsonar.projectKey=labfusion-api-gateway \
sonar.projectKey=labFusion -Dsonar.projectName=LabFusion API Gateway \
sonar.projectName=LabFusion
sonar.projectVersion=1.0.0
sonar.modules=api-gateway
sonar.sources=src/main/java
sonar.tests=src/test/java
sonar.java.binaries=target/classes
sonar.java.test.binaries=target/test-classes
sonar.junit.reportPaths=target/surefire-reports
sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml
sonar.host.url=${{ secrets.SONAR_HOST_URL }}
sonar.login=${{ secrets.SONAR_TOKEN }}
EOF
# Run SonarQube analysis
./mvnw sonar:sonar \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.token=${{ secrets.SONAR_TOKEN }}
-Dsonar.projectKey=labFusion \
-Dsonar.projectName="LabFusion" \
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=api-gateway \
-Dsonar.sources=src/main/java \
-Dsonar.tests=src/test/java \
-Dsonar.java.binaries=target/classes \
-Dsonar.java.test.binaries=target/test-classes \
-Dsonar.junit.reportPaths=target/surefire-reports \
-Dsonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml
- name: Fail if no test reports found - name: Fail if no test reports found
if: env.TEST_REPORTS_EXIST == 'false' if: env.TEST_REPORTS_EXIST == 'false'

68
.gitea/workflows/ci.yml
View File

@@ -46,28 +46,14 @@ jobs:
maven- maven-
fail-on-cache-miss: false fail-on-cache-miss: false
- name: Run tests - name: Run tests and send to SonarQube
run: ./mvnw test
- name: Generate code coverage
run: ./mvnw jacoco:report
- name: Send results to SonarQube
run: | run: |
echo "Sending API Gateway results to SonarQube..." echo "Running tests and sending results to SonarQube..."
./mvnw sonar:sonar \ ./mvnw clean verify sonar:sonar \
-Dsonar.projectKey=labfusion-api-gateway \
-Dsonar.projectName=LabFusion API Gateway \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.token=${{ secrets.SONAR_TOKEN }}
-Dsonar.projectKey=labFusion \
-Dsonar.projectName="LabFusion" \
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=api-gateway \
-Dsonar.sources=src/main/java \
-Dsonar.tests=src/test/java \
-Dsonar.java.binaries=target/classes \
-Dsonar.java.test.binaries=target/test-classes \
-Dsonar.junit.reportPaths=target/surefire-reports \
-Dsonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml
- name: Run code quality checks - name: Run code quality checks
run: ./mvnw spotbugs:check checkstyle:check run: ./mvnw spotbugs:check checkstyle:check
@@ -130,20 +116,14 @@ jobs:
run: | run: |
echo "Sending Service Adapters results to SonarQube..." echo "Sending Service Adapters results to SonarQube..."
# Install SonarQube Scanner for Python # Install SonarQube Scanner for Python
pip install sonar-scanner pip install pysonar
# Run SonarQube analysis # Run SonarQube analysis
sonar-scanner \ pysonar \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ --sonar-host-url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ --sonar-token=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion \ --sonar-project-key=labfusion-service-adapters \
-Dsonar.projectName="LabFusion" \ --sonar-project-name=LabFusion Service Adapters
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=service-adapters \
-Dsonar.sources=. \
-Dsonar.tests=tests \
-Dsonar.python.coverage.reportPaths=coverage.xml \
-Dsonar.python.xunit.reportPath=tests/reports/junit.xml
- name: Build Docker image (test only) - name: Build Docker image (test only)
run: docker build -t service-adapters:test . run: docker build -t service-adapters:test .
@@ -198,20 +178,14 @@ jobs:
run: | run: |
echo "Sending API Docs results to SonarQube..." echo "Sending API Docs results to SonarQube..."
# Install SonarQube Scanner for Node.js # Install SonarQube Scanner for Node.js
npm install -g sonar-scanner npm install -g @sonar/scan
# Run SonarQube analysis # Run SonarQube analysis
sonar-scanner \ sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion \ -Dsonar.projectKey=labfusion-api-docs \
-Dsonar.projectName="LabFusion" \ -Dsonar.projectName=LabFusion API Docs
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=api-docs \
-Dsonar.sources=. \
-Dsonar.tests=__tests__ \
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info \
-Dsonar.testExecutionReportPaths=test-results.xml
- name: Build application - name: Build application
run: npm run build run: npm run build
@@ -269,20 +243,14 @@ jobs:
run: | run: |
echo "Sending Frontend results to SonarQube..." echo "Sending Frontend results to SonarQube..."
# Install SonarQube Scanner for Node.js # Install SonarQube Scanner for Node.js
npm install -g sonar-scanner npm install -g @sonar/scan
# Run SonarQube analysis # Run SonarQube analysis
sonar-scanner \ sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion \ -Dsonar.projectKey=labfusion-frontend \
-Dsonar.projectName="LabFusion" \ -Dsonar.projectName=LabFusion Frontend
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=frontend \
-Dsonar.sources=src \
-Dsonar.tests=src \
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info \
-Dsonar.testExecutionReportPaths=test-results.xml
- name: Build application - name: Build application
run: npm run build run: npm run build

12
.gitea/workflows/frontend.yml
View File

@@ -80,20 +80,14 @@ jobs:
run: | run: |
echo "Sending Frontend results to SonarQube..." echo "Sending Frontend results to SonarQube..."
# Install SonarQube Scanner for Node.js # Install SonarQube Scanner for Node.js
npm install -g sonar-scanner npm install -g @sonar/scan
# Run SonarQube analysis # Run SonarQube analysis
sonar-scanner \ sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion \ -Dsonar.projectKey=labfusion-frontend \
-Dsonar.projectName="LabFusion" \ -Dsonar.projectName=LabFusion Frontend
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=frontend \
-Dsonar.sources=src \
-Dsonar.tests=src \
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info \
-Dsonar.testExecutionReportPaths=test-results.xml
- name: Test results summary - name: Test results summary
if: always() if: always()

10
.gitea/workflows/service-adapters.yml
View File

@@ -98,14 +98,8 @@ jobs:
sonar-scanner \ sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \
-Dsonar.projectKey=labFusion \ -Dsonar.projectKey=labfusion-service-adapters \
-Dsonar.projectName="LabFusion" \ -Dsonar.projectName=LabFusion Service Adapters
-Dsonar.projectVersion=1.0.0 \
-Dsonar.modules=service-adapters \
-Dsonar.sources=. \
-Dsonar.tests=tests \
-Dsonar.python.coverage.reportPaths=coverage.xml \
-Dsonar.python.xunit.reportPath=tests/reports/junit.xml
- name: Test results summary - name: Test results summary

148
docs/SONARQUBE_INTEGRATION.md
View File

@@ -1,10 +1,10 @@
# SonarQube Integration for LabFusion # SonarQube Integration for LabFusion
This document explains how to configure SonarQube integration for all LabFusion services in a unified project. This document explains how to configure SonarQube integration for all LabFusion services using individual projects per service.
## Overview ## Overview
All LabFusion services (API Gateway, Service Adapters, API Docs, Frontend) now send test results, code coverage, and quality metrics directly to a single unified SonarQube project called "LabFusion" instead of using external test reporters. Each LabFusion service has its own dedicated SonarQube project, providing better isolation, clearer metrics per service, and easier maintenance. This approach allows for service-specific quality gates and more granular reporting.
## Required Configuration ## Required Configuration
@@ -17,10 +17,12 @@ You need to configure the following secrets in your Gitea repository:
### 2. SonarQube Project Setup ### 2. SonarQube Project Setup
1. **Create a unified project** in SonarQube: 1. **Create individual projects** in SonarQube for each service:
- Project Key: `labfusion` - **API Gateway**: `labfusion-api-gateway` - "LabFusion API Gateway"
- Project Name: `LabFusion` - **Service Adapters**: `labfusion-service-adapters` - "LabFusion Service Adapters"
- Main Branch: `main` - **API Docs**: `labfusion-api-docs` - "LabFusion API Docs"
- **Frontend**: `labfusion-frontend` - "LabFusion Frontend"
- Main Branch: `main` for all projects
2. **Generate an authentication token**: 2. **Generate an authentication token**:
- Go to User > My Account > Security - Go to User > My Account > Security
@@ -37,46 +39,57 @@ Configure quality gates in SonarQube to enforce:
## What Gets Sent to SonarQube ## What Gets Sent to SonarQube
### Unified LabFusion Project Structure ### Individual Service Projects
- **Project Key**: `labfusion`
- **Project Name**: `LabFusion`
- **Modules**:
- `api-gateway` (Java Spring Boot)
- `service-adapters` (Python FastAPI)
- `api-docs` (Node.js Express)
- `frontend` (React)
### Test Results #### API Gateway
- **API Gateway**: JUnit XML reports from `target/surefire-reports/` - **Project Key**: `labfusion-api-gateway`
- **Service Adapters**: pytest XML reports from `tests/reports/junit.xml` - **Project Name**: LabFusion API Gateway
- **API Docs**: Jest XML reports from `test-results.xml` - **Language**: Java Spring Boot
- **Frontend**: Jest XML reports from `test-results.xml` - **Test Reports**: JUnit XML from `target/surefire-reports/`
- **Coverage**: JaCoCo XML from `target/site/jacoco/jacoco.xml`
### Code Coverage #### Service Adapters
- **API Gateway**: JaCoCo XML report from `target/site/jacoco/jacoco.xml` - **Project Key**: `labfusion-service-adapters`
- **Service Adapters**: Coverage XML from `coverage.xml` - **Project Name**: LabFusion Service Adapters
- **API Docs**: LCOV report from `coverage/lcov.info` - **Language**: Python FastAPI
- **Frontend**: LCOV report from `coverage/lcov.info` - **Test Reports**: pytest XML from `tests/reports/junit.xml`
- **Coverage**: Coverage XML from `coverage.xml`
#### API Docs
- **Project Key**: `labfusion-api-docs`
- **Project Name**: LabFusion API Docs
- **Language**: Node.js Express
- **Test Reports**: Jest XML from `test-results.xml`
- **Coverage**: LCOV from `coverage/lcov.info`
#### Frontend
- **Project Key**: `labfusion-frontend`
- **Project Name**: LabFusion Frontend
- **Language**: React
- **Test Reports**: Jest XML from `test-results.xml`
- **Coverage**: LCOV from `coverage/lcov.info`
### Code Quality Metrics ### Code Quality Metrics
- **Source code analysis** results for all languages - **Source code analysis** results per service
- **Code smells** and issues across all services - **Code smells** and issues per service
- **Security vulnerabilities** detection - **Security vulnerabilities** detection per service
- **Maintainability ratings** per module - **Maintainability ratings** per service
- **Service-specific quality gates** and thresholds
## Pipeline Integration ## Pipeline Integration
### All Services Send to Unified Project ### Individual Service Projects
Each service workflow includes a SonarQube integration step: Each service workflow sends results to its own dedicated SonarQube project:
#### API Gateway (Java) #### API Gateway (Java)
```yaml ```yaml
- name: Send test results to SonarQube - name: Send test results to SonarQube
run: | run: |
./mvnw sonar:sonar \ ./mvnw clean verify sonar:sonar \
-Dsonar.projectKey=labfusion \ -Dsonar.projectKey=labfusion-api-gateway \
-Dsonar.modules=api-gateway \ -Dsonar.projectName=LabFusion API Gateway \
# ... other properties -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.token=${{ secrets.SONAR_TOKEN }}
``` ```
#### Service Adapters (Python) #### Service Adapters (Python)
@@ -84,19 +97,32 @@ Each service workflow includes a SonarQube integration step:
- name: Send results to SonarQube - name: Send results to SonarQube
run: | run: |
sonar-scanner \ sonar-scanner \
-Dsonar.projectKey=labfusion \ -Dsonar.projectKey=labfusion-service-adapters \
-Dsonar.modules=service-adapters \ -Dsonar.projectName=LabFusion Service Adapters \
# ... other properties -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
``` ```
#### API Docs & Frontend (Node.js) #### API Docs (Node.js)
```yaml ```yaml
- name: Send results to SonarQube - name: Send results to SonarQube
run: | run: |
sonar-scanner \ sonar-scanner \
-Dsonar.projectKey=labfusion \ -Dsonar.projectKey=labfusion-api-docs \
-Dsonar.modules=api-docs \ -Dsonar.projectName=LabFusion API Docs \
# ... other properties -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
```
#### Frontend (React)
```yaml
- name: Send results to SonarQube
run: |
sonar-scanner \
-Dsonar.projectKey=labfusion-frontend \
-Dsonar.projectName=LabFusion Frontend \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN }}
``` ```
## Maven Plugins Added ## Maven Plugins Added
@@ -164,27 +190,35 @@ sonar.testExecutionReportPaths=test-results.xml
## Benefits ## Benefits
### 1. Centralized Quality Management ### 1. Service Isolation
- All quality metrics in one place - Each service has its own quality metrics
- Historical trend analysis - Service-specific quality gates and thresholds
- Cross-project comparisons - Independent quality tracking per service
- Clear ownership and responsibility
### 2. Automated Quality Gates ### 2. Granular Reporting
- Pipeline fails if quality standards not met - Service-specific test coverage reports
- Enforces consistent code quality - Individual code smell identification
- Prevents regression in code quality - Per-service security vulnerability detection
- Service-level technical debt tracking
### 3. Detailed Reporting ### 3. Flexible Quality Gates
- Comprehensive test coverage reports - Different quality standards per service type
- Code smell identification - Language-specific quality rules
- Security vulnerability detection - Service-specific maintenance windows
- Technical debt tracking - Independent quality gate configurations
### 4. Integration Benefits ### 4. Better Organization
- Clear separation of concerns
- Easier to identify problematic services
- Service-specific team assignments
- Independent service evolution
### 5. Integration Benefits
- No external service dependencies - No external service dependencies
- Local data control - Local data control
- Customizable quality rules - Customizable quality rules per service
- Team collaboration features - Team collaboration features per service
## Troubleshooting ## Troubleshooting