From ee5dcac3fd79c43ff97e2b9b749d567293e7084a Mon Sep 17 00:00:00 2001 From: Denys Date: Sun, 8 Feb 2026 22:03:26 +0200 Subject: [PATCH 1/3] ci: add sonarqube --- .github/workflows/sonarcloud.yml | 67 ++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 .github/workflows/sonarcloud.yml diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml new file mode 100644 index 0000000..07701be --- /dev/null +++ b/.github/workflows/sonarcloud.yml @@ -0,0 +1,67 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This workflow helps you trigger a SonarCloud analysis of your code and populates +# GitHub Code Scanning alerts with the vulnerabilities found. +# Free for open source project. + +# 1. Login to SonarCloud.io using your GitHub account + +# 2. Import your project on SonarCloud +# * Add your GitHub organization first, then add your repository as a new project. +# * Please note that many languages are eligible for automatic analysis, +# which means that the analysis will start automatically without the need to set up GitHub Actions. +# * This behavior can be changed in Administration > Analysis Method. +# +# 3. Follow the SonarCloud in-product tutorial +# * a. Copy/paste the Project Key and the Organization Key into the args parameter below +# (You'll find this information in SonarCloud. Click on "Information" at the bottom left) +# +# * b. Generate a new token and add it to your Github repository's secrets using the name SONAR_TOKEN +# (On SonarCloud, click on your avatar on top-right > My account > Security +# or go directly to https://sonarcloud.io/account/security/) + +# Feel free to take a look at our documentation (https://docs.sonarcloud.io/getting-started/github/) +# or reach out to our community forum if you need some help (https://community.sonarsource.com/c/help/sc/9) + +name: SonarCloud analysis + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + workflow_dispatch: + +permissions: + pull-requests: read # allows SonarCloud to decorate PRs with analysis results + +jobs: + Analysis: + runs-on: ubuntu-latest + + steps: + - name: Analyze with SonarCloud + + # You can pin the exact commit or the version. + # uses: SonarSource/sonarcloud-github-action@v2.2.0 + uses: SonarSource/sonarcloud-github-action@4006f663ecaf1f8093e8e4abb9227f6041f52216 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret) + with: + # Additional arguments for the SonarScanner CLI + args: + # Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu) + # mandatory + -Dsonar.projectKey= + -Dsonar.organization= + # Comma-separated paths to directories containing main source files. + #-Dsonar.sources= # optional, default is project base directory + # Comma-separated paths to directories containing test source files. + #-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/ + # Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing. + #-Dsonar.verbose= # optional, default is false + # When you need the analysis to take place in a directory other than the one from which it was launched, default is . + projectBaseDir: . From 9e5b6d526cfd5eda14473e784edc57863d7f0e37 Mon Sep 17 00:00:00 2001 From: Denys Makeienko Date: Sun, 8 Feb 2026 22:10:19 +0200 Subject: [PATCH 2/3] ci: configure sonarqube --- .github/workflows/sonarcloud.yml | 34 ++++++++++++++++---------------- sonar-project.properties | 22 +++++++++++++++++++++ 2 files changed, 39 insertions(+), 17 deletions(-) create mode 100644 sonar-project.properties diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 07701be..0a54f50 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -43,25 +43,25 @@ jobs: runs-on: ubuntu-latest steps: - - name: Analyze with SonarCloud + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for better analysis + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + + - name: Run tests with coverage (optional) + run: | + go test -v -coverprofile=coverage.out ./... + continue-on-error: true - # You can pin the exact commit or the version. - # uses: SonarSource/sonarcloud-github-action@v2.2.0 - uses: SonarSource/sonarcloud-github-action@4006f663ecaf1f8093e8e4abb9227f6041f52216 + - name: Analyze with SonarCloud + uses: SonarSource/sonarcloud-github-action@v3.1.0 env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret) with: - # Additional arguments for the SonarScanner CLI - args: - # Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu) - # mandatory - -Dsonar.projectKey= - -Dsonar.organization= - # Comma-separated paths to directories containing main source files. - #-Dsonar.sources= # optional, default is project base directory - # Comma-separated paths to directories containing test source files. - #-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/ - # Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing. - #-Dsonar.verbose= # optional, default is false - # When you need the analysis to take place in a directory other than the one from which it was launched, default is . projectBaseDir: . diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..1870548 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,22 @@ +# SonarCloud configuration for Go project +sonar.projectKey=dmakeienko_adel +sonar.organization=dmakeienko + +# Project information +sonar.projectName=adel +sonar.projectVersion=1.0 + +# Source code location +sonar.sources=. +sonar.exclusions=**/*_test.go,**/vendor/**,**/.github/** + +# Test configuration +sonar.tests=. +sonar.test.inclusions=**/*_test.go + +# Coverage configuration +sonar.go.coverage.reportPaths=coverage.out + +# Go language settings +sonar.language=go +sonar.sourceEncoding=UTF-8 From 2c93613c7d45f0f9ae21b60f02ad7fa6bd311534 Mon Sep 17 00:00:00 2001 From: Denys Makeienko Date: Sun, 8 Feb 2026 22:54:10 +0200 Subject: [PATCH 3/3] docs: add badge --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2db13dc..33f9813 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Adel - Active Directory Engagement Layer +[![SonarQube Cloud](https://sonarcloud.io/images/project_badges/sonarcloud-light.svg)](https://sonarcloud.io/summary/new_code?id=dmakeienko_adel) + Active Directory Engagement Layer - A Go-based HTTPS server that provides REST API access to Active Directory using LDAP/LDAPS. ## Features