PFM-ISSUE-31185 - Implement Main Branch Scanning with Manual Trigger (#112)

senthanal · web-flow · commit b06446b262b8 · 2025-11-13T09:10:37.000+01:00
changelog: Frontend-Core: [PFM-ISSUE-31185] Functionality: Implement Main Branch Scanning with Manual Trigger [PR github-actions#112]
diff --git a/.github/workflows/fe-sonar.yml b/.github/workflows/fe-sonar.yml
@@ -0,0 +1,116 @@
+name: Frontend SonarQube Scan
+# Only run the workflow for master/main and release branches
+
+on:
+  workflow_call:
+    secrets:
+      SONAR_CLOUD_TOKEN:
+        required: true
+        description: "SonarCloud authentication token"
+    inputs:
+      SONAR_CLOUD_ORG:
+        required: false
+        description: "SonarCloud organization key, e.g., 'my-org'"
+        type: string
+        default: "collaborationfactory"
+      SONAR_PROPERTIES:
+        required: false
+        description: "Additional sonar-project.properties content"
+        type: string
+        default: ""
+
+jobs:
+  sonarqube-scan:
+    name: SonarQube Code Quality Scan
+    runs-on: ubuntu-latest
+    # Only run the workflow for master/main and release branches
+    if: github.ref_name == 'master' || github.ref_name == 'main' || startsWith(github.ref_name, 'release/')
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0  # Full history for SonarQube analysis
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version-file: .nvmrc
+
+      - name: Cache Node Modules
+        id: npm-cache
+        uses: actions/cache@v4
+        with:
+          path: '**/node_modules'
+          key: ${{ runner.os }}-modules-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Install dependencies
+        if: steps.npm-cache.outputs.cache-hit != 'true'
+        run: npm ci
+
+      - name: Run Formatter Check
+        run: npx nx format:check
+
+      - name: Run Linter
+        run: npx nx run-many --target=lint --all --parallel --configuration=dev
+
+      - name: Run Unit Tests with Coverage
+        run: npx nx run-many --target=test --all --parallel --coverage --codeCoverage=true --coverageReporters=lcov --coverageReporters=html
+        continue-on-error: false
+
+      - name: Check for LCOV files
+        id: check-lcov
+        run: |
+          if find ./coverage -name "lcov*.info" -type f 2>/dev/null | grep -q .; then
+            echo "lcov_exists=true" >> $GITHUB_OUTPUT
+            echo "LCOV files found"
+          else
+            echo "lcov_exists=false" >> $GITHUB_OUTPUT
+            echo "No LCOV files found, will proceed without coverage"
+          fi
+
+      - name: Merge coverage reports
+        if: steps.check-lcov.outputs.lcov_exists == 'true'
+        run: |
+          echo "=== Finding all LCOV files ==="
+          find ./coverage -name "lcov*.info" -type f
+          echo ""
+          echo "=== Merging coverage files ==="
+          npx lcov-result-merger "coverage/**/lcov*.info" coverage/lcov.info
+          echo ""
+          echo "=== Merge completed ==="
+          ls -lh ./coverage/lcov.info || echo "Merge failed or no output file"
+
+      - name: Normalize LCOV paths
+        if: steps.check-lcov.outputs.lcov_exists == 'true'
+        run: |
+          if [ -f "./coverage/lcov.info" ]; then
+            sed -i 's|\\|/|g' ./coverage/lcov.info
+            echo "Normalized LCOV paths to Unix format"
+          else
+            echo "Warning: coverage/lcov.info not found"
+          fi
+
+      - name: Write sonar-project.properties
+        run: |
+          echo "sonar.host.url=https://sonarcloud.io" > sonar-project.properties
+          echo "sonar.organization=${{ inputs.SONAR_CLOUD_ORG || 'collaborationfactory' }}" >> sonar-project.properties
+          echo "sonar.projectKey=collaborationFactory_${{ github.event.repository.name }}" >> sonar-project.properties
+          echo "sonar.test.inclusions=**/*.spec.ts,**/*.test.ts,**/*.spec.tsx,**/*.test.tsx" >> sonar-project.properties
+          echo "sonar.branch.name=${{ github.ref_name }}" >> sonar-project.properties
+          echo "sonar.projectVersion=${{ github.ref_name }}" >> sonar-project.properties
+          echo "sonar.qualitygate.wait=true" >> sonar-project.properties
+          if [ -f "./coverage/lcov.info" ]; then
+            echo "sonar.javascript.lcov.reportPaths=./coverage/lcov.info" >> sonar-project.properties
+          fi
+          if [ -n "${{ inputs.SONAR_PROPERTIES }}" ]; then
+            echo "${{ inputs.SONAR_PROPERTIES }}" >> sonar-project.properties
+          fi
+          echo "=== SonarQube Configuration ==="
+          cat sonar-project.properties
+
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@v6
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_TOKEN }}
