feat: add support for SonarQube

.gitea/workflows/publish.yml

@@ -1,134 +0,0 @@
-name: Publish
-
-concurrency:
-  cancel-in-progress: false
-  group: publish-${{ github.ref_name }}
-
-env:
-  ACT_OWNER: ${{ github.repository_owner }}
-  ACT_REPOSITORY: ${{ github.repository }}
-  CGO_ENABLED: 0
-  # Default comma-separated list of projects to build+publish. Can be overridden
-  # when manually dispatching the workflow via the `projects` input.
-  PUBLISH_PROJECTS: 'reviews-stars'
-
-on:
-  push:
-    tags:
-      - 'v*.*.*'
-  workflow_dispatch:
-    inputs:
-      projects:
-        description: 'Comma-separated list of Nx projects to build and publish'
-        required: false
-        default: 'reviews-stars'
-      version:
-        description: 'Semantic version to publish (e.g. 1.2.3). If omitted for tag runs, the tag name is used.'
-        required: false
-      npm_tag:
-        description: 'NPM dist-tag to use (overrides automatic selection). default: auto (latest for release, next for prerelease)'
-        required: false
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    outputs:
-      projects: ${{ steps.set-projects.outputs.projects }}
-    env:
-      PUBLISH_PROJECTS: ${{ github.event.inputs.projects || env.PUBLISH_PROJECTS }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - run: git fetch --force --tags
-      - name: Set up Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: 22
-      - name: Install dependencies
-        run: npm ci --legacy-peer-deps
-      - name: Build projects
-        run: |
-          echo "Projects to build: $PUBLISH_PROJECTS"
-          npx nx run-many --target=build --projects="$PUBLISH_PROJECTS"
-      - name: Upload dist artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: dist
-          path: dist
-      - name: Set projects output (JSON array)
-        id: set-projects
-        run: |
-          # Convert comma-separated list into JSON array
-          IFS=',' read -ra PROJS <<< "$PUBLISH_PROJECTS"
-          json='['
-          first=true
-          for p in "${PROJS[@]}"; do
-            p_trimmed=$(echo "$p" | xargs)
-            if [ "$first" = true ]; then
-              json+="\"$p_trimmed\""
-              first=false
-            else
-              json+=",\"$p_trimmed\""
-            fi
-          done
-          json+=']'
-          echo "projects=$json" >> "$GITHUB_OUTPUT"
-
-  publish:
-    runs-on: ubuntu-latest
-    needs: build
-    strategy:
-      fail-fast: false
-      matrix:
-        project: ${{ fromJson(needs.build.outputs.projects) }}
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Download dist artifact
-        uses: actions/download-artifact@v4
-        with:
-          name: dist
-          path: ./
-      - name: Set up Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: 22
-      - name: Determine version and npm tag
-        id: set-version
-        run: |
-          set -euo pipefail
-          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
-            if [ -n "${{ github.event.inputs.version }}" ]; then
-              VERSION="${{ github.event.inputs.version }}"
-            else
-              echo "No version provided for manual dispatch. Exiting." >&2
-              exit 1
-            fi
-          else
-            VERSION="${GITHUB_REF_NAME#v}"
-          fi
-          if [ -n "${{ github.event.inputs.npm_tag }}" ]; then
-            NPM_TAG="${{ github.event.inputs.npm_tag }}"
-          else
-            if echo "$VERSION" | grep -q "-"; then
-              NPM_TAG="next"
-            else
-              NPM_TAG="latest"
-            fi
-          fi
-          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
-          echo "npm_tag=$NPM_TAG" >> "$GITHUB_OUTPUT"
-      - name: Configure npm auth
-        run: |
-          echo "//registry.npmjs.org/:_authToken=${NODE_AUTH_TOKEN}" > ~/.npmrc
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-      - name: Publish project
-        run: |
-          echo "Publishing ${{ matrix.project }} with version ${VERSION} and tag ${NPM_TAG}"
-          node tools/scripts/publish.mjs "${{ matrix.project }}" "${VERSION}" "${NPM_TAG}"
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitea/workflows/test-pr.yml

@@ -1,37 +0,0 @@
-name: Release
-
-concurrency:
-  cancel-in-progress: true
-  group: test-pr-${{ github.event.pull_request.number }}
-
-env:
-  ACT_OWNER: ${{ github.repository_owner }}
-  ACT_REPOSITORY: ${{ github.repository }}
-  CGO_ENABLED: 0
-  
-on:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-      - reopened
-      - edited
-
-jobs:
-  build_test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - run: git fetch --force --tags
-      - name: Set up Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: 22
-      - name: Install dependencies
-        run: npm ci --legacy-peer-deps
-      - name: Build libraries
-        run: npx nx run-many -t build --projects="reviews-stars"
-      - name: Run tests
-        run: npx nx run-many -t test --code-coverage --passWithNoTests --projects="reviews-stars"

.woodpecker/publish.yml

@@ -45,7 +45,32 @@ steps:
       - npx nx run-many --target=build --projects="$PROJECTS"
 
   # -------------------------------------------------------------------------
-  # 3. Determine the version and npm dist-tag, then publish every project.
+  # 3. Run tests and collect coverage for SonarQube
+  # -------------------------------------------------------------------------
+  - name: test
+    image: *node_image
+    environment:
+      PUBLISH_PROJECTS: *default_projects
+    commands:
+      - PROJECTS="${PUBLISH_PROJECTS:-reviews-stars}"
+      - npx nx run-many -t test --code-coverage --passWithNoTests --projects="$PROJECTS"
+
+  # -------------------------------------------------------------------------
+  # 4. SonarQube analysis (runs against the tag/branch being released)
+  # -------------------------------------------------------------------------
+  - name: sonar
+    image: sonarsource/sonar-scanner-cli:latest
+    environment:
+      SONAR_HOST_URL:
+        from_secret: SONAR_HOST_URL
+      SONAR_TOKEN:
+        from_secret: SONAR_TOKEN
+    commands:
+      - sonar-scanner
+        -Dsonar.projectVersion=${CI_COMMIT_TAG#v}
+
+  # -------------------------------------------------------------------------
+  # 5. Determine the version and npm dist-tag, then publish every project.
   #
   #    For tag events  : version is derived from the tag (strips leading "v").
   #    For manual runs : VERSION env-var must be supplied via the Woodpecker

.woodpecker/test-pr.yml

@@ -27,3 +27,16 @@ steps:
     image: node:22
     commands:
       - npx nx run-many -t test --code-coverage --passWithNoTests --projects="reviews-stars"
+
+  - name: sonar
+    image: sonarsource/sonar-scanner-cli:latest
+    environment:
+      SONAR_HOST_URL:
+        from_secret: SONAR_HOST_URL
+      SONAR_TOKEN:
+        from_secret: SONAR_TOKEN
+    commands:
+      - sonar-scanner
+        -Dsonar.pullrequest.key=${CI_COMMIT_PULL_REQUEST}
+        -Dsonar.pullrequest.branch=${CI_COMMIT_SOURCE_BRANCH}
+        -Dsonar.pullrequest.base=${CI_COMMIT_TARGET_BRANCH}

libs/reviews-stars/jest.config.ts

@@ -1,11 +1,12 @@
 /* eslint-disable */
 export default {
-  displayName: 'reviews-stars',
+	displayName: "reviews-stars",
-  preset: '../../jest.preset.js',
+	preset: "../../jest.preset.js",
-  testEnvironment: 'node',
+	testEnvironment: "node",
-  transform: {
+	transform: {
-    '^.+\\.[tj]s$': ['ts-jest', { tsconfig: '<rootDir>/tsconfig.spec.json' }],
+		"^.+\\.[tj]s$": ["ts-jest", { tsconfig: "<rootDir>/tsconfig.spec.json" }],
-  },
+	},
-  moduleFileExtensions: ['ts', 'js', 'html'],
+	moduleFileExtensions: ["ts", "js", "html"],
-  coverageDirectory: '../../coverage/libs/reviews-stars',
+	coverageDirectory: "../../coverage/libs/reviews-stars",
+	coverageReporters: ["lcov", "text", "clover"],
 };

sonar-project.properties

@@ -0,0 +1,32 @@
+# =============================================================================
+# SonarQube / SonarCloud project configuration
+# https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarscanner/
+# =============================================================================
+
+# --- Project identity --------------------------------------------------------
+sonar.projectKey=z-elements
+sonar.projectName=Z Elements
+sonar.projectVersion=1.0
+
+# --- Sources & tests ---------------------------------------------------------
+sonar.sources=libs
+sonar.tests=libs
+sonar.test.inclusions=**/*.spec.ts,**/*.test.ts
+sonar.exclusions=\
+  **/node_modules/**,\
+  **/dist/**,\
+  **/*.stories.ts,\
+  **/*.stories.tsx,\
+  **/.storybook/**,\
+  **/coverage/**
+
+# --- TypeScript --------------------------------------------------------------
+sonar.typescript.tsconfigPaths=tsconfig.base.json
+
+# --- Coverage ----------------------------------------------------------------
+# Jest is configured to emit lcov reports into coverage/libs/<project>/
+sonar.javascript.lcov.reportPaths=\
+  coverage/libs/reviews-stars/lcov.info
+
+# --- Encoding ----------------------------------------------------------------
+sonar.sourceEncoding=UTF-8