⚡ Removes a constant value that will rewrite values of properties

CODEOWNERS

@@ -1 +0,0 @@
-* @kitabisa/security @dwisiswant0

Dockerfile

@@ -1,15 +1,22 @@
-FROM sonarsource/sonar-scanner-cli:4
+FROM newtmitch/sonar-scanner:4.0.0-alpine
 
 LABEL "com.github.actions.name"="SonarQube Scan"
 LABEL "com.github.actions.description"="Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more than 25 programming languages."
 LABEL "com.github.actions.icon"="check"
 LABEL "com.github.actions.color"="green"
 
-LABEL version="0.0.2"
+LABEL version="0.0.1"
 LABEL repository="https://github.com/kitabisa/sonarqube-action"
 LABEL homepage="https://kitabisa.github.io"
 LABEL maintainer="dwisiswant0"
 
+RUN npm config set unsafe-perm true && \
+  npm install --silent --save-dev -g typescript@3.5.2 && \
+  npm config set unsafe-perm false
+ENV NODE_PATH "/usr/lib/node_modules/"
+
+RUN apk add --no-cache ca-certificates jq
+
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]

README.md

@@ -8,67 +8,46 @@ SonarQube is an open-source platform developed by SonarSource for continuous ins
 
 ## Requirements
 
-* [SonarQube server](https://docs.sonarqube.org/latest/setup/install-server/).
+* Have SonarQube on server. [Install now](https://docs.sonarqube.org/latest/setup/install-server/) if it's not already the case!
-* That's all!
 
 ## Usage
 
-The workflow, usually declared in `.github/workflows/build.yaml`, looks like:
+The workflow, usually declared in `.github/workflows/build.yml`, looks like:
 
 ```yaml
-on:
+on: push
-  # Trigger analysis when pushing in master or pull requests, and when creating
+name: Main Workflow
-  # a pull request. 
-  push:
-    branches:
-      - master
-  pull_request:
-      types: [opened, synchronize, reopened]
-
-name: SonarQube Scan
 jobs:
-  sonarqube:
+  sonarQubeTrigger:
     name: SonarQube Trigger
     runs-on: ubuntu-latest
     steps:
-    - name: Checking out
+    - uses: actions/checkout@master
-      uses: actions/checkout@master
-      with:
-        # Disabling shallow clone is recommended for improving relevancy of reporting
-        fetch-depth: 0
     - name: SonarQube Scan
-      uses: kitabisa/sonarqube-action@v1.2.0
-      with:
-        host: ${{ secrets.SONARQUBE_HOST }}
-        login: ${{ secrets.SONARQUBE_TOKEN }}
-```
-
-You can change the analysis base directory and/or project key by using the optional input like this:
-
-```yaml
       uses: kitabisa/sonarqube-action@master
       with:
         host: ${{ secrets.SONARQUBE_HOST }}
         login: ${{ secrets.SONARQUBE_TOKEN }}
-  projectBaseDir: "src/"
-  projectKey: "my-custom-project"
 ```
 
-### Inputs
+You can change the analysis base directory and/ project key _(allowed characters: letters, numbers, -, \_, . and :, with at least one non-digit.)_ by using the optional input like this:
 
-These are some of the supported input parameters of action.
+```yaml
+uses: kitabisa/sonarqube-action@master
+with:
+  projectBaseDir: "/path/to/my-custom-project"
+  projectKey: "my-custom-project"
+  projectName: "my-custom-project-name"
+  projectVersion: "v0.0.1"
+```
+
+## Secrets
 
 - `host` - **_(Required)_** this is the SonarQube server URL.
 - `login` - **_(Required)_** the login or authentication token of a SonarQube user with Execute Analysis permission on the project. See [how to generate SonarQube token](https://docs.sonarqube.org/latest/user-guide/user-token/).
 - `password` - The password that goes with the `login` username. This should be left blank if an `login` are authentication token.
-- `projectBaseDir` - Set custom project base directory analysis.
-- `projectKey` - The project's unique key _(allowed characters are: letters, numbers, `-`, `_`, `.` and `:`, with at least one non-digit)_.
-- `projectName` - Name of the project that will be displayed on the SonarQube web interface.
-- `projectVersion` - The project version.
-- `encoding` - Encoding of the source code. Default is UTF-8.
 
-> **Note**:
+You can set all variable in the "Secrets" settings page of your repository.
-> If you're thinking of setting project metadata & other related things in a **`sonar-project.properties`** configuration file _(must be declared in the base directory `projectBaseDir`)_ instead of going through the [input parameters](#inputs), this action supports that!
 
 ## License
 

action.yaml

@@ -1,18 +1,15 @@
 name: "SonarQube Scan"
 description: "Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more than 25 programming languages."
 author: "Dwi Siswanto"
-
 branding:
   icon: "check"
   color: "green"
-
 runs:
   using: "docker"
   image: "Dockerfile"
-
 inputs:
   host:
-    description: "SonarQube server URL."
+    description: "SonarQube server URL"
     required: true
   projectKey:
     description: "The project's unique key. Allowed characters are: letters, numbers, -, _, . and :, with at least one non-digit."
@@ -27,16 +24,12 @@ inputs:
     required: false
     default: ""
   projectBaseDir:
-    description: "Set the sonar.projectBaseDir analysis property."
+    description: "Set the sonar.projectBaseDir analysis property"
     required: false
     default: "."
   login:
-    description: "Login or authentication token of a SonarQube user."
+    description: "Login or authentication token of a SonarQube user"
     required: true
   password:
     description: "Password that goes with the sonar.login username. This should be left blank if an authentication token is being used."
     required: false
-  encoding:
-    description: "Encoding of the source code."
-    required: false
-    default: "UTF-8"

entrypoint.sh

@@ -2,44 +2,27 @@
 
 set -e
 
-REPOSITORY_NAME=$(basename "${GITHUB_REPOSITORY}")
+if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then
-
+	EVENT_ACTION=$(jq -r ".action" "${GITHUB_EVENT_PATH}")
-if [[ ! -z "${INPUT_PASSWORD}" ]]; then
+	if [[ "${EVENT_ACTION}" != "opened" ]]; then
-  echo "::warning ::Running this GitHub Action without authentication token is NOT recommended!"
+		echo "No need to run analysis. It is already triggered by the push event."
-  SONAR_PASSWORD="${INPUT_PASSWORD}"
+		exit 78
-else
+	fi
-  SONAR_PASSWORD=""
 fi
 
-if [[ -f "${INPUT_PROJECTBASEDIR%/}pom.xml" ]]; then
+[[ ! -z ${INPUT_PASSWORD} ]] && SONAR_PASSWORD="${INPUT_PASSWORD}" || SONAR_PASSWORD=""
-  echo "::error file=${INPUT_PROJECTBASEDIR%/}pom.xml::Maven project detected. You should run the goal 'org.sonarsource.scanner.maven:sonar' during build rather than using this GitHub Action."
+[[ ! -z ${INPUT_PROJECTKEY} ]] && SONAR_PROJECTKEY="${INPUT_PROJECTKEY}" || SONAR_PROJECTKEY=""
-  exit 1
+[[ ! -z ${INPUT_PROJECTNAME} ]] && SONAR_PROJECTNAME="${INPUT_PROJECTNAME}" || SONAR_PROJECTNAME=""
-fi
+[[ ! -z ${INPUT_PROJECTVERSION} ]] && SONAR_PROJECTVERSION="${INPUT_PROJECTVERSION}" || SONAR_PROJECTVERSION=""
 
-if [[ -f "${INPUT_PROJECTBASEDIR%/}build.gradle" ]]; then
-  echo "::error file=${INPUT_PROJECTBASEDIR%/}build.gradle::Gradle project detected. You should use the SonarQube plugin for Gradle during build rather than using this GitHub Action."
-  exit 1
-fi
 
-unset JAVA_HOME
-
-if [[ ! -f "${INPUT_PROJECTBASEDIR%/}sonar-project.properties" ]]; then
-  [[ -z "${INPUT_PROJECTKEY}" ]] && SONAR_PROJECTKEY="${REPOSITORY_NAME}" || SONAR_PROJECTKEY="${INPUT_PROJECTKEY}"
-  [[ -z "${INPUT_PROJECTNAME}" ]] && SONAR_PROJECTNAME="${REPOSITORY_NAME}" || SONAR_PROJECTNAME="${INPUT_PROJECTNAME}"
-  [[ -z "${INPUT_PROJECTVERSION}" ]] && SONAR_PROJECTVERSION="" || SONAR_PROJECTVERSION="${INPUT_PROJECTVERSION}"
 sonar-scanner \
-    -Dsonar.host.url="${INPUT_HOST}" \
+	-Dsonar.host.url=${INPUT_HOST} \
-    -Dsonar.projectKey="${SONAR_PROJECTKEY}" \
+	-Dsonar.projectKey=${SONAR_PROJECTKEY} \
-    -Dsonar.projectName="${SONAR_PROJECTNAME}" \
+	-Dsonar.projectName=${SONAR_PROJECTNAME} \
-    -Dsonar.projectVersion="${SONAR_PROJECTVERSION}" \
+	-Dsonar.projectVersion=${SONAR_PROJECTVERSION} \
-    -Dsonar.projectBaseDir="${INPUT_PROJECTBASEDIR}" \
+	-Dsonar.projectBaseDir=${INPUT_PROJECTBASEDIR} \
-    -Dsonar.login="${INPUT_LOGIN}" \
+	-Dsonar.login=${INPUT_LOGIN} \
-    -Dsonar.password="${SONAR_PASSWORD}" \
+	-Dsonar.password=${INPUT_PASSWORD} \
-    -Dsonar.sources="${INPUT_PROJECTBASEDIR}" \
+	-Dsonar.sources=. \
-    -Dsonar.sourceEncoding="${INPUT_ENCODING}"
+	-Dsonar.sourceEncoding=UTF-8
-else
-  sonar-scanner \
-    -Dsonar.host.url="${INPUT_HOST}" \
-    -Dsonar.login="${INPUT_LOGIN}" \
-    -Dsonar.password="${SONAR_PASSWORD}"
-fi