From 5818db49b2de8689a07007a5e4d329b94d67ef42 Mon Sep 17 00:00:00 2001 From: hathach Date: Sat, 25 Oct 2025 13:54:10 +0700 Subject: [PATCH] add SonarQube scan --- .github/workflows/static_analysis.yml | 5 ++--- sonar-project.properties | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 sonar-project.properties diff --git a/.github/workflows/static_analysis.yml b/.github/workflows/static_analysis.yml index e5254344b..45c5c959b 100644 --- a/.github/workflows/static_analysis.yml +++ b/.github/workflows/static_analysis.yml @@ -127,7 +127,7 @@ jobs: - name: Upload SARIF uses: github/codeql-action/upload-sarif@v4 with: - sarif_file: pvs-${{ matrix.board }}.sarif + sarif_file: pvs-studio-${{ matrix.board }}.sarif category: PVS-Studio - name: Upload artifact @@ -173,8 +173,7 @@ jobs: uses: SonarSource/sonarqube-scan-action@v6 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }} with: # Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options args: > - --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" + --define sonar.cfamily.compile-commands=${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 000000000..d797bfe6f --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,14 @@ +sonar.projectKey=hathach_tinyusb +sonar.organization=hathach + + +# This is the name and version displayed in the SonarCloud UI. +sonar.projectName=tinyusb +sonar.projectVersion=0.19.0 + + +# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. +#sonar.sources=. + +# Encoding of the source code. Default is default system encoding +#sonar.sourceEncoding=UTF-8