Folder - JavaScript Files Analysis
This document explains how to use GitHub workflows to automate SonarQube scans on folders that contain JavaScript source code files to ensure code quality and compliance with best practices.
For this purpose, FintechOS provides the sonarqube-scan-folder GitHub custom action which you can integrate in your CI/CD workflows. The action analyzes the JavaScript files in the desired folder and sends a report to a designated email address.
Use
Copy
- name: SonarQube Scan Folder
uses: fintechos-com/sonarqube-scan-folder@0.0.3
with:
SONARQUBE_SVC: ${{ secrets.SONARQUBE_SVC }}
SONARQUBE_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONARQUBE_SCAN_FOLDER: "SCAN_FOLDER_PATH"
SONARQUBE_QUALITY_PROFILE_LANGUAGE: "SONARQUBE_QUALITY_PROFILE_LANGUAGE"
SONARQUBE_QUALITY_PROFILE_NAME: "SONARQUBE_QUALITY_PROFILE_NAME"
SONARQUBE_PROJECT_NAME: "SONARQUBE_PROJECT_NAME"
EMAIL_SERVER: ${{secrets.EMAIL_SERVER}}
EMAIL_PORT: ${{secrets.EMAIL_PORT}}
EMAIL_USER: ${{secrets.EMAIL_USER}}
EMAIL_PASSWORD: ${{secrets.EMAIL_PASSWORD}}
EMAIL_REPORT_ATTACHED: trueAction Inputs
| Action Input | Description | Default | Mandatory |
|---|---|---|---|
| SONARQUBE_SVC | SonarQube URI | yes | |
| SONARQUBE_TOKEN | SonarQube token | yes | |
| SONARQUBE_SCAN_FOLDER | SonarQube scan folder | yes | |
| SONARQUBE_QUALITY_PROFILE_LANGUAGE | SonarQube scan language (C#/SQL/JavaScript) | yes | |
| SONARQUBE_QUALITY_PROFILE_NAME | SonarQube quality profile | yes | |
| SONARQUBE_PROJECT_NAME | SonarQube project name profile | yes | |
| UPLOAD_JSFILES | Publish JavaScript files as GitHub artifacts | false | no |
| EMAIL_TO | Send report email to this address | yes | |
| EMAIL_SERVER | Email server | yes | |
| EMAIL_PORT | Email port | yes | |
| EMAIL_USER | Email user | yes | |
| EMAIL_PASSWORD | Email password | yes | |
| EMAIL_REPORT_ATTACHED |
|
yes |