porterde/ci.yml

## ci.yml
# Work around for issue described here:
# https://community.sonarsource.com/t/sonarqube-scanner-fails-to-analyze-vue-files-failed-to-parse-file-vue/17751/2
# https://jira.sonarsource.com/browse/MMF-1441

# This is for use in a GitHub Actions script using the SonarCloud GitHub Action which runs the scanner in Docker.
# If you're running Sonar scanner outside of GitHub Actions this hack certainly requires changes to make
# it work - I wish you luck!
#
# The basic idea in the hack is to run an Nginx docker container, alongside the Sonar scanner container,
# as a proxy for sonarcloud.io. Nginx intercepts the request to download the javascript scanning plugin
# and serves our modified version. We create our own version by downloading the original, unpacking it,
# changing a line in the source code for parsing typescript in Vue.js files, pack it up again.
# The SONARCLOUD_URL env var is used by the scanner so points at the local nginx port. Fortunately it
# doesn't require HTTPS.
#
# This hack will stop working if the scanner behaviour changes or a significant new version of the javascript
# scanning plugin is released... but in the mean time it works a treat.


  - name: Hack SonarCloud
    run: |
        set -x
        mkdir temp
        cd temp
        curl -o js.pack https://sonarcloud.io/api/plugins/download?plugin=javascript
        unpack200 js.pack js.jar
        rm js.pack
        jar xf js.jar eslint-bridge-1.0.0.tgz
        tar -xf eslint-bridge-1.0.0.tgz
        rm eslint-bridge-1.0.0.tgz
        sed -i "s/const result = VueJS/config['parser'] = '@typescript-eslint\/parser'; const result = VueJS/" package/lib/parser.js
        tar -czf eslint-bridge-1.0.0.tgz package
        rm -rf package
        jar uf js.jar eslint-bridge-1.0.0.tgz
        cd ..
        cat <<EOT >> nginx.conf
        worker_processes 1;
        events { worker_connections 1024; }
        http {
            server {
                listen 8080;
                root /var/www;
                location / {
                    error_page 418 = @myfile;
                    if ( \$arg_plugin = "javascript" ) { return 418; }
                    proxy_pass         https://sonarcloud.io/;
                    proxy_redirect     off;
                    proxy_set_header   Host \$host;
                }
                location @myfile {
                    sendfile on;
                    add_header Sonar-MD5 $(md5sum temp/js.jar | awk '{ print $1 }');
                    rewrite ^ /js.jar break;
                }
            }
        }
        EOT
        cat nginx.conf
        docker run -d -p 8080:8080 -v $(pwd)/temp:/var/www -v $(pwd)/nginx.conf:/etc/nginx/nginx.conf:ro nginx
        sleep 5
        echo "::set-env name=SONARCLOUD_URL::http://$(docker network inspect bridge --format='{{(index .IPAM.Config 0).Gateway}}'):8080"

  - name: SonarCloud Scan
    uses: sonarsource/sonarcloud-github-action@master
    env:
      GITHUB_TOKEN: ${{ github.token }}
      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	# Work around for issue described here:
	# https://community.sonarsource.com/t/sonarqube-scanner-fails-to-analyze-vue-files-failed-to-parse-file-vue/17751/2
	# https://jira.sonarsource.com/browse/MMF-1441

	# This is for use in a GitHub Actions script using the SonarCloud GitHub Action which runs the scanner in Docker.
	# If you're running Sonar scanner outside of GitHub Actions this hack certainly requires changes to make
	# it work - I wish you luck!
	#
	# The basic idea in the hack is to run an Nginx docker container, alongside the Sonar scanner container,
	# as a proxy for sonarcloud.io. Nginx intercepts the request to download the javascript scanning plugin
	# and serves our modified version. We create our own version by downloading the original, unpacking it,
	# changing a line in the source code for parsing typescript in Vue.js files, pack it up again.
	# The SONARCLOUD_URL env var is used by the scanner so points at the local nginx port. Fortunately it
	# doesn't require HTTPS.
	#
	# This hack will stop working if the scanner behaviour changes or a significant new version of the javascript
	# scanning plugin is released... but in the mean time it works a treat.


	- name: Hack SonarCloud
	run: \|
	set -x
	mkdir temp
	cd temp
	curl -o js.pack https://sonarcloud.io/api/plugins/download?plugin=javascript
	unpack200 js.pack js.jar
	rm js.pack
	jar xf js.jar eslint-bridge-1.0.0.tgz
	tar -xf eslint-bridge-1.0.0.tgz
	rm eslint-bridge-1.0.0.tgz
	sed -i "s/const result = VueJS/config['parser'] = '@typescript-eslint\/parser'; const result = VueJS/" package/lib/parser.js
	tar -czf eslint-bridge-1.0.0.tgz package
	rm -rf package
	jar uf js.jar eslint-bridge-1.0.0.tgz
	cd ..
	cat <<EOT >> nginx.conf
	worker_processes 1;
	events { worker_connections 1024; }
	http {
	server {
	listen 8080;
	root /var/www;
	location / {
	error_page 418 = @myfile;
	if ( \$arg_plugin = "javascript" ) { return 418; }
	proxy_pass https://sonarcloud.io/;
	proxy_redirect off;
	proxy_set_header Host \$host;
	}
	location @myfile {
	sendfile on;
	add_header Sonar-MD5 $(md5sum temp/js.jar \| awk '{ print $1 }');
	rewrite ^ /js.jar break;
	}
	}
	}
	EOT
	cat nginx.conf
	docker run -d -p 8080:8080 -v $(pwd)/temp:/var/www -v $(pwd)/nginx.conf:/etc/nginx/nginx.conf:ro nginx
	sleep 5
	echo "::set-env name=SONARCLOUD_URL::http://$(docker network inspect bridge --format='{{(index .IPAM.Config 0).Gateway}}'):8080"

	- name: SonarCloud Scan
	uses: sonarsource/sonarcloud-github-action@master
	env:
	GITHUB_TOKEN: ${{ github.token }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}