From a08eb086ee6643bdaff84c3b7cfca6b152e8d419 Mon Sep 17 00:00:00 2001 From: Ariel Menezes <69123486+ArielMAJ@users.noreply.github.com> Date: Mon, 1 Dec 2025 22:30:43 +0000 Subject: [PATCH 1/3] chore: add sonar qube scan to project --- .github/workflows/sast-sonarcloud.yml | 45 +++++++++++++++++++++++++++ sonar-project.properties | 3 ++ 2 files changed, 48 insertions(+) create mode 100644 .github/workflows/sast-sonarcloud.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/sast-sonarcloud.yml b/.github/workflows/sast-sonarcloud.yml new file mode 100644 index 0000000..b3f2c94 --- /dev/null +++ b/.github/workflows/sast-sonarcloud.yml @@ -0,0 +1,45 @@ +name: SAST com SonarCloud + +on: + push: + branches: [main] + pull_request: + +jobs: + sonarcloud: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: "3.12" + + - name: Cache pip dependencies + uses: actions/cache@v3 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + + - name: Run tests with coverage + run: | + poetry run pytest --cov=src --cov-report=xml --cov-report=term + continue-on-error: true + + - name: SonarCloud Scan + uses: SonarSource/sonarqube-scan-action@v6.0.0 + with: + args: > + -Dsonar.projectKey=${{ secrets.SONAR_PROJECT }} + -Dsonar.organization=${{ secrets.SONAR_ORG }} + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..0c23aef --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,3 @@ +sonar.sources=src +sonar.exclusions=**/*test*.py,**/conftest.py +sonar.python.version=3.12 From 0ec72d348011608fbe17f8acfe3eec65ad535b9c Mon Sep 17 00:00:00 2001 From: Ariel Menezes <69123486+ArielMAJ@users.noreply.github.com> Date: Mon, 1 Dec 2025 20:42:05 -0300 Subject: [PATCH 2/3] Bump version to 2.0.3 in pyproject.toml --- pyproject.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 2367e81..6f7fea1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "fastapi-backend-template" -version = "2.0.2" +version = "2.0.3" description = "A FastAPI backend template." authors = ["ArielMAJ "] readme = "README.md" @@ -44,3 +44,4 @@ omit = [ [build-system] requires = ["poetry-core"] build-backend = "poetry.core.masonry.api" + From ff50a078abf215b4774c8f1da0740d3f861716ca Mon Sep 17 00:00:00 2001 From: Ariel Menezes <69123486+ArielMAJ@users.noreply.github.com> Date: Mon, 1 Dec 2025 23:47:11 +0000 Subject: [PATCH 3/3] chore: remove tests from sonar cube yml --- .github/workflows/sast-sonarcloud.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/sast-sonarcloud.yml b/.github/workflows/sast-sonarcloud.yml index b3f2c94..b480d61 100644 --- a/.github/workflows/sast-sonarcloud.yml +++ b/.github/workflows/sast-sonarcloud.yml @@ -30,11 +30,6 @@ jobs: python -m pip install --upgrade pip pip install -r requirements.txt - - name: Run tests with coverage - run: | - poetry run pytest --cov=src --cov-report=xml --cov-report=term - continue-on-error: true - - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@v6.0.0 with: