From e43ea7b5e0c72ef54c37ba447c1dfca68ac24934 Mon Sep 17 00:00:00 2001
From: Tin Ly <trungtin.sotech@gmail.com>
Date: Thu, 29 Dec 2022 10:15:36 +0700
Subject: [PATCH] add sonarcloud config to main flow

---
 .github/workflows/brakeman.yml                | 58 -------------------
 .github/workflows/main_flow.yml               | 19 +++++-
 Gemfile                                       |  2 +-
 .../redirection_controller_test.rb            |  5 ++
 test/test_helper.rb                           | 11 +++-
 5 files changed, 32 insertions(+), 63 deletions(-)
 delete mode 100644 .github/workflows/brakeman.yml

diff --git a/.github/workflows/brakeman.yml b/.github/workflows/brakeman.yml
deleted file mode 100644
index 8bd7199..0000000
--- a/.github/workflows/brakeman.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-# This workflow integrates Brakeman with GitHub's Code Scanning feature
-# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
-
-name: Brakeman Scan
-
-on:
-  push:
-    branches: [ "main" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "main" ]
-  schedule:
-    - cron: '31 4 * * 6'
-
-permissions:
-  contents: read
-
-jobs:
-  brakeman-scan:
-    permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
-    name: Brakeman Scan
-    runs-on: ubuntu-latest
-    steps:
-    # Checkout the repository to the GitHub Actions runner
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    # Customize the ruby version depending on your needs
-    - name: Setup Ruby
-      uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
-      with:
-        ruby-version: '2.7'
-
-    - name: Setup Brakeman
-      env:
-        BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
-      run: |
-        gem install brakeman --version $BRAKEMAN_VERSION
-
-    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
-    - name: Scan
-      continue-on-error: true
-      run: |
-        brakeman -f sarif -o output.sarif.json .
-
-    # Upload the SARIF file generated in the previous step
-    - name: Upload SARIF
-      uses: github/codeql-action/upload-sarif@v2
-      with:
-        sarif_file: output.sarif.json
diff --git a/.github/workflows/main_flow.yml b/.github/workflows/main_flow.yml
index 25ce630..4e13e88 100644
--- a/.github/workflows/main_flow.yml
+++ b/.github/workflows/main_flow.yml
@@ -38,7 +38,22 @@ jobs:
         run: bin/rails db:schema:load
       # Add or replace test runners here
       - name: Run tests
-        run: bin/rake test
+        run: bin/rake
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args:
+            -Dsonar.projectKey=lytrungtin_url_shortener
+            -Dsonar.organization=lytrungtin
+            -Dsonar.exclusions=/vendor/**
+            -Dsonar.java.file.suffixes=-
+            -Dsonar.c.file.suffixes=-
+            -Dsonar.cpp.file.suffixes=-
+            -Dsonar.objc.file.suffixes=-
+            -Dsonar.ruby.coverage.reportPaths=/home/runner/work/url_shortener/url_shortener/coverage/.resultset.json
   lint:
     runs-on: ubuntu-latest
     steps:
@@ -54,4 +69,4 @@ jobs:
       - name: Security audit application code
         run: bundle exe brakeman -q -w2
       - name: Lint Ruby files
-        run: bundle exec rubocop --parallel
+        run: bundle exec rubocop -A --parallel --require rubocop-rails
diff --git a/Gemfile b/Gemfile
index 80bb1be..290ab92 100644
--- a/Gemfile
+++ b/Gemfile
@@ -47,5 +47,5 @@ group :development, :test do
   gem 'rubocop'
   gem 'rubocop-rails'
   gem 'rubocop-rake'
-  gem 'simplecov', require: false, group: :test
+  gem 'simplecov', group: :test
 end
diff --git a/test/controllers/redirection_controller_test.rb b/test/controllers/redirection_controller_test.rb
index 731387a..9e1a110 100644
--- a/test/controllers/redirection_controller_test.rb
+++ b/test/controllers/redirection_controller_test.rb
@@ -14,6 +14,11 @@ class RedirectionControllerTest < ActionDispatch::IntegrationTest
     assert_response :not_found
   end
 
+  test 'access with invalid slug format should render to not found' do
+    get shortened_url(slug: 'te@@st')
+    assert_response :not_found
+  end
+
   test 'access with not existed slug should render to not found' do
     get shortened_url(slug: '1a2b3c')
     assert_response :not_found
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 212421a..a3a8a9f 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -3,8 +3,15 @@
 ENV['RAILS_ENV'] ||= 'test'
 require 'simplecov'
 require 'simplecov_json_formatter'
-SimpleCov.formatter = SimpleCov::Formatter::JSONFormatter
-SimpleCov.start
+
+# Generate HTML and JSON reports
+SimpleCov.formatters = SimpleCov::Formatter::MultiFormatter.new([
+                                                                  SimpleCov::Formatter::HTMLFormatter,
+                                                                  SimpleCov::Formatter::JSONFormatter
+                                                                ])
+SimpleCov.start do
+  enable_coverage :branch
+end
 require_relative '../config/environment'
 require 'rails/test_help'