From b80efe3312bccca3295fe1b17664f94c62221764 Mon Sep 17 00:00:00 2001
From: Florian Charlaix <fcharlaix@open-dsi.fr>
Date: Mon, 19 Feb 2024 16:27:56 +0100
Subject: [PATCH] Migrate CI

---
 .forgejo/workflows/sonarqube.yml | 38 ++++++++++++++++++++++++++++++++
 .gitlab-ci.yml                   | 25 ---------------------
 .semgrepignore                   | 26 ----------------------
 sonar-project.properties         |  1 +
 4 files changed, 39 insertions(+), 51 deletions(-)
 create mode 100644 .forgejo/workflows/sonarqube.yml
 delete mode 100644 .gitlab-ci.yml
 delete mode 100644 .semgrepignore
 create mode 100644 sonar-project.properties

diff --git a/.forgejo/workflows/sonarqube.yml b/.forgejo/workflows/sonarqube.yml
new file mode 100644
index 0000000..05bac5f
--- /dev/null
+++ b/.forgejo/workflows/sonarqube.yml
@@ -0,0 +1,38 @@
+name: SonarQube
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  sonarqube:
+    name: SonarQube
+    runs-on: docker
+
+    container:
+      image: alpine
+
+    steps:
+      - name: "Setup env"
+        run: apk add --no-cache git nodejs bash curl jq
+
+      - name: "Get repo"
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: "SonarQube Scan"
+        uses: https://github.com/sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+      # If you wish to fail your job when the Quality Gate is red, uncomment the
+      # following lines. This would typically be used to fail a deployment.
+      - name: "SonarQube Quality gate"
+        uses: https://github.com/sonarsource/sonarqube-quality-gate-action@master
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index efa0155..0000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-include:
-  - template: Security/SAST.gitlab-ci.yml
-
-image: node:latest
-
-cache:
-  paths:
-    - node_modules/
-
-build:
-  stage: build
-  script:
-    - apt-get update && apt-get install -y python
-    - npm install
-    - npm run build
-
-sast:
-  stage: test
-  artifacts:
-    name: sast
-    paths:
-      - gl-sast-report.json
-    reports:
-      sast: gl-sast-report.json
-    when: always
diff --git a/.semgrepignore b/.semgrepignore
deleted file mode 100644
index 31d5edc..0000000
--- a/.semgrepignore
+++ /dev/null
@@ -1,26 +0,0 @@
-# Ignore git items
-.gitignore
-.git/
-:include .gitignore
-
-# Common large paths
-node_modules/
-build/
-dist/
-vendor/
-.env/
-.venv/
-.tox/
-*.min.js
-
-# Common test paths
-test/
-tests/
-*_test.go
-
-# Semgrep rules folder
-.semgrep
-
-# Semgrep-action log folder
-.semgrep_logs/
-
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..8223622
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1 @@
+sonar.projectKey=administrator
\ No newline at end of file