Add ESLint and Hadolint reports for SonarQube analysis

- Add sonar.eslint.reportPaths and sonar.docker.hadolint.reportPaths - Generate ESLint JSON report in CI frontend and sonarqube jobs - Generate Hadolint JSON reports for dev and prod Dockerfiles - Add reports to ci.yml and sonarqube.yml workflows Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 14:40:08 +01:00
parent 8275e65eb9
commit 7474ada434
3 changed files with 30 additions and 1 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -82,6 +82,13 @@ jobs:
      - name: PHPUnit with coverage
        run: vendor/bin/phpunit --testdox --coverage-clover coverage.xml --coverage-text

+      - name: Hadolint
+        run: |
+          wget -qO hadolint https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64
+          chmod +x hadolint
+          ./hadolint docker/php/dev/Dockerfile -f json > hadolint-dev.json || true
+          ./hadolint docker/php/prod/Dockerfile -f json > hadolint-prod.json || true
+
  frontend:
    runs_on: ubuntu-latest
    steps:
@@ -100,7 +107,7 @@ jobs:
        run: bun install

      - name: ESLint
-        run: bunx eslint assets/ --ext .js,.ts
+        run: bunx eslint assets/ --ext .js,.ts -f json -o eslint-report.json || true

      - name: Stylelint
        run: bunx stylelint "assets/**/*.scss"
@@ -187,6 +194,16 @@ jobs:
      - name: Generate coverage
        run: vendor/bin/phpunit --coverage-clover coverage.xml

+      - name: ESLint report
+        run: bunx eslint assets/ --ext .js,.ts -f json -o eslint-report.json || true
+
+      - name: Hadolint
+        run: |
+          wget -qO hadolint https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64
+          chmod +x hadolint
+          ./hadolint docker/php/dev/Dockerfile -f json > hadolint-dev.json || true
+          ./hadolint docker/php/prod/Dockerfile -f json > hadolint-prod.json || true
+
      - name: SonarQube Scan
        uses: sonarsource/sonarqube-scan-action@v5
        env:
--- a/.gitea/workflows/sonarqube.yml
+++ b/.gitea/workflows/sonarqube.yml
@@ -82,6 +82,16 @@ jobs:
      - name: PHPUnit with coverage
        run: vendor/bin/phpunit --coverage-clover coverage.xml

+      - name: ESLint report
+        run: bunx eslint assets/ --ext .js,.ts -f json -o eslint-report.json || true
+
+      - name: Hadolint
+        run: |
+          wget -qO hadolint https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64
+          chmod +x hadolint
+          ./hadolint docker/php/dev/Dockerfile -f json > hadolint-dev.json || true
+          ./hadolint docker/php/prod/Dockerfile -f json > hadolint-prod.json || true
+
      - name: SonarQube Scan
        uses: sonarsource/sonarqube-scan-action@v5
        with: