From b007949f12d659cfdb2fc2dd901997fd5f1e432d Mon Sep 17 00:00:00 2001
From: cgrellard-ledger <come.grellard@ledger.fr>
Date: Wed, 5 Feb 2025 16:43:30 +0100
Subject: [PATCH] :construction_worker: feat: test sonar cloud pull request
 analysis

---
 .github/workflows/pr-analysis.yml | 119 ++++++++++++++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 .github/workflows/pr-analysis.yml

diff --git a/.github/workflows/pr-analysis.yml b/.github/workflows/pr-analysis.yml
new file mode 100644
index 000000000000..6fad1c43f571
--- /dev/null
+++ b/.github/workflows/pr-analysis.yml
@@ -0,0 +1,119 @@
+name: Pull Request Analysis
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    branches: ["develop"]
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: write
+
+jobs:
+  determine-affected:
+    name: "Turbo Affected"
+    if: |
+      ${{github.event.pull_request.head.repo.fork }} &&
+      contains(fromJSON('["thesan", "themooneer", "cgrellard-ledger", "KVNLS", "LucasWerey", "mcayuelas-ledger", "lewisd5"]'), github.event.sender.login)
+    uses: LedgerHQ/ledger-live/.github/workflows/turbo-affected-reusable.yml@develop
+    with:
+      head_branch: ${{ github.event.pull_request.head.ref || github.event.merge_group.head_ref }}
+      base_branch: ${{ github.event.pull_request.base.ref || github.event.merge_group.base_ref }}
+
+  sonarqube:
+    name: "SonarQube"
+    needs: determine-affected
+    runs-on: [ledger-live-4xlarge]
+    env:
+      MOBILE_AFFECTED: ${{contains(needs.determine-affected.outputs.paths, 'ledger-live-mobile')}}
+      DESKTOP_AFFECTED: ${{contains(needs.determine-affected.outputs.paths, 'ledger-live-desktop')}}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup git user
+        uses: LedgerHQ/ledger-live/tools/actions/composites/setup-git-user@develop
+
+      - name: Setup the caches
+        uses: LedgerHQ/ledger-live/tools/actions/composites/setup-caches@develop
+        id: caches
+        with:
+          skip-turbo-cache: "false"
+          accountId: ${{ secrets.AWS_ACCOUNT_ID_PROD }}
+          roleName: ${{ secrets.AWS_CACHE_ROLE_NAME }}
+          region: ${{ secrets.AWS_CACHE_REGION }}
+          turbo-server-token: ${{ secrets.TURBOREPO_SERVER_TOKEN }}
+
+      - name: fetch develop
+        run: |
+          git fetch origin develop
+
+      - name: Install and Build desktop dependencies
+        if: ${{env.DESKTOP_AFFECTED == 'true'}}
+        run: |
+          pnpm i --filter="ledger-live-desktop..." --filter="ledger-live" --no-frozen-lockfile --unsafe-perm
+          pnpm build:lld:deps --api="http://127.0.0.1:${{ steps.caches.outputs.port }}" --token="${{ secrets.TURBOREPO_SERVER_TOKEN }}" --team="foo"
+
+      - name: Install and Build mobile dependencies
+        if: ${{env.MOBILE_AFFECTED == 'true'}}
+        run: |
+          pnpm i --filter="live-mobile..." --filter="ledger-live" --no-frozen-lockfile --unsafe-perm
+          pnpm build:llm:deps --api="http://127.0.0.1:${{ steps.caches.outputs.port }}" --token="${{ secrets.TURBOREPO_SERVER_TOKEN }}" --team="foo"
+
+      - name: Generate Unit test coverage for LLD only
+        if: ${{env.DESKTOP_AFFECTED == 'true' && env.MOBILE_AFFECTED == 'false'}}
+        run: |
+          pnpm desktop test:jest:coverage
+          cat apps/ledger-live-desktop/coverage/lcov.info > ./lcov.info
+          cat apps/ledger-live-desktop/coverage/lld-sonar-executionTests-report.xml > ./lld-sonar-executionTests-report.xml
+
+      - name: Generate Unit test coverage for LLM only
+        if: ${{env.MOBILE_AFFECTED == 'true' && env.DESKTOP_AFFECTED == 'false'}}
+        run: |
+          pnpm mobile test:jest:coverage
+          cat apps/ledger-live-mobile/coverage/lcov.info > ./lcov.info
+          cat apps/ledger-live-mobile/coverage/llm-sonar-executionTests-report.xml > ./llm-sonar-executionTests-report.xml
+
+      - name: Generate Unit test coverage for LLD & LLM
+        if: ${{env.DESKTOP_AFFECTED == 'true' && env.MOBILE_AFFECTED == 'true'}}
+        run: |
+          pnpm desktop test:jest:coverage
+          pnpm mobile test:jest:coverage
+          cat apps/ledger-live-desktop/coverage/lcov.info apps/ledger-live-mobile/coverage/lcov.info > ./lcov.info
+          cat apps/ledger-live-desktop/coverage/lld-sonar-executionTests-report.xml > ./lld-sonar-executionTests-report.xml
+          cat apps/ledger-live-mobile/coverage/llm-sonar-executionTests-report.xml > ./llm-sonar-executionTests-report.xml
+
+      - name: SonarQubeScan desktop only
+        if: ${{env.DESKTOP_AFFECTED == 'true' && env.MOBILE_AFFECTED == 'false'}}
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.sources=apps/ledger-live-desktop,libs
+            -Dsonar.testExecutionReportPaths=lld-sonar-executionTests-report.xml
+            -Dsonar.newCode.referenceBranch=develop
+
+      - name: SonarQubeScan mobile only
+        if: ${{env.MOBILE_AFFECTED == 'true' && env.DESKTOP_AFFECTED == 'false'}}
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.sources=apps/ledger-live-mobile,libs
+            -Dsonar.testExecutionReportPaths=llm-sonar-executionTests-report.xml
+            -Dsonar.newCode.referenceBranch=develop
+
+      - name: SonarQubeScan desktop and mobile
+        if: ${{env.DESKTOP_AFFECTED == 'true' && env.MOBILE_AFFECTED == 'true'}}
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.newCode.referenceBranch=develop