feat: add initial eval scripts for unified memory #2845
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SonarQube Analysis | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| - "release/**" | |
| pull_request: | |
| branches: | |
| - main | |
| - develop | |
| - "release/**" | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| sonarqube: | |
| name: SonarQube Scan (${{ matrix.name }}) | |
| runs-on: sonarqube-workflows-bp-sre | |
| timeout-minutes: 30 | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - name: agent | |
| project_key: TEGRASW_metropolis_video-search-and-summarization-agent_video-search-and-summarization | |
| project_name: video-search-and-summarization-agent | |
| sources: services/agent | |
| tests: services/agent/tests | |
| python_version: "3.13" | |
| - name: ui | |
| project_key: TEGRASW_metropolis_video-search-and-summarization-ui_video-search-and-summarization | |
| project_name: video-search-and-summarization-ui | |
| sources: services/ui | |
| tests: "" | |
| python_version: "" | |
| - name: skills | |
| project_key: TEGRASW_metropolis_video-search-and-summarization-skills_video-search-and-summarization | |
| project_name: video-search-and-summarization-skills | |
| sources: skills | |
| tests: "" | |
| python_version: "" | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Validate SonarQube secrets | |
| env: | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| if [ -z "$SONAR_HOST_URL" ]; then | |
| echo "SONAR_HOST_URL secret is required." | |
| exit 1 | |
| fi | |
| if [ -z "$SONAR_TOKEN" ]; then | |
| echo "SONAR_TOKEN secret is required." | |
| exit 1 | |
| fi | |
| - name: Write SonarQube configuration | |
| env: | |
| EVENT_NAME: ${{ github.event_name }} | |
| PR_NUMBER: ${{ github.event.pull_request.number }} | |
| PR_HEAD_REF: ${{ github.head_ref }} | |
| PR_BASE_REF: ${{ github.base_ref }} | |
| SONAR_PROJECT_KEY: ${{ matrix.project_key }} | |
| SONAR_PROJECT_NAME: ${{ matrix.project_name }} | |
| SONAR_SOURCES: ${{ matrix.sources }} | |
| SONAR_TESTS: ${{ matrix.tests }} | |
| SONAR_PYTHON_VERSION: ${{ matrix.python_version }} | |
| run: | | |
| exclusions="**/node_modules/**,**/.venv/**,**/__pycache__/**,**/.mypy_cache/**,**/.ruff_cache/**,**/dist/**,**/build/**,**/.next/**,**/coverage/**,**/__tests__/**,**/*.test.ts,**/*.test.tsx,**/*.test.js,**/*.test.jsx,**/*.spec.ts,**/*.spec.tsx,**/3rdparty/**" | |
| { | |
| echo "sonar.projectKey=${SONAR_PROJECT_KEY}" | |
| echo "sonar.projectName=${SONAR_PROJECT_NAME}" | |
| echo "sonar.projectVersion=1.0.0" | |
| echo "sonar.sourceEncoding=UTF-8" | |
| echo "sonar.scm.provider=git" | |
| echo "sonar.sources=${SONAR_SOURCES}" | |
| echo "sonar.exclusions=${exclusions}" | |
| } > sonar-project.properties | |
| if [ -n "$SONAR_TESTS" ]; then | |
| { | |
| echo "sonar.tests=${SONAR_TESTS}" | |
| echo "sonar.test.inclusions=${SONAR_TESTS}/**/*.py" | |
| } >> sonar-project.properties | |
| fi | |
| if [ -n "$SONAR_PYTHON_VERSION" ]; then | |
| echo "sonar.python.version=${SONAR_PYTHON_VERSION}" >> sonar-project.properties | |
| fi | |
| if [ "$SONAR_PROJECT_NAME" = "video-search-and-summarization-agent" ]; then | |
| echo "sonar.python.coverage.reportPaths=services/agent/coverage.xml" >> sonar-project.properties | |
| fi | |
| if [ "$SONAR_PROJECT_NAME" = "video-search-and-summarization-skills" ]; then | |
| # Skills helper scripts (skills/**/scripts/**) have no unit-test or | |
| # coverage harness in CI, so exclude them from the new-code coverage | |
| # gate. They are still analyzed for bugs, code smells, and duplication. | |
| echo "sonar.coverage.exclusions=skills/**/scripts/**" >> sonar-project.properties | |
| fi | |
| if [ "$EVENT_NAME" = "pull_request" ]; then | |
| { | |
| echo "sonar.pullrequest.key=${PR_NUMBER}" | |
| echo "sonar.pullrequest.branch=${PR_HEAD_REF}" | |
| echo "sonar.pullrequest.base=${PR_BASE_REF}" | |
| } >> sonar-project.properties | |
| elif [ -n "${GITHUB_REF_NAME:-}" ]; then | |
| echo "sonar.branch.name=${GITHUB_REF_NAME}" >> sonar-project.properties | |
| fi | |
| sed -E 's/(sonar.token|SONAR_TOKEN).*/[REDACTED]/g' sonar-project.properties | |
| - name: Install uv | |
| if: matrix.name == 'agent' | |
| uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2 | |
| with: | |
| version: "0.6.2" | |
| - name: Set up Python | |
| if: matrix.name == 'agent' | |
| uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: ${{ matrix.python_version }} | |
| - name: Generate agent coverage | |
| if: matrix.name == 'agent' | |
| working-directory: services/agent | |
| run: | | |
| # The Sonar self-hosted runner cannot install system packages. | |
| # Coverage does not exercise PDF rendering, so skip pycairo/rlpycairo | |
| # instead of requiring cairo headers and pkg-config on the runner. | |
| uv sync --group dev --frozen --no-install-package pycairo --no-install-package rlpycairo | |
| uv run --no-sync pytest \ | |
| --cov=src/vss_agents \ | |
| --cov-report=xml:coverage.xml \ | |
| --cov-report=term-missing \ | |
| -m "not slow and not integration" | |
| - name: Run SonarQube scanner | |
| uses: SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602 # v6 | |
| env: | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |