From 259282ed852e60b3133028ef6db9dd1630f57e60 Mon Sep 17 00:00:00 2001 From: Elmar Kresse Date: Thu, 13 Jun 2024 14:29:55 +0200 Subject: [PATCH] feat:#35 added sonarqube --- .gitlab-ci.yml | 42 ++++++++++++++++++++++++++++++++++++++++ sonar-project.properties | 2 ++ 2 files changed, 44 insertions(+) create mode 100644 sonar-project.properties diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9350acd..619021e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,6 +18,8 @@ stages: - lint - build - test + - sonarqube-check + - sonarqube-vulnerability-report - oci-build - deploy - deploy-dev # New stage for development deployment @@ -61,6 +63,46 @@ build-backend: - backend/go.sum - backend/go.mod +sonarqube-check-backend: + stage: sonarqube-check + image: + name: sonarsource/sonar-scanner-cli:5.0 + entrypoint: [""] + variables: + SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache + GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task + cache: + key: "${CI_JOB_NAME}" + paths: + - .sonar/cache + script: + - cd backend + - sonar-scanner + allow_failure: true + only: + - merge_requests + - master + - main + - develop + +sonarqube-vulnerability-report-backend: + stage: sonarqube-vulnerability-report + script: + - cd backend + - 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=HTWKalender&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json' + allow_failure: true + only: + - merge_requests + - master + - main + - develop + artifacts: + expire_in: 1 day + reports: + sast: gl-sast-sonar-report.json + dependencies: + - sonarqube-check + build-frontend: image: node:lts stage: build diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..a0ad568 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,2 @@ +sonar.projectKey=HTWKalender +sonar.qualitygate.wait=true