Skip to content
Snippets Groups Projects
Commit 47b60779 authored by Paweł Śnioszek's avatar Paweł Śnioszek
Browse files

Add sonarqube check pipeline

parent 5d9169f0
Branches
Tags
No related merge requests found
Pipeline #94514 passed
image:
name: sonarsource/sonar-scanner-cli:11
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
GIT_DEPTH: "0"
stages: stages:
- scheduled - scheduled
- analysis
run-sonarqube-management-script: run-sonarqube-management-script:
stage: scheduled stage: scheduled
...@@ -15,3 +24,33 @@ run-sonarqube-management-script: ...@@ -15,3 +24,33 @@ run-sonarqube-management-script:
- python management/user_management.py - python management/user_management.py
tags: tags:
- sonarqube - sonarqube
allow_failure: true
sonarqube-check:
stage: analysis
script:
- sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}"
allow_failure: false
rules:
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
- if: $CI_COMMIT_BRANCH == 'main'
tags:
- sonarqube
sonarqube-vulnerability-report:
stage: analysis
needs:
- job: sonarqube-check
artifacts: false
script:
- 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=jwieczorek_sqtoolshed_41f9ff14-ddac-437c-8d1e-f1ebd1f8da0b&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
allow_failure: true
rules:
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
- if: $CI_COMMIT_BRANCH == 'main'
artifacts:
expire_in: 1 day
reports:
sast: gl-sast-sonar-report.json
tags:
- sonarqube
\ No newline at end of file
sonar.projectKey=jwieczorek_sqtoolshed_41f9ff14-ddac-437c-8d1e-f1ebd1f8da0b
sonar.qualitygate.wait=true
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment