From bf6607cd740f1d5750643ff6d936a80cafbaf92c Mon Sep 17 00:00:00 2001 From: jung-geun Date: Wed, 18 Sep 2024 15:34:25 +0000 Subject: [PATCH] Refactor file paths in Makefile, run_script.sh, and start.sh --- .gitlab-ci.yml | 47 ++++-------------------------- .gitlab/ci/sonarqube.gitlab-ci.yml | 41 ++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 42 deletions(-) create mode 100644 .gitlab/ci/sonarqube.gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 00b2c93..e65570d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,45 +1,8 @@ -variables: - SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache - GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task - stages: - sonarqube-check - sonarqube-vulnerability-report - -sonarqube-check: - stage: sonarqube-check - image: - name: sonarsource/sonar-scanner-cli:11.0 - entrypoint: [""] - variables: - SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache - GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task - cache: - key: "${CI_JOB_NAME}" - paths: - - .sonar/cache - script: - - sonar-scanner - allow_failure: true - only: - - merge_requests - - master - - main - - develop - -sonarqube-vulnerability-report: - stage: sonarqube-vulnerability-report - script: - - 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=pieroot_cloudflare-ddns_AZIFhiXEwbr_NxNtXMWZ&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json' - allow_failure: true - only: - - merge_requests - - master - - main - - develop - artifacts: - expire_in: 1 day - reports: - sast: gl-sast-sonar-report.json - dependencies: - - sonarqube-check \ No newline at end of file +include: + - local: .gitlab/ci/*.gitlab-ci.yml + - template: Jobs/Dependency-Scanning.latest.gitlab-ci.yml + - template: Jobs/SAST.latest.gitlab-ci.yml + - template: Jobs/Secret-Detection.gitlab-ci.yml \ No newline at end of file diff --git a/.gitlab/ci/sonarqube.gitlab-ci.yml b/.gitlab/ci/sonarqube.gitlab-ci.yml new file mode 100644 index 0000000..46d49f6 --- /dev/null +++ b/.gitlab/ci/sonarqube.gitlab-ci.yml @@ -0,0 +1,41 @@ +variables: + SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache + GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task + +sonarqube-check: + stage: sonarqube-check + image: + name: sonarsource/sonar-scanner-cli:11.0 + entrypoint: [""] + variables: + SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache + GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task + cache: + key: "${CI_JOB_NAME}" + paths: + - .sonar/cache + script: + - sonar-scanner + allow_failure: true + only: + - merge_requests + - master + - main + - develop + +sonarqube-vulnerability-report: + stage: sonarqube-vulnerability-report + script: + - 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=pieroot_cloudflare-ddns_AZIFhiXEwbr_NxNtXMWZ&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json' + allow_failure: true + only: + - merge_requests + - master + - main + - develop + artifacts: + expire_in: 1 day + reports: + sast: gl-sast-sonar-report.json + dependencies: + - sonarqube-check \ No newline at end of file