mirror of
https://github.com/jung-geun/PSO.git
synced 2025-12-20 04:50:45 +09:00
42 lines
1.1 KiB
YAML
42 lines
1.1 KiB
YAML
stages:
|
|
- sonarqube-check
|
|
- sonarqube-vulnerability-report
|
|
|
|
sonarqube-check:
|
|
stage: sonarqube-check
|
|
image:
|
|
name: sonarsource/sonar-scanner-cli:5.0
|
|
entrypoint: [""]
|
|
variables:
|
|
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
|
|
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
|
|
cache:
|
|
key: "${CI_JOB_NAME}"
|
|
paths:
|
|
- .sonar/cache
|
|
script:
|
|
- sonar-scanner
|
|
allow_failure: true
|
|
only:
|
|
- merge_requests
|
|
- master
|
|
- main
|
|
- develop
|
|
|
|
sonarqube-vulnerability-report:
|
|
stage: sonarqube-vulnerability-report
|
|
script:
|
|
- 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=pieroot_pso_AY4yioUduAwlZ9Y7RLBU&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
|
|
allow_failure: true
|
|
only:
|
|
- merge_requests
|
|
- master
|
|
- main
|
|
- develop
|
|
artifacts:
|
|
expire_in: 1 day
|
|
reports:
|
|
sast: gl-sast-sonar-report.json
|
|
dependencies:
|
|
- sonarqube-check
|