-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
41 lines (39 loc) · 1.13 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
stages:
- sonarqube-check
- sonarqube-vulnerability-report
sonarqube-check:
stage: sonarqube-check
image:
name: sonarsource/sonar-scanner-cli:5.0
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script:
- sonar-scanner
allow_failure: true
only:
- merge_requests
- master
- main
- develop
# sonarqube-vulnerability-report:
# stage: sonarqube-vulnerability-report
# script:
# - 'wget --header="Authorization: Basic $(echo -n "${SONAR_TOKEN}:" | base64)" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=pyvision&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -O gl-sast-sonar-report.json'
# allow_failure: true
# only:
# - merge_requests
# - master
# - main
# - develop
# artifacts:
# expire_in: 1 day
# reports:
# sast: gl-sast-sonar-report.json
# dependencies:
# - sonarqube-check