2020-03-23 11:38:31 +02:00
metadata :
name : sonarExecuteScan
description : Executes the Sonar scanner
2020-09-11 13:39:17 +02:00
longDescription : "The step executes the [sonar-scanner](https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner)
cli command to scan the defined sources and publish the results to a SonarQube instance."
2020-03-23 11:38:31 +02:00
spec :
inputs :
2020-09-23 13:22:51 +02:00
secrets :
- name : sonarTokenCredentialsId
type : jenkins
description : "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Sonar Server."
- name : githubTokenCredentialsId
type : jenkins
description : "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Github Server."
2020-03-23 11:38:31 +02:00
params :
2020-04-08 12:55:46 +02:00
- name : instance
type : string
2020-09-11 13:39:17 +02:00
description : "Jenkins only: The name of the SonarQube instance defined in the Jenkins settings.
2020-10-01 11:45:14 +02:00
DEPRECATED : use serverUrl parameter instead"
2020-04-08 12:55:46 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
2020-08-31 16:10:28 +02:00
default : "SonarCloud"
2020-10-01 11:45:14 +02:00
- name : serverUrl
aliases :
- name : host
- name : sonarServerUrl
2020-03-23 11:38:31 +02:00
type : string
2020-09-11 13:39:17 +02:00
description : "The URL to the Sonar backend."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : token
type : string
2020-09-11 13:39:17 +02:00
description : "Token used to authenticate with the Sonar Server."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
2020-04-16 14:37:45 +02:00
secret : true
2020-06-25 16:33:38 +02:00
resourceRef :
2020-10-13 14:14:47 +02:00
- type : vaultSecret
2021-12-14 19:28:20 +02:00
name : sonarVaultSecretName
2021-09-21 13:06:32 +02:00
default : sonar
2020-06-25 16:33:38 +02:00
- name : sonarTokenCredentialsId
type : secret
2020-03-23 11:38:31 +02:00
aliases :
- name : sonarToken
- name : organization
type : string
description : "SonarCloud.io only: Organization that the project will be assigned to in SonarCloud.io."
scope :
- PARAMETERS
- STAGES
- STEPS
- name : customTlsCertificateLinks
2020-07-27 15:01:30 +02:00
type : "[]string"
2020-09-11 13:39:17 +02:00
description : "List of download links to custom TLS certificates.
This is required to ensure trusted connections to instances with custom certificates."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : sonarScannerDownloadUrl
type : string
description : "URL to the sonar-scanner-cli archive."
2021-09-14 10:57:50 +02:00
default : "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip"
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
2021-05-05 09:02:19 +02:00
- name : versioningModel
type : string
description : "The versioning model used for the version when reporting the results for the project."
scope : [ GENERAL, STAGES, STEPS, PARAMETERS]
default : "major"
possibleValues :
- major
- major-minor
- semantic
- full
- name : version
aliases :
- name : projectVersion
deprecated : true
2020-03-23 11:38:31 +02:00
type : string
2020-08-31 16:10:28 +02:00
description : "The project version that is reported to SonarQube."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
resourceRef :
- name : commonPipelineEnvironment
param : artifactVersion
2021-05-05 09:02:19 +02:00
- name : customScanVersion
type : string
description : "A custom version used along with the uploaded scan results."
longDescription : |-
2021-05-05 10:24:05 +02:00
Defines a custom version for the Sonar scan which deviates from the typical versioning pattern using [`version`](#version) and [`versioningModel`](#versioningModel).
2021-05-05 09:02:19 +02:00
It allows to set non-numeric versions as well and supersedes the value of [`version`](#version) which is calculated automatically.
2021-05-05 10:24:05 +02:00
The parameter is also used by other scan steps (e.g. Detect, Fortify, WhiteSource) and thus allows a common custom version across scan tools.
2021-05-05 09:02:19 +02:00
scope : [ GENERAL, STAGES, STEPS, PARAMETERS]
2020-09-11 13:39:17 +02:00
- name : projectKey
type : string
description : "The project key identifies the project in SonarQube."
scope :
- PARAMETERS
- STAGES
- STEPS
- name : coverageExclusions
type : "[]string"
description : "A list of patterns that should be excluded from the coverage scan."
scope :
- PARAMETERS
- STAGES
- STEPS
- name : inferJavaBinaries
type : bool
description : "Find the location of generated Java class files in all modules
and pass the option `sonar.java.binaries to the sonar tool."
scope :
- PARAMETERS
- STAGES
- STEPS
- name : inferJavaLibraries
type : bool
description : "If the parameter `m2Path` is configured for the step `mavenExecute`
in the general section of the configuration, pass it as option `sonar.java.libraries`
to the sonar tool."
scope :
- PARAMETERS
- STAGES
- STEPS
2020-03-23 11:38:31 +02:00
- name : options
2020-04-08 12:55:46 +02:00
type : "[]string"
2020-09-11 13:39:17 +02:00
description : "A list of options which are passed to the sonar-scanner."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
2020-09-11 13:39:17 +02:00
aliases :
- name : sonarProperties
deprecated : true
2020-04-08 12:55:46 +02:00
# Parameters for non-PR scans
- name : branchName
type : string
2021-06-09 09:38:52 +02:00
description : "Non-Pull-Request only: Name of the SonarQube branch that should be used to report findings to. Automatically inferred from environment variables on supported orchestrators if `inferBranchName` is set to true."
2020-04-08 12:55:46 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
2020-09-11 13:39:17 +02:00
- name : inferBranchName
type : bool
2021-06-09 09:38:52 +02:00
description : "Whether to infer the `branchName` parameter automatically based on the
orchestrator-specific environment variable in runs of the pipeline."
2020-09-11 13:39:17 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
2020-04-08 12:55:46 +02:00
# Parameters for PR-Handling
2020-03-23 11:38:31 +02:00
- name : changeId
type : string
2021-06-09 09:38:52 +02:00
description : "Pull-Request only: The id of the pull-request. Automatically inferred from environment variables on supported orchestrators."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- name : changeBranch
type : string
2021-06-09 09:38:52 +02:00
description : "Pull-Request only: The name of the pull-request branch. Automatically inferred from environment variables on supported orchestrators."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- name : changeTarget
type : string
2021-06-09 09:38:52 +02:00
description : "Pull-Request only: The name of the base branch. Automatically inferred from environment variables on supported orchestrators."
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- name : pullRequestProvider
type : string
description : "Pull-Request only: The scm provider."
default : GitHub
2020-04-27 15:16:01 +02:00
possibleValues :
2020-08-31 16:10:28 +02:00
- GitHub
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : owner
type : string
description : "Pull-Request only: The owner of the scm repository."
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases :
- name : githubOrg
resourceRef :
- name : commonPipelineEnvironment
param : github/owner
- name : repository
type : string
description : "Pull-Request only: The scm repository."
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases :
- name : githubRepo
resourceRef :
- name : commonPipelineEnvironment
param : github/repository
2020-04-08 12:55:46 +02:00
# Parameters for legacy PR-Handling
2020-03-23 11:38:31 +02:00
- name : githubToken
type : string
description : "Pull-Request only: Token for Github to set status on the Pull-Request."
scope :
- PARAMETERS
2020-04-16 14:37:45 +02:00
secret : true
2021-01-27 13:58:47 +02:00
aliases :
- name : access_token
2020-06-25 16:33:38 +02:00
resourceRef :
- name : githubTokenCredentialsId
type : secret
2020-12-22 18:57:11 +02:00
- type : vaultSecret
2021-09-21 13:06:32 +02:00
name : githubVaultSecretName
default : github
2020-03-23 11:38:31 +02:00
- name : disableInlineComments
type : bool
2020-09-11 13:39:17 +02:00
description : "Pull-Request only: Disables the pull-request decoration with inline comments.
DEPRECATED : only supported in SonarQube < 7.2"
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : legacyPRHandling
type : bool
2020-09-11 13:39:17 +02:00
description : "Pull-Request only: Activates the pull-request handling using
the [GitHub Plugin](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin).
DEPRECATED : only supported in SonarQube < 7.2"
2020-03-23 11:38:31 +02:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : githubApiUrl
type : string
2020-09-11 13:39:17 +02:00
description : "Pull-Request only: The URL to the Github API.
See [GitHub plugin docs](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin#GitHubPlugin-Usage)
DEPRECATED : only supported in SonarQube < 7.2"
2020-03-23 11:38:31 +02:00
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
default : https://api.github.com
2020-09-11 13:39:17 +02:00
# Global maven settings, should be added to all maven steps
- name : m2Path
type : string
description : "Path to the location of the local repository that should be used."
scope :
- GENERAL
- STEPS
- STAGES
- PARAMETERS
aliases :
- name : maven/m2Path
2020-05-14 13:46:40 +02:00
outputs :
resources :
2021-12-15 16:07:47 +02:00
- name : reports
type : reports
params :
- filePattern : "sonarscan.json"
type : sonarqube
- filePattern : "sonarExecuteScan_*.json"
type : sonarqube
2020-05-14 13:46:40 +02:00
- name : influx
type : influx
params :
- name : step_data
fields :
- name : sonar
2020-10-13 16:37:48 +02:00
type : bool
2021-02-24 16:44:23 +02:00
- name : sonarqube_data
fields :
- name : blocker_issues
type : int
- name : critical_issues
type : int
- name : major_issues
type : int
- name : minor_issues
type : int
- name : info_issues
type : int
2020-03-23 11:38:31 +02:00
containers :
- name : sonar
2021-09-14 10:57:50 +02:00
image : sonarsource/sonar-scanner-cli:4.6