1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
sap-jenkins-library/resources/metadata/sonarExecuteScan.yaml

301 lines
10 KiB
YAML
Raw Normal View History

metadata:
name: sonarExecuteScan
description: Executes the Sonar scanner
longDescription: "The step executes the [sonar-scanner](https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner)
cli command to scan the defined sources and publish the results to a SonarQube instance."
spec:
inputs:
secrets:
- name: sonarTokenCredentialsId
type: jenkins
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Sonar Server."
- name: githubTokenCredentialsId
type: jenkins
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Github Server."
params:
- name: instance
type: string
description: "Jenkins only: The name of the SonarQube instance defined in the Jenkins settings.
DEPRECATED: use serverUrl parameter instead"
scope:
- PARAMETERS
- STAGES
- STEPS
2020-08-31 16:10:28 +02:00
default: "SonarCloud"
- name: serverUrl
aliases:
- name: host
- name: sonarServerUrl
type: string
description: "The URL to the Sonar backend."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: token
type: string
description: "Token used to authenticate with the Sonar Server."
scope:
- PARAMETERS
2020-04-16 14:37:45 +02:00
secret: true
resourceRef:
- type: vaultSecret
name: sonarVaultSecretName
default: sonar
- name: sonarTokenCredentialsId
type: secret
aliases:
- name: sonarToken
- name: organization
type: string
description: "SonarCloud.io only: Organization that the project will be assigned to in SonarCloud.io."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: customTlsCertificateLinks
type: "[]string"
description: "List of download links to custom TLS certificates.
This is required to ensure trusted connections to instances with custom certificates."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: sonarScannerDownloadUrl
type: string
description: "URL to the sonar-scanner-cli archive."
default: "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: versioningModel
type: string
description: "The versioning model used for the version when reporting the results for the project."
scope: [GENERAL, STAGES, STEPS, PARAMETERS]
default: "major"
possibleValues:
- major
- major-minor
- semantic
- full
- name: version
aliases:
- name: projectVersion
deprecated: true
type: string
2020-08-31 16:10:28 +02:00
description: "The project version that is reported to SonarQube."
scope:
- PARAMETERS
- STAGES
- STEPS
resourceRef:
- name: commonPipelineEnvironment
param: artifactVersion
- name: customScanVersion
type: string
description: "A custom version used along with the uploaded scan results."
longDescription: |-
Defines a custom version for the Sonar scan which deviates from the typical versioning pattern using [`version`](#version) and [`versioningModel`](#versioningModel).
It allows to set non-numeric versions as well and supersedes the value of [`version`](#version) which is calculated automatically.
The parameter is also used by other scan steps (e.g. Detect, Fortify, WhiteSource) and thus allows a common custom version across scan tools.
scope: [GENERAL, STAGES, STEPS, PARAMETERS]
- name: projectKey
type: string
description: "The project key identifies the project in SonarQube."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: coverageExclusions
type: "[]string"
description: "A list of patterns that should be excluded from the coverage scan."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferJavaBinaries
type: bool
description: "Find the location of generated Java class files in all modules
and pass the option `sonar.java.binaries to the sonar tool."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferJavaLibraries
type: bool
description: "If the parameter `m2Path` is configured for the step `mavenExecute`
in the general section of the configuration, pass it as option `sonar.java.libraries`
to the sonar tool."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: options
type: "[]string"
description: "A list of options which are passed to the sonar-scanner."
scope:
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: sonarProperties
deprecated: true
# Parameters for non-PR scans
- name: branchName
type: string
description: "Non-Pull-Request only: Name of the SonarQube branch that should be used to report findings to. Automatically inferred from environment variables on supported orchestrators if `inferBranchName` is set to true."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferBranchName
type: bool
description: "Whether to infer the `branchName` parameter automatically based on the
orchestrator-specific environment variable in runs of the pipeline."
scope:
- PARAMETERS
- STAGES
- STEPS
# Parameters for PR-Handling
- name: changeId
type: string
description: "Pull-Request only: The id of the pull-request. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: changeBranch
type: string
description: "Pull-Request only: The name of the pull-request branch. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: changeTarget
type: string
description: "Pull-Request only: The name of the base branch. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: pullRequestProvider
type: string
description: "Pull-Request only: The scm provider."
default: GitHub
possibleValues:
2020-08-31 16:10:28 +02:00
- GitHub
scope:
- PARAMETERS
- STAGES
- STEPS
- name: owner
type: string
description: "Pull-Request only: The owner of the scm repository."
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: githubOrg
resourceRef:
- name: commonPipelineEnvironment
param: github/owner
- name: repository
type: string
description: "Pull-Request only: The scm repository."
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: githubRepo
resourceRef:
- name: commonPipelineEnvironment
param: github/repository
# Parameters for legacy PR-Handling
- name: githubToken
type: string
description: "Pull-Request only: Token for Github to set status on the Pull-Request."
scope:
- PARAMETERS
2020-04-16 14:37:45 +02:00
secret: true
aliases:
- name: access_token
resourceRef:
- name: githubTokenCredentialsId
type: secret
- type: vaultSecret
name: githubVaultSecretName
default: github
- name: disableInlineComments
type: bool
description: "Pull-Request only: Disables the pull-request decoration with inline comments.
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: legacyPRHandling
type: bool
description: "Pull-Request only: Activates the pull-request handling using
the [GitHub Plugin](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin).
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: githubApiUrl
type: string
description: "Pull-Request only: The URL to the Github API.
See [GitHub plugin docs](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin#GitHubPlugin-Usage)
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
default: https://api.github.com
# Global maven settings, should be added to all maven steps
- name: m2Path
type: string
description: "Path to the location of the local repository that should be used."
scope:
- GENERAL
- STEPS
- STAGES
- PARAMETERS
aliases:
- name: maven/m2Path
outputs:
resources:
feat(gcs): allow upload to gcs from steps (#3034) * Upload reports to Google Cloud Storage bucket * Added tests. Made fixes * Update step generation. GCS client was moved to GeneralConfig * Code was refactored * Fixed issues * Fixed issues * Code correction due to PR comments * Improved gcs client and integration tests * Integrated gcp config. Updated step metadata * Fixed issues. Added tests * Added cpe, vault, aliases resolving for reporting parameters * Added tests * Uncommented DeferExitHandler. Removed useless comments * fixed cloning of config * Added comments for exported functions. Removed unused mock * minor fix * Implemented setting of report name via paramRef * some refactoring. Writing tests * Update pkg/config/reporting.go * Update cmd/sonarExecuteScan_generated.go * Apply suggestions from code review * Update pkg/config/reporting.go * Update pkg/config/reporting.go * fixed removing valut secret files * Update pkg/config/reporting.go * restore order * restore order * Apply suggestions from code review * go generate * fixed tests * Update resources/metadata/sonarExecuteScan.yaml * Update resources.go * Fixed tests. Code was regenerated * changed somewhere gcp to gcs. Fixed one test * move gcsSubFolder to input parameters * fixed removing valut secret files * minor fix in integration tests * fix integration tests Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-12-15 16:07:47 +02:00
- name: reports
type: reports
params:
- filePattern: "sonarscan.json"
type: sonarqube
- filePattern: "sonarExecuteScan_*.json"
type: sonarqube
- name: influx
type: influx
params:
- name: step_data
fields:
- name: sonar
type: bool
- name: sonarqube_data
fields:
- name: blocker_issues
type: int
- name: critical_issues
type: int
- name: major_issues
type: int
- name: minor_issues
type: int
- name: info_issues
type: int
containers:
- name: sonar
image: sonarsource/sonar-scanner-cli:4.6