refactor(sonar): provide trust store via JVM parameter (#1270)

* provide trust store via JVM parameter * adjust test cases * Update vars/sonarExecuteScan.groovy * Update vars/sonarExecuteScan.groovy * Update sonarExecuteScan.groovy
2024-12-12 10:55:20 +02:00 · 2020-03-16 10:34:07 +01:00 · 2020-03-16 10:34:07 +01:00 · a970507619
commit a970507619
parent db8cb2bf62
2 changed files with 14 additions and 9 deletions
--- a/test/groovy/SonarExecuteScanTest.groovy
+++ b/test/groovy/SonarExecuteScanTest.groovy
@ -56,6 +56,9 @@ class SonarExecuteScanTest extends BasePiperTest {
                binding.setProperty(l[0].variable, null)
            }
        })
+        helper.registerAllowedMethod('withEnv', [List.class, Closure.class], { List envVars, Closure body ->
+            body()
+        })
        nullScript.commonPipelineEnvironment.setArtifactVersion('1.2.3-20180101')
    }

--- a/vars/sonarExecuteScan.groovy
+++ b/vars/sonarExecuteScan.groovy
@ -124,19 +124,21 @@ void call(Map parameters = [:]) {
        def worker = { config ->
            try {
                withSonarQubeEnv(config.instance) {
+                    List envVars = []

-                        loadSonarScanner(config)
+                    loadSonarScanner(config)

-                        if(fileExists('.certificates/cacerts')){
-                            sh 'mv .certificates/cacerts .sonar-scanner/jre/lib/security/cacerts'
-                        }
-
-                        if(config.organization) config.options.add("sonar.organization=${config.organization}")
-                        if(config.projectVersion) config.options.add("sonar.projectVersion=${config.projectVersion}")
-                        // prefix options
-                        config.options = config.options.collect { it.startsWith('-D') ? it : "-D${it}" }
+                    if(fileExists('.certificates/cacerts')){
+                        envVars = envVars.plus("SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStore=${env.WORKSPACE}/.certificates/cacerts")
+                    }

+                    if(config.organization) config.options.add("sonar.organization=${config.organization}")
+                    if(config.projectVersion) config.options.add("sonar.projectVersion=${config.projectVersion}")
+                    // prefix options
+                    config.options = config.options.collect { it.startsWith('-D') ? it : "-D${it}" }
+                    withEnv(envVars){
                        sh "PATH=\$PATH:'${env.WORKSPACE}/.sonar-scanner/bin' sonar-scanner ${config.options.join(' ')}"
+                    }
                }
            } finally {
                sh 'rm -rf .sonar-scanner .certificates .scannerwork'