jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
Code Issues Releases Activity

Document use of 'compliance' stage by Cloud SDK pipeline (#2020)

Browse Source
This commit is contained in:
Stephan Aßmus 2020-09-15 09:38:10 +02:00 committed by GitHub
parent 5856e35d50
commit c1852dbc17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
documentation/docs/pipelines/cloud-sdk/configuration.md
View File

@ -453,7 +453,7 @@ Please note that you can not have a `whitesource.config.json` in your project, s
### fortifyScan
The Fortify scan is configured using the step fortifyExecuteScan.
The stage is executed in the productive branch when the parameter `fortifyCredentialsId` in the step config of fortifyExecuteScan is defined.
The stage is executed in the productive branch when the parameter `fortifyCredentialsId` in the step config of [`fortifyExecuteScan`](https://sap.github.io/jenkins-library/steps/fortifyExecuteScan/) is defined.
### lint
@ -462,9 +462,9 @@ The options for the use of linting tools remain the same and are described in th
Note, the available configuration options can be found in the related [step documentation](https://sap.github.io/jenkins-library/steps/npmExecuteLint/#parameters).
### sonarQubeScan
### compliance
Configure [SonarQube](https://www.sonarqube.org/) scans.
The stage `compliance` executes [SonarQube](https://www.sonarqube.org/) scans, if the step [`sonarExecuteScan`](https://sap.github.io/jenkins-library/steps/sonarExecuteScan/) is configured.
This is an optional feature for teams who prefer to use SonarQube.
Note that it does some scans that are already done by the pipeline by default.
@ -472,10 +472,6 @@ Note that it does some scans that are already done by the pipeline by default.
| Property | Mandatory | Default Value | Description |
| --- | --- | --- | --- |
| `runInAllBranches` | | false | Define whether the scan should also happen in non productive branches, i.e. if your SonarQube instance supports that. |
| `projectKey` | X | | The project is used to refer your project. |
| `instance` | X | | This property refers to a sonarqube instance, which needs to be defined in the Jenkins. |
| `dockerImage` | | ppiper/node-browsers:v3 | This property refers to a docker image which will be used for triggering the sonar scan. In case your sonar instance uses a self signed certificate, a docker image with that certificate installed can be used. |
| `sonarProperties` | | | The properties are used to configure sonar. Please refer to the example below. |
**Note:** The stage is skipped by default if you're not on a productive branch (`master` by default).
You can change this by setting `runInAllBranches` to `true`, which requires the commercial version of SonarQube.
@ -483,13 +479,8 @@ You can change this by setting `runInAllBranches` to `true`, which requires the
Example:
```yaml
sonarQubeScan:
projectKey: "my-project"
instance: "MySonar"
dockerImage: 'myDockerImage'
sonarProperties:
- 'sonar.jacoco.reportPaths=s4hana_pipeline/reports/coverage-reports/unit-tests.exec,s4hana_pipeline/reports/coverage-reports/integration-tests.exec'
- 'sonar.sources=./application'
compliance:
runInAllBranches: true
```
### postPipelineHook

1
documentation/mkdocs.yml
View File

@ -35,6 +35,7 @@ nav:
- 'Integration Tests': stages/integration.md
- 'End to End Tests': stages/acceptance.md
- 'Security': stages/security.md
- 'Compliance': stages/compliance.md
- 'Performance': stages/performance.md
- 'Production Deployment': stages/release.md
- 'Build Tools': pipelines/cloud-sdk/build-tools.md