jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-03-03 15:02:35 +02:00
Code Issues Releases Activity
sap-jenkins-library/resources/metadata/sonarExecuteScan.yaml
Srinikitha Kondreddy 1d78ef35d4
Add proxy config to sonar scan step (#4333) 
* Add proxy config for sonar scan step

Update sonar.go

Import fmt

Update sonar.go

Use serverUrl from config

Update sonarExecuteScan.go

Add proxy param

Add proxy check

Update sonarExecuteScan.go

Update sonarExecuteScan.go

Update http.go

Update sonarExecuteScan.go

Update sonarExecuteScan.go

Add env variable

Fix typo

Fix string

Split host port

Typo

Remove echoes

* Code review change

* Refactor

* Update cmd/sonarExecuteScan.go

Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>

* Add proxy config for sonar scan step

Update sonar.go

Import fmt

Update sonar.go

Use serverUrl from config

Update sonarExecuteScan.go

Add proxy param

Add proxy check

Update sonarExecuteScan.go

Update sonarExecuteScan.go

Update http.go

Update sonarExecuteScan.go

Update sonarExecuteScan.go

Add env variable

Fix typo

Fix string

Split host port

Typo

Remove echoes

* Code review change

* Refactor

* Update cmd/sonarExecuteScan.go

Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>

* Add compatability to other usecases

---------

Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>
2023-05-16 09:31:33 +02:00

317 lines
11 KiB
YAML
Raw Blame History

metadata:
name: sonarExecuteScan
description: Executes the Sonar scanner
longDescription: "The step executes the [sonar-scanner](https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner)
cli command to scan the defined sources and publish the results to a SonarQube instance."
spec:
inputs:
secrets:
- name: sonarTokenCredentialsId
type: jenkins
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Sonar Server."
- name: githubTokenCredentialsId
type: jenkins
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
with the Github Server."
params:
- name: instance
type: string
description: "Jenkins only: The name of the SonarQube instance defined in the Jenkins settings.
DEPRECATED: use serverUrl parameter instead"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: proxy
type: string
description: Proxy URL to be used for communication with the SonarQube instance.
scope:
- PARAMETERS
- STEPS
- STAGES
- name: serverUrl
aliases:
- name: host
- name: sonarServerUrl
type: string
description: "The URL to the Sonar backend."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: token
type: string
description: "Token used to authenticate with the Sonar Server."
scope:
- PARAMETERS
secret: true
resourceRef:
- type: vaultSecret
name: sonarVaultSecretName
default: sonar
- name: sonarTokenCredentialsId
type: secret
aliases:
- name: sonarToken
- name: organization
type: string
description: "SonarCloud.io only: Organization that the project will be assigned to in SonarCloud.io."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: customTlsCertificateLinks
type: "[]string"
description: "List of download links to custom TLS certificates.
This is required to ensure trusted connections to instances with custom certificates."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: sonarScannerDownloadUrl
type: string
description: "URL to the sonar-scanner-cli archive."
default: "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: versioningModel
type: string
description: "The versioning model used for the version when reporting the results for the project."
scope: [GENERAL, STAGES, STEPS, PARAMETERS]
default: "major"
possibleValues:
- major
- major-minor
- semantic
- full
- name: version
aliases:
- name: projectVersion
deprecated: true
type: string
description: "The project version that is reported to SonarQube."
scope:
- PARAMETERS
- STAGES
- STEPS
resourceRef:
- name: commonPipelineEnvironment
param: artifactVersion
- name: customScanVersion
type: string
description: "A custom version used along with the uploaded scan results."
longDescription: |-
Defines a custom version for the Sonar scan which deviates from the typical versioning pattern using [`version`](#version) and [`versioningModel`](#versioningModel).
It allows to set non-numeric versions as well and supersedes the value of [`version`](#version) which is calculated automatically.
The parameter is also used by other scan steps (e.g. Detect, Fortify, WhiteSource) and thus allows a common custom version across scan tools.
scope: [GENERAL, STAGES, STEPS, PARAMETERS]
- name: projectKey
type: string
description: "The project key identifies the project in SonarQube."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: coverageExclusions
type: "[]string"
description: "A list of patterns that should be excluded from the coverage scan."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferJavaBinaries
type: bool
description: "Find the location of generated Java class files in all modules
and pass the option `sonar.java.binaries to the sonar tool."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferJavaLibraries
type: bool
description: "If the parameter `m2Path` is configured for the step `mavenExecute`
in the general section of the configuration, pass it as option `sonar.java.libraries`
to the sonar tool."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: options
type: "[]string"
description: "A list of options which are passed to the sonar-scanner."
scope:
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: sonarProperties
deprecated: true
- name: waitForQualityGate
type: bool
description: "Whether the scan should wait for and consider the result of the quality gate."
scope:
- PARAMETERS
- STAGES
- STEPS
# Parameters for non-PR scans
- name: branchName
type: string
description: "Non-Pull-Request only: Name of the SonarQube branch that should be used to report findings to. Automatically inferred from environment variables on supported orchestrators if `inferBranchName` is set to true."
scope:
- PARAMETERS
- STAGES
- STEPS
- name: inferBranchName
type: bool
description: "Whether to infer the `branchName` parameter automatically based on the
orchestrator-specific environment variable in runs of the pipeline."
scope:
- PARAMETERS
- STAGES
- STEPS
# Parameters for PR-Handling
- name: changeId
type: string
description: "Pull-Request only: The id of the pull-request. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: changeBranch
type: string
description: "Pull-Request only: The name of the pull-request branch. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: changeTarget
type: string
description: "Pull-Request only: The name of the base branch. Automatically inferred from environment variables on supported orchestrators."
scope:
- PARAMETERS
- name: pullRequestProvider
type: string
description: "Pull-Request only: The scm provider."
default: GitHub
possibleValues:
- GitHub
scope:
- PARAMETERS
- STAGES
- STEPS
- name: owner
type: string
description: "Pull-Request only: The owner of the scm repository."
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: githubOrg
resourceRef:
- name: commonPipelineEnvironment
param: github/owner
- name: repository
type: string
description: "Pull-Request only: The scm repository."
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
aliases:
- name: githubRepo
resourceRef:
- name: commonPipelineEnvironment
param: github/repository
# Parameters for legacy PR-Handling
- name: githubToken
type: string
description: "Pull-Request only: Token for Github to set status on the Pull-Request."
scope:
- PARAMETERS
secret: true
aliases:
- name: access_token
resourceRef:
- name: githubTokenCredentialsId
type: secret
- type: vaultSecret
name: githubVaultSecretName
default: github
- name: disableInlineComments
type: bool
description: "Pull-Request only: Disables the pull-request decoration with inline comments.
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: legacyPRHandling
type: bool
description: "Pull-Request only: Activates the pull-request handling using
the [GitHub Plugin](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin).
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- PARAMETERS
- STAGES
- STEPS
- name: githubApiUrl
type: string
description: "Pull-Request only: The URL to the Github API.
See [GitHub plugin docs](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin#GitHubPlugin-Usage)
DEPRECATED: only supported in SonarQube < 7.2"
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
default: https://api.github.com
# Global maven settings, should be added to all maven steps
- name: m2Path
type: string
description: "Path to the location of the local repository that should be used."
scope:
- GENERAL
- STEPS
- STAGES
- PARAMETERS
aliases:
- name: maven/m2Path
outputs:
resources:
- name: reports
type: reports
params:
- filePattern: "**/sonarscan.json"
type: sonarqube
- filePattern: "**/sonarscan-result.json"
type: sonarqube
- name: influx
type: influx
params:
- name: step_data
fields:
- name: sonar
type: bool
- name: sonarqube_data
fields:
- name: blocker_issues
type: int
- name: critical_issues
type: int
- name: major_issues
type: int
- name: minor_issues
type: int
- name: info_issues
type: int
containers:
- name: sonar
image: sonarsource/sonar-scanner-cli:4.7
options:
- name: -u
value: "0"
Reference in New Issue View Git Blame Copy Permalink