mirror of
https://github.com/SAP/jenkins-library.git
synced 2024-12-14 11:03:09 +02:00
265 lines
8.4 KiB
YAML
265 lines
8.4 KiB
YAML
metadata:
|
|
name: sonarExecuteScan
|
|
description: Executes the Sonar scanner
|
|
longDescription: "The step executes the [sonar-scanner](https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner)
|
|
cli command to scan the defined sources and publish the results to a SonarQube instance."
|
|
spec:
|
|
inputs:
|
|
secrets:
|
|
- name: sonarTokenCredentialsId
|
|
type: jenkins
|
|
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
|
|
with the Sonar Server."
|
|
- name: githubTokenCredentialsId
|
|
type: jenkins
|
|
description: "Jenkins 'Secret text' credentials ID containing the token used to authenticate
|
|
with the Github Server."
|
|
params:
|
|
- name: instance
|
|
type: string
|
|
description: "Jenkins only: The name of the SonarQube instance defined in the Jenkins settings.
|
|
DEPRECATED: use serverUrl parameter instead"
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default: "SonarCloud"
|
|
- name: serverUrl
|
|
aliases:
|
|
- name: host
|
|
- name: sonarServerUrl
|
|
type: string
|
|
description: "The URL to the Sonar backend."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: token
|
|
type: string
|
|
description: "Token used to authenticate with the Sonar Server."
|
|
scope:
|
|
- PARAMETERS
|
|
secret: true
|
|
resourceRef:
|
|
- type: vaultSecret
|
|
paths:
|
|
- $(vaultPath)/sonar
|
|
- $(vaultBasePath)/$(vaultPipelineName)/sonar
|
|
- $(vaultBasePath)/GROUP-SECRETS/sonar
|
|
- name: sonarTokenCredentialsId
|
|
type: secret
|
|
aliases:
|
|
- name: sonarToken
|
|
- name: organization
|
|
type: string
|
|
description: "SonarCloud.io only: Organization that the project will be assigned to in SonarCloud.io."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: customTlsCertificateLinks
|
|
type: "[]string"
|
|
description: "List of download links to custom TLS certificates.
|
|
This is required to ensure trusted connections to instances with custom certificates."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: sonarScannerDownloadUrl
|
|
type: string
|
|
description: "URL to the sonar-scanner-cli archive."
|
|
default: "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.5.0.2216-linux.zip"
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: projectVersion
|
|
type: string
|
|
description: "The project version that is reported to SonarQube."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: artifactVersion
|
|
- name: projectKey
|
|
type: string
|
|
description: "The project key identifies the project in SonarQube."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: coverageExclusions
|
|
type: "[]string"
|
|
description: "A list of patterns that should be excluded from the coverage scan."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: inferJavaBinaries
|
|
type: bool
|
|
description: "Find the location of generated Java class files in all modules
|
|
and pass the option `sonar.java.binaries to the sonar tool."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: inferJavaLibraries
|
|
type: bool
|
|
description: "If the parameter `m2Path` is configured for the step `mavenExecute`
|
|
in the general section of the configuration, pass it as option `sonar.java.libraries`
|
|
to the sonar tool."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: options
|
|
type: "[]string"
|
|
description: "A list of options which are passed to the sonar-scanner."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
aliases:
|
|
- name: sonarProperties
|
|
deprecated: true
|
|
# Parameters for non-PR scans
|
|
- name: branchName
|
|
type: string
|
|
description: "Non-Pull-Request only: Name of the SonarQube branch that should be used to report findings to."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: inferBranchName
|
|
type: bool
|
|
description: "Jenkins only: Whether to infer the `branchName` parameter automatically based on the
|
|
`BRANCH_NAME` environment variable in non-productive runs of the pipeline."
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
# Parameters for PR-Handling
|
|
- name: changeId
|
|
type: string
|
|
description: "Pull-Request only: The id of the pull-request."
|
|
scope:
|
|
- PARAMETERS
|
|
- name: changeBranch
|
|
type: string
|
|
description: "Pull-Request only: The name of the pull-request branch."
|
|
scope:
|
|
- PARAMETERS
|
|
- name: changeTarget
|
|
type: string
|
|
description: "Pull-Request only: The name of the base branch."
|
|
scope:
|
|
- PARAMETERS
|
|
- name: pullRequestProvider
|
|
type: string
|
|
description: "Pull-Request only: The scm provider."
|
|
default: GitHub
|
|
possibleValues:
|
|
- GitHub
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: owner
|
|
type: string
|
|
description: "Pull-Request only: The owner of the scm repository."
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
aliases:
|
|
- name: githubOrg
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: github/owner
|
|
- name: repository
|
|
type: string
|
|
description: "Pull-Request only: The scm repository."
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
aliases:
|
|
- name: githubRepo
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: github/repository
|
|
# Parameters for legacy PR-Handling
|
|
- name: githubToken
|
|
type: string
|
|
description: "Pull-Request only: Token for Github to set status on the Pull-Request."
|
|
scope:
|
|
- PARAMETERS
|
|
secret: true
|
|
aliases:
|
|
- name: access_token
|
|
resourceRef:
|
|
- name: githubTokenCredentialsId
|
|
type: secret
|
|
- type: vaultSecret
|
|
paths:
|
|
- $(vaultPath)/github
|
|
- $(vaultBasePath)/$(vaultPipelineName)/github
|
|
- $(vaultBasePath)/GROUP-SECRETS/github
|
|
- name: disableInlineComments
|
|
type: bool
|
|
description: "Pull-Request only: Disables the pull-request decoration with inline comments.
|
|
DEPRECATED: only supported in SonarQube < 7.2"
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: legacyPRHandling
|
|
type: bool
|
|
description: "Pull-Request only: Activates the pull-request handling using
|
|
the [GitHub Plugin](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin).
|
|
DEPRECATED: only supported in SonarQube < 7.2"
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: githubApiUrl
|
|
type: string
|
|
description: "Pull-Request only: The URL to the Github API.
|
|
See [GitHub plugin docs](https://docs.sonarqube.org/display/PLUG/GitHub+Plugin#GitHubPlugin-Usage)
|
|
DEPRECATED: only supported in SonarQube < 7.2"
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default: https://api.github.com
|
|
|
|
# Global maven settings, should be added to all maven steps
|
|
- name: m2Path
|
|
type: string
|
|
description: "Path to the location of the local repository that should be used."
|
|
scope:
|
|
- GENERAL
|
|
- STEPS
|
|
- STAGES
|
|
- PARAMETERS
|
|
aliases:
|
|
- name: maven/m2Path
|
|
|
|
outputs:
|
|
resources:
|
|
- name: influx
|
|
type: influx
|
|
params:
|
|
- name: step_data
|
|
fields:
|
|
- name: sonar
|
|
type: bool
|
|
containers:
|
|
- name: sonar
|
|
image: sonarsource/sonar-scanner-cli:4.5
|