source.dussan.org Git - sonarqube.git/blob

   1 // Jest Snapshot v1, https://goo.gl/fbAQLP
   2
   3 exports[`should follow and complete all steps: .NET: gitlab-ci.yml 1`] = `
   4 "image: mcr.microsoft.com/dotnet/sdk:7.0
   5
   6 variables:
   7   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
   8   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
   9
  10 stages:
  11   - sonarqube-check
  12   - sonarqube-vulnerability-report
  13
  14 sonarqube-check:
  15   stage: sonarqube-check
  16   dependencies:
  17     - get-binaries
  18     - build
  19   cache:
  20     policy: pull
  21     key: "\${CI_COMMIT_SHORT_SHA}"
  22     paths:
  23       - sonar-scanner/
  24
  25
  26   script:
  27       - "apt-get update"
  28       - "apt-get install --yes --no-install-recommends openjdk-17-jre"
  29       - "dotnet tool install --global dotnet-sonarscanner"
  30       - "export PATH=\\"$PATH:$HOME/.dotnet/tools\\""
  31       - "dotnet sonarscanner begin /k:\\"my-project\\" /d:sonar.token=\\"$SONAR_TOKEN\\" /d:\\"sonar.host.url=$SONAR_HOST_URL\\" "
  32       - "dotnet build"
  33       - "dotnet sonarscanner end /d:sonar.token=\\"$SONAR_TOKEN\\""
  34   allow_failure: true
  35   rules:
  36     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  37     - if: $CI_COMMIT_BRANCH == 'master'
  38     - if: $CI_COMMIT_BRANCH == 'main'
  39     - if: $CI_COMMIT_BRANCH == 'develop'
  40
  41 sonarqube-vulnerability-report:
  42   stage: sonarqube-vulnerability-report
  43   script:
  44     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
  45   allow_failure: true
  46   rules:
  47     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  48     - if: $CI_COMMIT_BRANCH == 'master'
  49     - if: $CI_COMMIT_BRANCH == 'main'
  50     - if: $CI_COMMIT_BRANCH == 'develop'
  51   artifacts:
  52     expire_in: 1 day
  53     reports:
  54       sast: gl-sast-sonar-report.json
  55 "
  56 `;
  57
  58 exports[`should follow and complete all steps: CPP - macos: gitlab-ci.yml 1`] = `
  59 "image: gcc
  60
  61 variables:
  62   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
  63   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  64
  65
  66 stages:
  67   - get-binaries
  68   - build
  69   - sonarqube-check
  70   - sonarqube-vulnerability-report
  71
  72 get-binaries:
  73   stage: get-binaries
  74   cache:
  75     policy: push
  76     key: "\${CI_COMMIT_SHORT_SHA}"
  77     paths:
  78       - sonar-scanner/
  79
  80   script:
  81     # Download sonar-scanner
  82     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-macosx.zip'
  83     - unzip -o sonar-scanner.zip
  84     - mv sonar-scanner-6.0.0.4432-macosx sonar-scanner
  85
  86
  87   rules:
  88     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  89     - if: $CI_COMMIT_BRANCH == 'master'
  90     - if: $CI_COMMIT_BRANCH == 'main'
  91     - if: $CI_COMMIT_BRANCH == 'develop'
  92
  93 build:
  94   stage: build
  95   script:
  96     # prepare the build tree
  97     - mkdir build
  98
  99   cache:
 100     policy: pull-push
 101     key: "\${CI_COMMIT_SHORT_SHA}"
 102     paths:
 103     - sonar-scanner/
 104
 105
 106 sonarqube-check:
 107   stage: sonarqube-check
 108   dependencies:
 109     - get-binaries
 110     - build
 111   cache:
 112     policy: pull
 113     key: "\${CI_COMMIT_SHORT_SHA}"
 114     paths:
 115       - sonar-scanner/
 116
 117
 118   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 119   allow_failure: true
 120   rules:
 121     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 122     - if: $CI_COMMIT_BRANCH == 'master'
 123     - if: $CI_COMMIT_BRANCH == 'main'
 124     - if: $CI_COMMIT_BRANCH == 'develop'
 125
 126 sonarqube-vulnerability-report:
 127   stage: sonarqube-vulnerability-report
 128   script:
 129     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 130   allow_failure: true
 131   rules:
 132     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 133     - if: $CI_COMMIT_BRANCH == 'master'
 134     - if: $CI_COMMIT_BRANCH == 'main'
 135     - if: $CI_COMMIT_BRANCH == 'develop'
 136   artifacts:
 137     expire_in: 1 day
 138     reports:
 139       sast: gl-sast-sonar-report.json
 140 "
 141 `;
 142
 143 exports[`should follow and complete all steps: CPP - macos: gitlab-ci.yml 2`] = `
 144 "image: gcc
 145
 146 variables:
 147   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 148   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 149   BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
 150
 151 stages:
 152   - get-binaries
 153   - build
 154   - sonarqube-check
 155   - sonarqube-vulnerability-report
 156
 157 get-binaries:
 158   stage: get-binaries
 159   cache:
 160     policy: push
 161     key: "\${CI_COMMIT_SHORT_SHA}"
 162     paths:
 163       - sonar-scanner/
 164       - build-wrapper/
 165   script:
 166     # Download sonar-scanner
 167     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-macosx.zip'
 168     - unzip -o sonar-scanner.zip
 169     - mv sonar-scanner-6.0.0.4432-macosx sonar-scanner
 170     # Download build-wrapper
 171     - curl -sSLo ./build-wrapper-macosx-x86.zip "$SONAR_HOST_URL/static/cpp/build-wrapper-macosx-x86.zip"
 172     - unzip -o build-wrapper-macosx-x86.zip
 173     - mv build-wrapper-macosx-x86 build-wrapper
 174
 175   rules:
 176     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 177     - if: $CI_COMMIT_BRANCH == 'master'
 178     - if: $CI_COMMIT_BRANCH == 'main'
 179     - if: $CI_COMMIT_BRANCH == 'develop'
 180
 181 build:
 182   stage: build
 183   script:
 184     # prepare the build tree
 185     - mkdir build
 186     - build-wrapper/build-wrapper-macosx-x86 --out-dir "\${BUILD_WRAPPER_OUT_DIR}" <your clean build command>
 187   cache:
 188     policy: pull-push
 189     key: "\${CI_COMMIT_SHORT_SHA}"
 190     paths:
 191     - sonar-scanner/
 192     - build-wrapper/
 193     - "\${BUILD_WRAPPER_OUT_DIR}"
 194
 195 sonarqube-check:
 196   stage: sonarqube-check
 197   dependencies:
 198     - get-binaries
 199     - build
 200   cache:
 201     policy: pull
 202     key: "\${CI_COMMIT_SHORT_SHA}"
 203     paths:
 204       - sonar-scanner/
 205       - "\${BUILD_WRAPPER_OUT_DIR}"
 206
 207   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 208   allow_failure: true
 209   rules:
 210     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 211     - if: $CI_COMMIT_BRANCH == 'master'
 212     - if: $CI_COMMIT_BRANCH == 'main'
 213     - if: $CI_COMMIT_BRANCH == 'develop'
 214
 215 sonarqube-vulnerability-report:
 216   stage: sonarqube-vulnerability-report
 217   script:
 218     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 219   allow_failure: true
 220   rules:
 221     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 222     - if: $CI_COMMIT_BRANCH == 'master'
 223     - if: $CI_COMMIT_BRANCH == 'main'
 224     - if: $CI_COMMIT_BRANCH == 'develop'
 225   artifacts:
 226     expire_in: 1 day
 227     reports:
 228       sast: gl-sast-sonar-report.json
 229 "
 230 `;
 231
 232 exports[`should follow and complete all steps: CPP - manual: gitlab-ci.yml 1`] = `
 233 "image: gcc
 234
 235 variables:
 236   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 237   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 238   BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
 239
 240 stages:
 241   - get-binaries
 242   - build
 243   - sonarqube-check
 244   - sonarqube-vulnerability-report
 245
 246 get-binaries:
 247   stage: get-binaries
 248   cache:
 249     policy: push
 250     key: "\${CI_COMMIT_SHORT_SHA}"
 251     paths:
 252       - sonar-scanner/
 253       - build-wrapper/
 254   script:
 255     # Download sonar-scanner
 256     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-linux.zip'
 257     - unzip -o sonar-scanner.zip
 258     - mv sonar-scanner-6.0.0.4432-linux sonar-scanner
 259     # Download build-wrapper
 260     - curl -sSLo ./build-wrapper-linux-x86.zip "$SONAR_HOST_URL/static/cpp/build-wrapper-linux-x86.zip"
 261     - unzip -o build-wrapper-linux-x86.zip
 262     - mv build-wrapper-linux-x86 build-wrapper
 263
 264   rules:
 265     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 266     - if: $CI_COMMIT_BRANCH == 'master'
 267     - if: $CI_COMMIT_BRANCH == 'main'
 268     - if: $CI_COMMIT_BRANCH == 'develop'
 269
 270 build:
 271   stage: build
 272   script:
 273     # prepare the build tree
 274     - mkdir build
 275     - build-wrapper/build-wrapper-linux-x86-64 --out-dir "\${BUILD_WRAPPER_OUT_DIR}" <your clean build command>
 276   cache:
 277     policy: pull-push
 278     key: "\${CI_COMMIT_SHORT_SHA}"
 279     paths:
 280     - sonar-scanner/
 281     - build-wrapper/
 282     - "\${BUILD_WRAPPER_OUT_DIR}"
 283
 284 sonarqube-check:
 285   stage: sonarqube-check
 286   dependencies:
 287     - get-binaries
 288     - build
 289   cache:
 290     policy: pull
 291     key: "\${CI_COMMIT_SHORT_SHA}"
 292     paths:
 293       - sonar-scanner/
 294       - "\${BUILD_WRAPPER_OUT_DIR}"
 295
 296   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 297   allow_failure: true
 298   rules:
 299     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 300     - if: $CI_COMMIT_BRANCH == 'master'
 301     - if: $CI_COMMIT_BRANCH == 'main'
 302     - if: $CI_COMMIT_BRANCH == 'develop'
 303
 304 sonarqube-vulnerability-report:
 305   stage: sonarqube-vulnerability-report
 306   script:
 307     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 308   allow_failure: true
 309   rules:
 310     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 311     - if: $CI_COMMIT_BRANCH == 'master'
 312     - if: $CI_COMMIT_BRANCH == 'main'
 313     - if: $CI_COMMIT_BRANCH == 'develop'
 314   artifacts:
 315     expire_in: 1 day
 316     reports:
 317       sast: gl-sast-sonar-report.json
 318 "
 319 `;
 320
 321 exports[`should follow and complete all steps: CPP - windows: gitlab-ci.yml 1`] = `
 322 "image: gcc
 323
 324 variables:
 325   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 326   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 327
 328
 329 stages:
 330   - get-binaries
 331   - build
 332   - sonarqube-check
 333   - sonarqube-vulnerability-report
 334
 335 get-binaries:
 336   stage: get-binaries
 337   cache:
 338     policy: push
 339     key: "\${CI_COMMIT_SHORT_SHA}"
 340     paths:
 341       - sonar-scanner/
 342
 343   script:
 344     # Download sonar-scanner
 345     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-windows.zip'
 346     - unzip -o sonar-scanner.zip
 347     - mv sonar-scanner-6.0.0.4432-windows sonar-scanner
 348
 349
 350   rules:
 351     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 352     - if: $CI_COMMIT_BRANCH == 'master'
 353     - if: $CI_COMMIT_BRANCH == 'main'
 354     - if: $CI_COMMIT_BRANCH == 'develop'
 355
 356 build:
 357   stage: build
 358   script:
 359     # prepare the build tree
 360     - mkdir build
 361
 362   cache:
 363     policy: pull-push
 364     key: "\${CI_COMMIT_SHORT_SHA}"
 365     paths:
 366     - sonar-scanner/
 367
 368
 369 sonarqube-check:
 370   stage: sonarqube-check
 371   dependencies:
 372     - get-binaries
 373     - build
 374   cache:
 375     policy: pull
 376     key: "\${CI_COMMIT_SHORT_SHA}"
 377     paths:
 378       - sonar-scanner/
 379
 380
 381   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 382   allow_failure: true
 383   rules:
 384     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 385     - if: $CI_COMMIT_BRANCH == 'master'
 386     - if: $CI_COMMIT_BRANCH == 'main'
 387     - if: $CI_COMMIT_BRANCH == 'develop'
 388
 389 sonarqube-vulnerability-report:
 390   stage: sonarqube-vulnerability-report
 391   script:
 392     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 393   allow_failure: true
 394   rules:
 395     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 396     - if: $CI_COMMIT_BRANCH == 'master'
 397     - if: $CI_COMMIT_BRANCH == 'main'
 398     - if: $CI_COMMIT_BRANCH == 'develop'
 399   artifacts:
 400     expire_in: 1 day
 401     reports:
 402       sast: gl-sast-sonar-report.json
 403 "
 404 `;
 405
 406 exports[`should follow and complete all steps: CPP - windows: gitlab-ci.yml 2`] = `
 407 "image: gcc
 408
 409 variables:
 410   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 411   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 412   BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
 413
 414 stages:
 415   - get-binaries
 416   - build
 417   - sonarqube-check
 418   - sonarqube-vulnerability-report
 419
 420 get-binaries:
 421   stage: get-binaries
 422   cache:
 423     policy: push
 424     key: "\${CI_COMMIT_SHORT_SHA}"
 425     paths:
 426       - sonar-scanner/
 427       - build-wrapper/
 428   script:
 429     # Download sonar-scanner
 430     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-windows.zip'
 431     - unzip -o sonar-scanner.zip
 432     - mv sonar-scanner-6.0.0.4432-windows sonar-scanner
 433     # Download build-wrapper
 434     - curl -sSLo ./build-wrapper-win-x86.zip "$SONAR_HOST_URL/static/cpp/build-wrapper-win-x86.zip"
 435     - unzip -o build-wrapper-win-x86.zip
 436     - mv build-wrapper-win-x86 build-wrapper
 437
 438   rules:
 439     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 440     - if: $CI_COMMIT_BRANCH == 'master'
 441     - if: $CI_COMMIT_BRANCH == 'main'
 442     - if: $CI_COMMIT_BRANCH == 'develop'
 443
 444 build:
 445   stage: build
 446   script:
 447     # prepare the build tree
 448     - mkdir build
 449     - build-wrapper/build-wrapper-win-x86-64.exe --out-dir "\${BUILD_WRAPPER_OUT_DIR}" <your clean build command>
 450   cache:
 451     policy: pull-push
 452     key: "\${CI_COMMIT_SHORT_SHA}"
 453     paths:
 454     - sonar-scanner/
 455     - build-wrapper/
 456     - "\${BUILD_WRAPPER_OUT_DIR}"
 457
 458 sonarqube-check:
 459   stage: sonarqube-check
 460   dependencies:
 461     - get-binaries
 462     - build
 463   cache:
 464     policy: pull
 465     key: "\${CI_COMMIT_SHORT_SHA}"
 466     paths:
 467       - sonar-scanner/
 468       - "\${BUILD_WRAPPER_OUT_DIR}"
 469
 470   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 471   allow_failure: true
 472   rules:
 473     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 474     - if: $CI_COMMIT_BRANCH == 'master'
 475     - if: $CI_COMMIT_BRANCH == 'main'
 476     - if: $CI_COMMIT_BRANCH == 'develop'
 477
 478 sonarqube-vulnerability-report:
 479   stage: sonarqube-vulnerability-report
 480   script:
 481     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 482   allow_failure: true
 483   rules:
 484     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 485     - if: $CI_COMMIT_BRANCH == 'master'
 486     - if: $CI_COMMIT_BRANCH == 'main'
 487     - if: $CI_COMMIT_BRANCH == 'develop'
 488   artifacts:
 489     expire_in: 1 day
 490     reports:
 491       sast: gl-sast-sonar-report.json
 492 "
 493 `;
 494
 495 exports[`should follow and complete all steps: CPP: gitlab-ci.yml 1`] = `
 496 "image: gcc
 497
 498 variables:
 499   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 500   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 501
 502
 503 stages:
 504   - get-binaries
 505   - build
 506   - sonarqube-check
 507   - sonarqube-vulnerability-report
 508
 509 get-binaries:
 510   stage: get-binaries
 511   cache:
 512     policy: push
 513     key: "\${CI_COMMIT_SHORT_SHA}"
 514     paths:
 515       - sonar-scanner/
 516
 517   script:
 518     # Download sonar-scanner
 519     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.0.0.4432-linux.zip'
 520     - unzip -o sonar-scanner.zip
 521     - mv sonar-scanner-6.0.0.4432-linux sonar-scanner
 522
 523
 524   rules:
 525     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 526     - if: $CI_COMMIT_BRANCH == 'master'
 527     - if: $CI_COMMIT_BRANCH == 'main'
 528     - if: $CI_COMMIT_BRANCH == 'develop'
 529
 530 build:
 531   stage: build
 532   script:
 533     # prepare the build tree
 534     - mkdir build
 535
 536   cache:
 537     policy: pull-push
 538     key: "\${CI_COMMIT_SHORT_SHA}"
 539     paths:
 540     - sonar-scanner/
 541
 542
 543 sonarqube-check:
 544   stage: sonarqube-check
 545   dependencies:
 546     - get-binaries
 547     - build
 548   cache:
 549     policy: pull
 550     key: "\${CI_COMMIT_SHORT_SHA}"
 551     paths:
 552       - sonar-scanner/
 553
 554
 555   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 556   allow_failure: true
 557   rules:
 558     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 559     - if: $CI_COMMIT_BRANCH == 'master'
 560     - if: $CI_COMMIT_BRANCH == 'main'
 561     - if: $CI_COMMIT_BRANCH == 'develop'
 562
 563 sonarqube-vulnerability-report:
 564   stage: sonarqube-vulnerability-report
 565   script:
 566     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 567   allow_failure: true
 568   rules:
 569     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 570     - if: $CI_COMMIT_BRANCH == 'master'
 571     - if: $CI_COMMIT_BRANCH == 'main'
 572     - if: $CI_COMMIT_BRANCH == 'develop'
 573   artifacts:
 574     expire_in: 1 day
 575     reports:
 576       sast: gl-sast-sonar-report.json
 577 "
 578 `;
 579
 580 exports[`should follow and complete all steps: CPP: sonar-project.properties 1`] = `
 581 "sonar.projectKey=my-project
 582 sonar.qualitygate.wait=true
 583 "
 584 `;
 585
 586 exports[`should follow and complete all steps: Gradle: gitlab-ci.yml 1`] = `
 587 "image: gradle:8.2.0-jdk17-jammy
 588
 589 variables:
 590   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 591   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 592
 593 stages:
 594   - sonarqube-check
 595   - sonarqube-vulnerability-report
 596
 597 sonarqube-check:
 598   stage: sonarqube-check
 599   dependencies:
 600     - get-binaries
 601     - build
 602   cache:
 603     policy: pull
 604     key: "\${CI_COMMIT_SHORT_SHA}"
 605     paths:
 606       - sonar-scanner/
 607
 608
 609   script: gradle sonar
 610   allow_failure: true
 611   rules:
 612     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 613     - if: $CI_COMMIT_BRANCH == 'master'
 614     - if: $CI_COMMIT_BRANCH == 'main'
 615     - if: $CI_COMMIT_BRANCH == 'develop'
 616
 617 sonarqube-vulnerability-report:
 618   stage: sonarqube-vulnerability-report
 619   script:
 620     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 621   allow_failure: true
 622   rules:
 623     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 624     - if: $CI_COMMIT_BRANCH == 'master'
 625     - if: $CI_COMMIT_BRANCH == 'main'
 626     - if: $CI_COMMIT_BRANCH == 'develop'
 627   artifacts:
 628     expire_in: 1 day
 629     reports:
 630       sast: gl-sast-sonar-report.json
 631 "
 632 `;
 633
 634 exports[`should follow and complete all steps: Groovy: build.gradle 1`] = `
 635 "plugins {
 636   id "org.sonarqube" version "5.0.0.4638"
 637 }
 638
 639 sonar {
 640   properties {
 641     property "sonar.projectKey", "my-project"
 642     property "sonar.projectName", "MyProject"
 643     property "sonar.qualitygate.wait", true
 644   }
 645 }"
 646 `;
 647
 648 exports[`should follow and complete all steps: Kotlin: build.gradle.kts 1`] = `
 649 "plugins {
 650   id ("org.sonarqube") version "5.0.0.4638"
 651 }
 652
 653 sonar {
 654   properties {
 655     property("sonar.projectKey", "my-project")
 656     property("sonar.projectName", "MyProject")
 657     property("sonar.qualitygate.wait", true)
 658   }
 659 }"
 660 `;
 661
 662 exports[`should follow and complete all steps: Maven: gitlab-ci.yml 1`] = `
 663 "image: maven:3-eclipse-temurin-17
 664
 665 variables:
 666   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 667   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 668
 669 stages:
 670   - sonarqube-check
 671   - sonarqube-vulnerability-report
 672
 673 sonarqube-check:
 674   stage: sonarqube-check
 675   dependencies:
 676     - get-binaries
 677     - build
 678   cache:
 679     policy: pull
 680     key: "\${CI_COMMIT_SHORT_SHA}"
 681     paths:
 682       - sonar-scanner/
 683
 684
 685   script:
 686     - mvn verify sonar:sonar
 687   allow_failure: true
 688   rules:
 689     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 690     - if: $CI_COMMIT_BRANCH == 'master'
 691     - if: $CI_COMMIT_BRANCH == 'main'
 692     - if: $CI_COMMIT_BRANCH == 'develop'
 693
 694 sonarqube-vulnerability-report:
 695   stage: sonarqube-vulnerability-report
 696   script:
 697     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 698   allow_failure: true
 699   rules:
 700     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 701     - if: $CI_COMMIT_BRANCH == 'master'
 702     - if: $CI_COMMIT_BRANCH == 'main'
 703     - if: $CI_COMMIT_BRANCH == 'develop'
 704   artifacts:
 705     expire_in: 1 day
 706     reports:
 707       sast: gl-sast-sonar-report.json
 708 "
 709 `;
 710
 711 exports[`should follow and complete all steps: Maven: pom.xml 1`] = `
 712 "<properties>
 713   <sonar.projectKey>my-project</sonar.projectKey>
 714   <sonar.projectName>MyProject</sonar.projectName>
 715   <sonar.qualitygate.wait>true</sonar.qualitygate.wait>
 716 </properties>"
 717 `;
 718
 719 exports[`should follow and complete all steps: Other: gitlab-ci.yml 1`] = `
 720 "image:
 721     name: sonarsource/sonar-scanner-cli:latest
 722     entrypoint: [""]
 723
 724 variables:
 725   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 726   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 727
 728 stages:
 729   - sonarqube-check
 730   - sonarqube-vulnerability-report
 731
 732 sonarqube-check:
 733   stage: sonarqube-check
 734   dependencies:
 735     - get-binaries
 736     - build
 737   cache:
 738     policy: pull
 739     key: "\${CI_COMMIT_SHORT_SHA}"
 740     paths:
 741       - sonar-scanner/
 742
 743
 744   script:
 745     - sonar-scanner
 746   allow_failure: true
 747   rules:
 748     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 749     - if: $CI_COMMIT_BRANCH == 'master'
 750     - if: $CI_COMMIT_BRANCH == 'main'
 751     - if: $CI_COMMIT_BRANCH == 'develop'
 752
 753 sonarqube-vulnerability-report:
 754   stage: sonarqube-vulnerability-report
 755   script:
 756     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 757   allow_failure: true
 758   rules:
 759     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 760     - if: $CI_COMMIT_BRANCH == 'master'
 761     - if: $CI_COMMIT_BRANCH == 'main'
 762     - if: $CI_COMMIT_BRANCH == 'develop'
 763   artifacts:
 764     expire_in: 1 day
 765     reports:
 766       sast: gl-sast-sonar-report.json
 767 "
 768 `;
 769
 770 exports[`should follow and complete all steps: Other: sonar-project.properties 1`] = `
 771 "sonar.projectKey=my-project
 772 sonar.qualitygate.wait=true
 773 "
 774 `;
 775
 776 exports[`should follow and complete all steps: sonar token key 1`] = `"SONAR_TOKEN"`;
 777
 778 exports[`should follow and complete all steps: sonarqube host url key 1`] = `"SONAR_HOST_URL"`;
 779
 780 exports[`should follow and complete all steps: sonarqube host url value 1`] = `"http://localhost:9000"`;