source.dussan.org Git - sonarqube.git/blob

   1 // Jest Snapshot v1, https://goo.gl/fbAQLP
   2
   3 exports[`should follow and complete all steps: .NET: gitlab-ci.yml 1`] = `
   4 "image: mcr.microsoft.com/dotnet/sdk:7.0
   5
   6 variables:
   7   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
   8   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
   9
  10 stages:
  11   - sonarqube-check
  12   - sonarqube-vulnerability-report
  13
  14 sonarqube-check:
  15   stage: sonarqube-check
  16
  17   script:
  18       - "dotnet tool install --global dotnet-sonarscanner"
  19       - "export PATH=\\"$PATH:$HOME/.dotnet/tools\\""
  20       - "dotnet sonarscanner begin /k:\\"my-project\\" /d:sonar.token=\\"$SONAR_TOKEN\\" /d:\\"sonar.host.url=$SONAR_HOST_URL\\" "
  21       - "dotnet build"
  22       - "dotnet sonarscanner end /d:sonar.token=\\"$SONAR_TOKEN\\""
  23   allow_failure: true
  24   rules:
  25     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  26     - if: $CI_COMMIT_BRANCH == 'master'
  27     - if: $CI_COMMIT_BRANCH == 'main'
  28     - if: $CI_COMMIT_BRANCH == 'develop'
  29
  30 sonarqube-vulnerability-report:
  31   stage: sonarqube-vulnerability-report
  32   script:
  33     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
  34   allow_failure: true
  35   rules:
  36     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  37     - if: $CI_COMMIT_BRANCH == 'master'
  38     - if: $CI_COMMIT_BRANCH == 'main'
  39     - if: $CI_COMMIT_BRANCH == 'develop'
  40   artifacts:
  41     expire_in: 1 day
  42     reports:
  43       sast: gl-sast-sonar-report.json
  44 "
  45 `;
  46
  47 exports[`should follow and complete all steps: CPP - manual: gitlab-ci.yml 1`] = `
  48 "image: gcc
  49
  50 variables:
  51   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
  52   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  53   BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
  54
  55 stages:
  56   - get-binaries
  57   - build-analyze
  58   - sonarqube-vulnerability-report
  59
  60 get-binaries:
  61   stage: get-binaries
  62   cache:
  63     policy: push
  64     key: "\${CI_COMMIT_SHORT_SHA}"
  65     paths:
  66       - sonar-scanner/
  67       - build-wrapper/
  68   script:
  69     # Download sonar-scanner
  70     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.0.4584-linux-x64.zip'
  71     - unzip -o sonar-scanner.zip
  72     - mv sonar-scanner-6.2.0.4584-linux-x64 sonar-scanner
  73     # Download build-wrapper
  74     - curl -sSLo ./build-wrapper-linux-x86.zip "$SONAR_HOST_URL/static/cpp/build-wrapper-linux-x86.zip"
  75     - unzip -o build-wrapper-linux-x86.zip
  76     - mv build-wrapper-linux-x86 build-wrapper
  77
  78   rules:
  79     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  80     - if: $CI_COMMIT_BRANCH == 'master'
  81     - if: $CI_COMMIT_BRANCH == 'main'
  82     - if: $CI_COMMIT_BRANCH == 'develop'
  83
  84 build:
  85   stage: build-analyze
  86   script:
  87     - build-wrapper/build-wrapper-linux-x86-64 --out-dir "\${BUILD_WRAPPER_OUT_DIR}" <your clean build command>
  88     - sonar-scanner/bin/sonar-scanner -Dsonar.host.url="\${SONAR_HOST_URL}" -Dsonar.cfamily.compile-commands="\${BUILD_WRAPPER_OUT_DIR}/compile_commands.json"
  89   cache:
  90     policy: pull
  91     key: "\${CI_COMMIT_SHORT_SHA}"
  92     paths:
  93     - sonar-scanner/
  94     - build-wrapper/
  95
  96 sonarqube-vulnerability-report:
  97   stage: sonarqube-vulnerability-report
  98   script:
  99     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 100   allow_failure: true
 101   rules:
 102     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 103     - if: $CI_COMMIT_BRANCH == 'master'
 104     - if: $CI_COMMIT_BRANCH == 'main'
 105     - if: $CI_COMMIT_BRANCH == 'develop'
 106   artifacts:
 107     expire_in: 1 day
 108     reports:
 109       sast: gl-sast-sonar-report.json
 110 "
 111 `;
 112
 113 exports[`should follow and complete all steps: CPP: gitlab-ci.yml 1`] = `
 114 "image: gcc
 115
 116 variables:
 117   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 118   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 119
 120
 121 stages:
 122   - get-binaries
 123   - sonarqube-check
 124   - sonarqube-vulnerability-report
 125
 126 get-binaries:
 127   stage: get-binaries
 128   cache:
 129     policy: push
 130     key: "\${CI_COMMIT_SHORT_SHA}"
 131     paths:
 132       - sonar-scanner/
 133
 134   script:
 135     # Download sonar-scanner
 136     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.0.4584-linux-x64.zip'
 137     - unzip -o sonar-scanner.zip
 138     - mv sonar-scanner-6.2.0.4584-linux-x64 sonar-scanner
 139
 140   rules:
 141     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 142     - if: $CI_COMMIT_BRANCH == 'master'
 143     - if: $CI_COMMIT_BRANCH == 'main'
 144     - if: $CI_COMMIT_BRANCH == 'develop'
 145
 146 sonarqube-check:
 147   stage: sonarqube-check
 148   dependencies:
 149     - get-binaries
 150   cache:
 151     policy: pull
 152     key: "\${CI_COMMIT_SHORT_SHA}"
 153     paths:
 154       - sonar-scanner/
 155
 156   script: sonar-scanner/bin/sonar-scanner -Dsonar.host.url="\${SONAR_HOST_URL}"
 157   allow_failure: true
 158   rules:
 159     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 160     - if: $CI_COMMIT_BRANCH == 'master'
 161     - if: $CI_COMMIT_BRANCH == 'main'
 162     - if: $CI_COMMIT_BRANCH == 'develop'
 163
 164 sonarqube-vulnerability-report:
 165   stage: sonarqube-vulnerability-report
 166   script:
 167     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 168   allow_failure: true
 169   rules:
 170     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 171     - if: $CI_COMMIT_BRANCH == 'master'
 172     - if: $CI_COMMIT_BRANCH == 'main'
 173     - if: $CI_COMMIT_BRANCH == 'develop'
 174   artifacts:
 175     expire_in: 1 day
 176     reports:
 177       sast: gl-sast-sonar-report.json
 178 "
 179 `;
 180
 181 exports[`should follow and complete all steps: CPP: sonar-project.properties 1`] = `
 182 "sonar.projectKey=my-project
 183 sonar.qualitygate.wait=true
 184 "
 185 `;
 186
 187 exports[`should follow and complete all steps: Dart: gitlab-ci.yml 1`] = `
 188 "image: ghcr.io/cirruslabs/flutter:stable
 189
 190 variables:
 191   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 192   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 193
 194 stages:
 195   - get-binaries
 196   - sonarqube-check
 197   - sonarqube-vulnerability-report
 198
 199 get-binaries:
 200   stage: get-binaries
 201   cache:
 202     policy: push
 203     key: "\${CI_COMMIT_SHORT_SHA}"
 204     paths:
 205       - sonar-scanner/
 206
 207   script:
 208     # Download sonar-scanner
 209     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.0.4584-linux-x64.zip'
 210     - unzip -o sonar-scanner.zip
 211     - mv sonar-scanner-6.2.0.4584-linux-x64 sonar-scanner
 212
 213   rules:
 214     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 215     - if: $CI_COMMIT_BRANCH == 'master'
 216     - if: $CI_COMMIT_BRANCH == 'main'
 217     - if: $CI_COMMIT_BRANCH == 'develop'
 218
 219 sonarqube-check:
 220   stage: sonarqube-check
 221
 222   script:
 223     - <commands to build your project>
 224     - sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
 225   allow_failure: true
 226   rules:
 227     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 228     - if: $CI_COMMIT_BRANCH == 'master'
 229     - if: $CI_COMMIT_BRANCH == 'main'
 230     - if: $CI_COMMIT_BRANCH == 'develop'
 231
 232 sonarqube-vulnerability-report:
 233   stage: sonarqube-vulnerability-report
 234   script:
 235     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 236   allow_failure: true
 237   rules:
 238     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 239     - if: $CI_COMMIT_BRANCH == 'master'
 240     - if: $CI_COMMIT_BRANCH == 'main'
 241     - if: $CI_COMMIT_BRANCH == 'develop'
 242   artifacts:
 243     expire_in: 1 day
 244     reports:
 245       sast: gl-sast-sonar-report.json
 246 "
 247 `;
 248
 249 exports[`should follow and complete all steps: Dart: sonar-project.properties 1`] = `
 250 "sonar.projectKey=my-project
 251 sonar.qualitygate.wait=true
 252 "
 253 `;
 254
 255 exports[`should follow and complete all steps: Gradle: gitlab-ci.yml 1`] = `
 256 "image: gradle:8.2.0-jdk17-jammy
 257
 258 variables:
 259   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 260   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 261
 262 stages:
 263   - sonarqube-check
 264   - sonarqube-vulnerability-report
 265
 266 sonarqube-check:
 267   stage: sonarqube-check
 268
 269   script: gradle sonar
 270   allow_failure: true
 271   rules:
 272     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 273     - if: $CI_COMMIT_BRANCH == 'master'
 274     - if: $CI_COMMIT_BRANCH == 'main'
 275     - if: $CI_COMMIT_BRANCH == 'develop'
 276
 277 sonarqube-vulnerability-report:
 278   stage: sonarqube-vulnerability-report
 279   script:
 280     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 281   allow_failure: true
 282   rules:
 283     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 284     - if: $CI_COMMIT_BRANCH == 'master'
 285     - if: $CI_COMMIT_BRANCH == 'main'
 286     - if: $CI_COMMIT_BRANCH == 'develop'
 287   artifacts:
 288     expire_in: 1 day
 289     reports:
 290       sast: gl-sast-sonar-report.json
 291 "
 292 `;
 293
 294 exports[`should follow and complete all steps: Groovy: build.gradle 1`] = `
 295 "plugins {
 296   id "org.sonarqube" version "5.1.0.4882"
 297 }
 298
 299 sonar {
 300   properties {
 301     property "sonar.projectKey", "my-project"
 302     property "sonar.projectName", "MyProject"
 303     property "sonar.qualitygate.wait", true
 304   }
 305 }"
 306 `;
 307
 308 exports[`should follow and complete all steps: Kotlin: build.gradle.kts 1`] = `
 309 "plugins {
 310   id ("org.sonarqube") version "5.1.0.4882"
 311 }
 312
 313 sonar {
 314   properties {
 315     property("sonar.projectKey", "my-project")
 316     property("sonar.projectName", "MyProject")
 317     property("sonar.qualitygate.wait", true)
 318   }
 319 }"
 320 `;
 321
 322 exports[`should follow and complete all steps: Maven: gitlab-ci.yml 1`] = `
 323 "image: maven:3-eclipse-temurin-17
 324
 325 variables:
 326   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 327   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 328
 329 stages:
 330   - sonarqube-check
 331   - sonarqube-vulnerability-report
 332
 333 sonarqube-check:
 334   stage: sonarqube-check
 335
 336   script:
 337     - mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
 338   allow_failure: true
 339   rules:
 340     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 341     - if: $CI_COMMIT_BRANCH == 'master'
 342     - if: $CI_COMMIT_BRANCH == 'main'
 343     - if: $CI_COMMIT_BRANCH == 'develop'
 344
 345 sonarqube-vulnerability-report:
 346   stage: sonarqube-vulnerability-report
 347   script:
 348     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 349   allow_failure: true
 350   rules:
 351     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 352     - if: $CI_COMMIT_BRANCH == 'master'
 353     - if: $CI_COMMIT_BRANCH == 'main'
 354     - if: $CI_COMMIT_BRANCH == 'develop'
 355   artifacts:
 356     expire_in: 1 day
 357     reports:
 358       sast: gl-sast-sonar-report.json
 359 "
 360 `;
 361
 362 exports[`should follow and complete all steps: Maven: pom.xml 1`] = `
 363 "<properties>
 364   <sonar.projectKey>my-project</sonar.projectKey>
 365   <sonar.projectName>MyProject</sonar.projectName>
 366   <sonar.qualitygate.wait>true</sonar.qualitygate.wait>
 367 </properties>"
 368 `;
 369
 370 exports[`should follow and complete all steps: Other: gitlab-ci.yml 1`] = `
 371 "image:
 372     name: sonarsource/sonar-scanner-cli:11
 373     entrypoint: [""]
 374
 375 variables:
 376   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
 377   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
 378
 379 stages:
 380   - sonarqube-check
 381   - sonarqube-vulnerability-report
 382
 383 sonarqube-check:
 384   stage: sonarqube-check
 385
 386   script:
 387     - sonar-scanner -Dsonar.host.url="\${SONAR_HOST_URL}"
 388   allow_failure: true
 389   rules:
 390     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 391     - if: $CI_COMMIT_BRANCH == 'master'
 392     - if: $CI_COMMIT_BRANCH == 'main'
 393     - if: $CI_COMMIT_BRANCH == 'develop'
 394
 395 sonarqube-vulnerability-report:
 396   stage: sonarqube-vulnerability-report
 397   script:
 398     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
 399   allow_failure: true
 400   rules:
 401     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
 402     - if: $CI_COMMIT_BRANCH == 'master'
 403     - if: $CI_COMMIT_BRANCH == 'main'
 404     - if: $CI_COMMIT_BRANCH == 'develop'
 405   artifacts:
 406     expire_in: 1 day
 407     reports:
 408       sast: gl-sast-sonar-report.json
 409 "
 410 `;
 411
 412 exports[`should follow and complete all steps: Other: sonar-project.properties 1`] = `
 413 "sonar.projectKey=my-project
 414 sonar.qualitygate.wait=true
 415 "
 416 `;
 417
 418 exports[`should follow and complete all steps: sonar token key 1`] = `"SONAR_TOKEN"`;
 419
 420 exports[`should follow and complete all steps: sonarqube host url key 1`] = `"SONAR_HOST_URL"`;
 421
 422 exports[`should follow and complete all steps: sonarqube host url value 1`] = `"http://localhost:9000"`;