Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Digital Experience Group
UNL_Search
Commits
01d54f92
Commit
01d54f92
authored
Nov 19, 2021
by
Jeff Sturek
Browse files
Update .gitlab-ci.yml file with Dependency checks and SonarQube.
parent
e9c02342
Pipeline
#44156
passed with stage
in 3 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
.gitlab-ci.yml
0 → 100644
View file @
01d54f92
# To use this script, you must have the following variables defined
# You can define them at the project or the group level
#
# SONAR_URL: Full URL to the SonarQube server
# SONAR_TOKEN: API token for SonarQube
stages
:
-
Test
-
Security
-
QA
PHP Lint
:
stage
:
Test
image
:
its-registry.unl.edu/unl-its/docker-ci/php-lint:7.3
tags
:
-
docker
script
:
-
php-lint -d . -e .php -e .phtml
Dependency Check
:
stage
:
Security
image
:
its-registry.unl.edu/unl-its/docker-ci/dependency-check
tags
:
-
docker
only
:
-
develop
cache
:
policy
:
push
paths
:
-
dep_check
script
:
-
dependency-check -noupdate -f JSON -f XML -f HTML -s . -o ./dep_check --project "$CI_PROJECT_TITLE" --enableExperimental
SonarQube
:
stage
:
QA
image
:
its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:php
tags
:
-
docker
only
:
-
develop
cache
:
policy
:
pull
paths
:
-
dep_check
script
:
-
sonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN
-Dsonar.projectKey=$CI_PROJECT_PATH_SLUG -Dsonar.projectName="$CI_PROJECT_TITLE"
-Dsonar.sources=.
-Dsonar.dependencyCheck.reportPath=./dep_check/dependency-check-report.xml
-Dsonar.dependencyCheck.jsonReportPath=./dep_check/dependency-check-report.json
-Dsonar.dependencyCheck.htmlReportPath=./dep_check/dependency-check-report.html
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment