Skip to content
Snippets Groups Projects

Resolve "Integrate dependency-check container with Sonarqube"

Merged Resolve "Integrate dependency-check container with Sonarqube"
12-integrate-dependency-check-container-with-sonarqube-2 into develop
Merged Raul Barreras requested to merge 12-integrate-dependency-check-container-with-sonarqube-2 into develop
Compare
and
Show latest version
1 file
+ 34
1
Compare changes
  • Side-by-side
  • Inline
.gitlab-ci.yml
+ 34
1
@@ -2,6 +2,8 @@ stages:
- verify
- build
- test
- test:npm_install
- test:dependency_checker
- publish
- security
@@ -35,12 +37,43 @@ stages:
- docker run --rm its-registry.unl.edu/unl-its/docker-ci/static-code-analysis sonar-scanner -v
- docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets -s
Test Dependency Checker:
Test Dependency Checker npm install:
stage: test:npm_install
tags:
- docker
image: node:alpine
cache:
paths:
- t/dependency-check/simple-app/node_modules/
script:
- cd t/dependency-check/simple-app/
- npm install
Test Dependency Checker dependency_check:
stage: test:dependency_checker
image:
name: its-registry.unl.edu/unl-its/docker-ci/dependency-check
entrypoint: ["/bin/ls"]
cache:
policy: pull
variables:
DEPENDENCY_CHECK_OUT_DIR: /tmp/dependency_check_results
SRC_DIR: t/dependency-check/simple-app/
before_script:
- cd t/dependency-check/simple-app/
- ls -alr
tags:
- docker
script:
- echo ${DEPENDENCY_CHECK_OUT_DIR}
.Test Dependency Checker:
stage: test
tags:
- dockerd
script:
- ls -al
- docker run --rm -v "${PWD}/t/dependency-check/simple-app:/work" -w /work --entrypoint "/bin/ls -al" node:alpine npm install
- docker run --rm -v "${PWD}/t/dependency-check/simple-app:/work" -w /work node:alpine npm install
- docker run --rm -v "${PWD}/t/dependency-check/simple-app:/work" -w /work -e DEPENDENCY_CHECK_OUT_DIR=./ its-registry.unl.edu/unl-its/docker-ci/dependency-check
- docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/static-code-analysis sonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.projectKey=$CI_PROJECT_PATH_SLUG -Dsonar.sources=. -Dsonar.login=$SONAR_TOKEN -Dsonar.dependencyCheck.reportPath=dependency-check-report.xml -Dsonar.dependencyCheck.htmlReportPath=dependency-check-report.html