提交 c29a7d3c authored 作者: husishuai's avatar husishuai

init

上级 e440ff56
流水线 #219 已通过 于阶段
in 1 秒
stages: trigger_build:
- sonarqube-check stage: deploy
- sonarqube-vulnerability-report
sonarqube-check:
stage: sonarqube-check
image: maven:3-eclipse-temurin-17
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script: script:
- mvn verify sonar:sonar - "curl -X POST -F token=sqp_3508e27646efb50801b58687cbe1c53b0b861b18 -F ref=sonarqube http://scjoyedu.eicp.net:9121/api/v4/projects/367/trigger/pipeline"
allow_failure: true \ No newline at end of file
only:
- merge_requests
- master
- main
- develop
sonarqube-vulnerability-report:
stage: sonarqube-vulnerability-report
script:
- 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=hushuai_sonarqube_268af5c1-6c6e-4720-9b3b-aa6b9dcdeae0&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
allow_failure: true
only:
- merge_requests
- master
- main
- develop
artifacts:
expire_in: 1 day
reports:
sast: gl-sast-sonar-report.json
dependencies:
- sonarqube-check
...@@ -8,6 +8,7 @@ public class TestApplication { ...@@ -8,6 +8,7 @@ public class TestApplication {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(TestApplication.class, args); SpringApplication.run(TestApplication.class, args);
System.out.println("启动成功");
} }
} }
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论