init

.gitlab-ci.yml

-trigger_build:
-  stage: deploy
+stages:
+  - sonarqube-check
+  - sonarqube-vulnerability-report
+
+sonarqube-check:
+  stage: sonarqube-check
+  image: maven:3-eclipse-temurin-17
+  variables:
+    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
+    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
+  cache:
+    key: "${CI_JOB_NAME}"
+    paths:
+      - .sonar/cache
   script:
-    - "curl -X POST -F token=sqp_3508e27646efb50801b58687cbe1c53b0b861b18 -F ref=sonarqube http://scjoyedu.eicp.net:9121/api/v4/projects/367/trigger/pipeline"
\ No newline at end of file
+    - mvn verify sonar:sonar
+  allow_failure: true
+  only:
+    - merge_requests
+    - master
+    - main
+    - develop