add sonar

2021-09-22 15:48:40 +02:00 · 2021-09-22 15:48:40 +02:00 · 7b27734052
commit 7b27734052
parent 9bfe175acc
3 changed files with 107 additions and 1 deletions
--- a/bamboo-specs/src/main/java/buildjob/PlanSpec.java
+++ b/bamboo-specs/src/main/java/buildjob/PlanSpec.java
@ -51,6 +51,7 @@ public class PlanSpec {
        Permissions permission = new Permissions()
                .userPermissions("atlbamboo", PermissionType.EDIT, PermissionType.VIEW, PermissionType.ADMIN, PermissionType.CLONE, PermissionType.BUILD)
                .groupPermissions("development", PermissionType.EDIT, PermissionType.VIEW, PermissionType.CLONE, PermissionType.BUILD)
+                .groupPermissions("devplant", PermissionType.EDIT, PermissionType.VIEW, PermissionType.CLONE, PermissionType.BUILD)
                .loggedInUserPermissions(PermissionType.VIEW)
                .anonymousUserPermissionView();
        return new PlanPermissions(planIdentifier.getProjectKey(), planIdentifier.getPlanKey()).permissions(permission);
@ -89,6 +90,11 @@ public class PlanSpec {
                                                .description("Resultparser")
                                                .resultDirectories("**/test-reports/*.xml, **/target/surefire-reports/*.xml, **/target/failsafe-reports/*.xml")
                                                .enabled(true),
+                                        new ScriptTask()
+                                                .description("Sonar")
+                                                .location(Location.FILE)
+                                                .fileFromPath("bamboo-specs/src/main/resources/scripts/sonar-java.sh")
+                                                .argument(SERVICE_NAME),
                                        new InjectVariablesTask()
                                                .description("Inject git Tag")
                                                .path("git.tag")
--- a/bamboo-specs/src/main/resources/scripts/sonar-java.sh
+++ b/bamboo-specs/src/main/resources/scripts/sonar-java.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+set -e
+
+SERVICE_NAME=$1
+
+echo "dependency-check:aggregate"
+${bamboo_capability_system_builder_mvn3_Maven_3}/bin/mvn \
+    --no-transfer-progress \
+    -f ${bamboo_build_working_directory}/$SERVICE_NAME-v1/pom.xml \
+    org.owasp:dependency-check-maven:aggregate
+
+if [[ -z "${bamboo_repository_pr_key}" ]]
+then
+    echo "Sonar Scan for branch: ${bamboo_planRepository_1_branch}"
+    ${bamboo_capability_system_builder_mvn3_Maven_3}/bin/mvn \
+            --no-transfer-progress \
+            -f ${bamboo_build_working_directory}/$SERVICE_NAME-v1/pom.xml \
+            sonar:sonar \
+            -Dsonar.projectKey=RED_$SERVICE_NAME \
+            -Dsonar.host.url=https://sonarqube.iqser.com \
+            -Dsonar.login=${bamboo_sonarqube_api_token_secret} \
+            -Dsonar.branch.name=${bamboo_planRepository_1_branch} \
+            -Dsonar.dependencyCheck.jsonReportPath=target/dependency-check-report.json \
+            -Dsonar.dependencyCheck.xmlReportPath=target/dependency-check-report.xml \
+            -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html
+            
+else
+    echo "Sonar Scan for PR with key1: ${bamboo_repository_pr_key}"
+    ${bamboo_capability_system_builder_mvn3_Maven_3}/bin/mvn \
+            --no-transfer-progress \
+            -f ${bamboo_build_working_directory}/$SERVICE_NAME-v1/pom.xml \
+            sonar:sonar \
+            -Dsonar.projectKey=RED_$SERVICE_NAME \
+            -Dsonar.host.url=https://sonarqube.iqser.com \
+            -Dsonar.login=${bamboo_sonarqube_api_token_secret} \
+            -Dsonar.pullrequest.key=${bamboo_repository_pr_key} \
+            -Dsonar.pullrequest.branch=${bamboo_repository_pr_sourceBranch} \
+            -Dsonar.pullrequest.base=${bamboo_repository_pr_targetBranch} \
+            -Dsonar.dependencyCheck.jsonReportPath=target/dependency-check-report.json \
+            -Dsonar.dependencyCheck.xmlReportPath=target/dependency-check-report.xml \
+            -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html
+fi
--- a/persistence-service-v1/pom.xml
+++ b/persistence-service-v1/pom.xml
@ -39,6 +39,64 @@
            </dependency>
        </dependencies>
    </dependencyManagement>
-
+    <build>
+        <pluginManagement>
+            <plugins>
+                <plugin>
+                    <groupId>org.sonarsource.scanner.maven</groupId>
+                    <artifactId>sonar-maven-plugin</artifactId>
+                    <version>3.9.0.2155</version>
+                    </plugin>                    
+                <plugin>
+                    <groupId>org.owasp</groupId>
+                    <artifactId>dependency-check-maven</artifactId>
+                    <version>6.3.1</version>
+                    <configuration>
+                        <format>ALL</format>
+                    </configuration>
+                </plugin>
+                <plugin>
+                    <groupId>org.jacoco</groupId>
+                    <artifactId>jacoco-maven-plugin</artifactId>
+                    <executions>
+                        <execution>
+                            <id>prepare-agent</id>
+                            <goals>
+                                <goal>prepare-agent</goal>
+                            </goals>
+                        </execution>
+                        <execution>
+                            <id>report</id>
+                            <goals>
+                                <goal>report</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin>
+            </plugins>
+        </pluginManagement>
+        <plugins>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <version>0.8.7</version>
+                <executions>
+                    <execution>
+                        <id>prepare-agent</id>
+                        <goals>
+                            <goal>prepare-agent</goal>
+                        </goals>
+                    </execution>
+                    <execution>
+                        <id>report</id>
+                        <goals>
+                            <goal>report-aggregate</goal>
+                        </goals>
+                        <phase>verify</phase>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>

 </project>