From e709cb6a44e1c26949b5b9338a0c5cc4ba90689f Mon Sep 17 00:00:00 2001 From: Ali Oezyetimoglu Date: Tue, 11 Apr 2023 14:08:09 +0200 Subject: [PATCH] RED-6098: fixed sonar issue for Sec-build --- bamboo-specs/src/main/resources/scripts/sonar-java.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/bamboo-specs/src/main/resources/scripts/sonar-java.sh b/bamboo-specs/src/main/resources/scripts/sonar-java.sh index b7ade4d..58c729f 100755 --- a/bamboo-specs/src/main/resources/scripts/sonar-java.sh +++ b/bamboo-specs/src/main/resources/scripts/sonar-java.sh @@ -12,7 +12,8 @@ mvn -f ${bamboo_build_working_directory}/$SERVICE_NAME-v1/pom.xml \ echo "dependency-check:aggregate" mvn --no-transfer-progress \ -f ${bamboo_build_working_directory}/$SERVICE_NAME-v1/pom.xml \ - org.owasp:dependency-check-maven:aggregate + org.owasp:dependency-check-maven:aggregate \ + -DknownExploitedEnabled=false if [[ -z "${bamboo_repository_pr_key}" ]] then @@ -26,7 +27,8 @@ then -Dsonar.branch.name=${bamboo_planRepository_1_branch} \ -Dsonar.dependencyCheck.jsonReportPath=target/dependency-check-report.json \ -Dsonar.dependencyCheck.xmlReportPath=target/dependency-check-report.xml \ - -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html + -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html \ + -Dsonar.java.binaries=${bamboo_build_working_directory}/target else echo "Sonar Scan for PR with key1: ${bamboo_repository_pr_key}" mvn --no-transfer-progress \ @@ -40,5 +42,6 @@ else -Dsonar.pullrequest.base=${bamboo_repository_pr_targetBranch} \ -Dsonar.dependencyCheck.jsonReportPath=target/dependency-check-report.json \ -Dsonar.dependencyCheck.xmlReportPath=target/dependency-check-report.xml \ - -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html + -Dsonar.dependencyCheck.htmlReportPath=target/dependency-check-report.html \ + -Dsonar.java.binaries=${bamboo_build_working_directory}/target fi \ No newline at end of file