moneyslow.com

gitlab调用sonar进行代码安全检查的CI/CD配置

gitlab

gitlab

  1. sonar中建立token:

    http://8.8.8.8:9000/account/security/


生成的串对应关系:
SONAR_LOGIN 5164e9f1fde59212313123123123ee3cfc49212b0a4
SONAR_PROJECTKEY asfaffa-php-check

gitlab设置CI/CD变量:

gitlab项目中编写.gitlab-ci.yml 脚本:

stages:
  - analysis

sonar_code_analysis:
  stage: analysis
  image: emeraldsquad/sonar-scanner
  variables:
    SONAR_URL: http://8.8.8.8:9000
  only:
    - master
  script:
    - sonar-scanner
      -Dsonar.host.url=$SONAR_URL
      -Dsonar.login=$SONAR_LOGIN
      -Dsonar.analysis.mode=preview
      -Dsonar.gitlab.project_id=$CI_PROJECT_PATH
      -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA
      -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
      -Dsonar.projectKey=$SONAR_PROJECTKEY
      -Dsonar.sources=.
      -Dsonar.exclusions=vendor/**
Exit mobile version