Skip to content

Update Sonar JDK 11 #62

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Update Sonar JDK 11 #62

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ada2ae7
Update Jenkinsfile
shaundmorris Dec 4, 2020
836e0eb
Removed sonar analysis on PRs
shaundmorris Dec 15, 2020
d71da2e
Upgraded Dependency-check to 6.0.2
shaundmorris Dec 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 5 additions & 7 deletions Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,9 +173,9 @@ pipeline {
script {
// If this build is not a pull request, run full owasp scan. Otherwise run incremental scan
if (env.CHANGE_ID == null) {
sh 'mvn install -q -B -Powasp -DskipTests=true -DskipStatic=true $DISABLE_DOWNLOAD_PROGRESS_OPTS'
sh 'mvn org.commonjava.maven.plugins:directory-maven-plugin:highest-basedir@directories dependency-check:aggregate -Powasp -DskipTests=true -DskipStatic=true $DISABLE_DOWNLOAD_PROGRESS_OPTS'
} else {
sh 'mvn install -q -B -Powasp -DskipTests=true -DskipStatic=true -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
sh 'mvn org.commonjava.maven.plugins:directory-maven-plugin:highest-basedir@directories dependency-check:aggregate -Powasp -DskipTests=true -DskipStatic=true -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
}
}
}
Expand All @@ -201,15 +201,13 @@ pipeline {
}
stage ('SonarCloud') {
steps {
withMaven(maven: 'maven-latest', jdk: 'jdk8-latest', globalMavenSettingsConfig: 'default-global-settings', mavenSettingsConfig: 'codice-maven-settings', mavenOpts: '${LINUX_MVN_RANDOM}') {
withMaven(maven: 'maven-latest', jdk: 'jdk11', globalMavenSettingsConfig: 'default-global-settings', mavenSettingsConfig: 'codice-maven-settings', mavenOpts: '${LINUX_MVN_RANDOM}') {
withCredentials([string(credentialsId: 'sonarqube-token', variable: 'SONAR_TOKEN')]) {
script {
// If this build is not a pull request, run sonar scan. otherwise run incremental scan
if (env.CHANGE_ID == null) {
sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} $DISABLE_DOWNLOAD_PROGRESS_OPTS'
} else {
sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.pullrequest.provider=github -Dsonar.pullrequest.github.repository=${GITHUB_USERNAME}/${GITHUB_REPONAME} -Dsonar.pullrequest.github.endpoint=https://api.github.com/ -Dsonar.pullrequest.branch=${BRANCH_NAME} -Dsonar.pullrequest.key=${CHANGE_ID} -Dsonar.pullrequest.base=${CHANGE_TARGET} -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
}
sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} $DISABLE_DOWNLOAD_PROGRESS_OPTS'
}
}
}
}
Expand Down
52 changes: 36 additions & 16 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,10 +70,16 @@

<!-- Maven Plugin Version Properties -->
<directory-maven-plugin.version>0.3.1</directory-maven-plugin.version>
<dependency-check-maven.version>5.2.2</dependency-check-maven.version>
<maven-jacoco-plugin.version>0.8.2</maven-jacoco-plugin.version>
<fabric8.docker.plugin.version>0.27.1</fabric8.docker.plugin.version>
<maven-plugin-plugin.version>3.6.0</maven-plugin-plugin.version>

<!-- dependency-check -->
<mariadb.version>2.4.1</mariadb.version>

<!-- Must MANUALLY update this if the ddf/support project's version changes -->
<ddf.support.version>2.3.16</ddf.support.version>

</properties>

<scm>
Expand All @@ -83,6 +89,12 @@
<tag>acdebugger-1.7</tag>
</scm>

<parent>
<groupId>ddf</groupId>
<artifactId>ddf-parent</artifactId>
<version>1.0.11</version>
</parent>

<repositories>
<repository>
<id>central</id>
Expand Down Expand Up @@ -254,17 +266,29 @@
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>${dependency-check-maven.version}</version>
<dependencies>
<dependency>
<groupId>ddf.support</groupId>
<artifactId>support-owasp</artifactId>
<version>${ddf.support.version}</version>
</dependency>
<dependency>
<groupId>org.mariadb.jdbc</groupId>
<artifactId>mariadb-java-client</artifactId>
<version>${mariadb.version}</version>
</dependency>
</dependencies>
<configuration>
<!-- The following properties enable using a mirror for nist NVD data -->
<cveUrlModified>${owasp.cveUrlModified}</cveUrlModified>
<cveUrlBase>${owasp.cveUrlBase}</cveUrlBase>
<!-- End NVD mirror configuration -->
<failBuildOnCVSS>2</failBuildOnCVSS>
<!-- The following properties enable using a centralized nvd server -->
<autoUpdate>${owasp.autoUpdate}</autoUpdate>
<databaseDriverName>${owasp.database.driverName}</databaseDriverName>
<connectionString>${owasp.database.url}</connectionString>
<serverId>${owasp.serverId}</serverId>
<!-- End Centralized NVD Server Configuration -->
<failOnError>false</failOnError>
<skipTestScope>true</skipTestScope>
<!--Disable by plugin maintainer recommendation on https://github.com/jeremylong/DependencyCheck/issues/978#issuecomment-349620687-->
<centralAnalyzerEnabled>false</centralAnalyzerEnabled>
<!--Disable because we have a separate NSP analysis step and this plugin has no way to suppress NSP issues as of 3.0.2-->
<nspAnalyzerEnabled>false</nspAnalyzerEnabled>
<!--Disable .NET analyzers-->
<nuspecAnalyzerEnabled>false</nuspecAnalyzerEnabled>
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
Expand All @@ -285,15 +309,11 @@
</suppressionFiles>
<!-- This prevents a build failure on jdk tools jar -->
<skipSystemScope>true</skipSystemScope>
<formats>
<format>HTML</format>
<format>JUNIT</format>
</formats>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
Expand Down