Update .gitlab-ci.yml file

2026-05-20 05:21:57 +00:00 · 2025-11-11 08:28:54 +00:00
parent 8e89f9fad0
commit 0766cfeeb2
1 changed files with 8 additions and 7 deletions
@@ -7,16 +7,16 @@ cache:
    - .cache

 # ============================================================
-# 🧠 Step 1: Security Scan dengan gosec
+# 🧠 Step 1: Security Scan dengan gosec (pakai Go 1.24)
 # ============================================================
 gosec_scan:
  stage: scan
-  image: golang:1.23
+  image: golang:1.24
  script:
    - go install github.com/securego/gosec/v2/cmd/gosec@latest
    - echo "🔍 Menjalankan scan keamanan Go..."
    - gosec -fmt=json -out=gosec-report.json ./...
-    - cat gosec-report.json | jq '.Issues | length'
+    - echo "📄 Jumlah issue terdeteksi:" && cat gosec-report.json | jq '.Issues | length'
  artifacts:
    when: always
    paths:
@@ -24,8 +24,7 @@ gosec_scan:
    expire_in: 1 week
  allow_failure: false
  only:
-    - merge_requests
-    - branches
+    - devops-ec2

 # ============================================================
 # 🧱 Step 2: Analisis SonarQube
@@ -35,17 +34,18 @@ sonarqube_analysis:
  image: sonarsource/sonar-scanner-cli:latest
  script:
    - echo "🚀 Menjalankan analisis SonarQube..."
+    - if [ -f "go.mod" ]; then go test ./... -coverprofile=coverage.out || true; fi
    - sonar-scanner \
        -Dsonar.projectKey="mbu-lti-backend" \
        -Dsonar.projectName="MBU LTI Backend" \
        -Dsonar.sources="." \
        -Dsonar.host.url="https://status.mbugroup.id/sonar" \
        -Dsonar.login="sqp_97b3cb2f80ce932fb07b5641aeecc8704b76d1a7" \
+        -Dsonar.go.coverage.reportPaths="coverage.out" \
        -Dsonar.sourceEncoding="UTF-8" \
        -Dsonar.verbose=true
  only:
-    - merge_requests
-    - branches
+    - devops-ec2
  allow_failure: false
  dependencies:
    - gosec_scan
@@ -53,4 +53,5 @@ sonarqube_analysis:
    when: always
    paths:
      - .scannerwork
+      - coverage.out
    expire_in: 1 week