mirror of
https://gitlab.com/mbugroup/lti-api.git
synced 2026-05-20 21:41:55 +00:00
Update .gitlab-ci.yml file
This commit is contained in:
kris
+4
-9
@@ -13,9 +13,9 @@ gosec_scan:
|
||||
stage: scan
|
||||
image: golang:1.24
|
||||
script:
|
||||
- apt-get update && apt-get install -y jq
|
||||
- go install github.com/securego/gosec/v2/cmd/gosec@latest
|
||||
- echo "🔍 Menjalankan scan keamanan Go..."
|
||||
# Jalankan gosec, tapi jangan hentikan pipeline walau ada temuan
|
||||
- gosec -fmt=json -out=gosec-report.json ./... || true
|
||||
- echo "📄 Jumlah issue terdeteksi:" && cat gosec-report.json | jq '.Issues | length'
|
||||
artifacts:
|
||||
@@ -34,22 +34,17 @@ sonarqube_analysis:
|
||||
stage: scan
|
||||
image: sonarsource/sonar-scanner-cli:latest
|
||||
script:
|
||||
- apk add --no-cache jq
|
||||
- echo "🚀 Menjalankan analisis SonarQube..."
|
||||
- if [ -f "go.mod" ]; then go test ./... -coverprofile=coverage.out || true; fi
|
||||
|
||||
# (Opsional) ubah report JSON gosec jadi format kompatibel SonarQube Generic Issue
|
||||
# Konversi hasil gosec ke format SonarQube Generic Issue
|
||||
- echo "🧩 Mengonversi hasil gosec untuk SonarQube..."
|
||||
- |
|
||||
cat > gosec-generic-report.json <<'EOF'
|
||||
{
|
||||
"issues": []
|
||||
}
|
||||
EOF
|
||||
- |
|
||||
jq -r '.Issues[] | {engineId: "gosec", ruleId: .rule_id, primaryLocation: {message: .details, filePath: .file, textRange: {startLine: .line}}, type: "VULNERABILITY", severity: .severity}' gosec-report.json |
|
||||
jq -s '{issues: .}' > gosec-generic-report.json
|
||||
|
||||
# Jalankan analisis SonarQube dan sertakan laporan gosec
|
||||
# Kirim analisis ke SonarQube
|
||||
- sonar-scanner \
|
||||
-Dsonar.projectKey="mbu-lti-backend" \
|
||||
-Dsonar.projectName="MBU LTI Backend" \
|
||||
|
||||
Reference in New Issue
Block a user