SonarQube 7.8质量门检查失败时如何终止Google云构建作业

时间:2020-07-14 14:51:51

标签: google-cloud-platform sonarqube sonarqube-scan

我正在使用cloudbuild.yaml文件中的以下代码。但是它给语法错误和失败。请提出建议。

steps:
 
#build jar file 
- name: maven:3.6.1-jdk-8
  entrypoint : mvn
  args: ['package', '-q']
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'build-jar'
  
#static code analysis by sonarqube
- name: maven:3.6.1-jdk-8
  entrypoint: bash
  args:
    - -c
    - |
      unset MAVEN_CONFIG \
      && echo "111.12.111.23 sonarqube.xxx.com" > /etc/hosts \
      && mvn sonar:sonar -q -Dsonar.login= **aa1234566789**\
      '-Dsonar.projectKey=abc' \
      '-Dsonar.projectName=ABC' \
      '-Dsonar.host.url=https://example.com' \
      '-Dsonar.qualitygate.wait=true' \
  allow_failure: true
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'sonarqube-analysis'

请说明为什么出现语法错误。 我们正在尝试

1 个答案:

答案 0 :(得分:1)

您的cloudbuild.yaml上存在一些语法问题。花一些时间来查看documentation的有关语法的相关部分。特别要注意处理substitutionssecretEnv variable的方式。请注意,对于secrets you'd need to use either Cloud KMS or Secret Manager

cloudbuild.yaml文件的以下修改假定您已遵循relevant instructions to use Cloud KMS(将其用作根据您的特定环境进行所需的相关更改的基础):

steps:
 
#build jar file 
- name: 'maven:3.6.1-jdk-8'
  entrypoint : 'mvn'
  args: ['package', '-q']
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'build-jar'
  
#static code analysis by sonarqube
- name: 'maven:3.6.1-jdk-8'
  entrypoint: 'bash'
  args:
    - -c
    - |
      unset MAVEN_CONFIG \
      
      && mvn sonar:sonar -q -Dsonar.login=abc\
      '-Dsonar.projectKey=abc' \
      '-Dsonar.projectName=ABC' \
      '-Dsonar.host.url=https://sonarqube.home' \
      '-Dsonar.qualitygate.wait=true' \
      'allow_failure: true'
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'sonarqube-analysis'
  
#Move jar to artifactory
- name: 'gcr.io/cloud-builders/gcloud'
  entrypoint: 'bash'
  args: ['-c', 'curl -u $$ARTIFACTORY_CREDENTIALS -X PUT "https://artifactory.build.ingka.ikea.com/artifactory/$_ARTIFACTORY_REPO/$_PACKAGE_NAME/pubsub-sftp-$BRANCH_NAME.jar" -T pipeline-bundled-0.1.jar']
  dir: 'dataflows/generic/pubsub-sftp/src/pipeline/target'  
  secretEnv: ['ARTIFACTORY_CREDENTIALS']
#Change these fields according to your configuration
substitutions:
    _ARTIFACTORY_REPO: 'your-example-value-1'
    _PACKAGE_NAME: 'your-example-value-2'
options:
    substitution_option: 'ALLOW_LOOSE'
 #Change these fields according to your configuration
secrets:
 - kmsKeyName: projects/project-id/locations/global/keyRings/keyring-name/cryptoKeys/key-name
   secretEnv:
     ARTIFACTORY_CREDENTIALS: 'encrypted-password'
相关问题
最新问题