secure-husky-setup 1.0.7 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/hooks.js +21 -12
- package/lib/sonarqube.js +1 -1
- package/package.json +1 -1
package/lib/hooks.js
CHANGED
|
@@ -91,19 +91,28 @@ else
|
|
|
91
91
|
if [ ! -f "sonar-project.properties" ]; then
|
|
92
92
|
echo "[SonarQube] sonar-project.properties not found. Skipping."
|
|
93
93
|
else
|
|
94
|
-
|
|
95
|
-
echo "
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
echo "
|
|
103
|
-
|
|
94
|
+
SONAR_HOST=$(grep "^sonar.host.url=" sonar-project.properties | cut -d'=' -f2 | tr -d '[:space:]')
|
|
95
|
+
SONAR_DOMAIN=$(echo "$SONAR_HOST" | sed 's|https://||' | sed 's|http://||' | cut -d'/' -f1 | cut -d':' -f1)
|
|
96
|
+
SONAR_PORT=$(echo "$SONAR_HOST" | grep -o ':[0-9]*$' | tr -d ':')
|
|
97
|
+
SONAR_PORT=\${SONAR_PORT:-9000}
|
|
98
|
+
|
|
99
|
+
if ! nc -z -w3 "$SONAR_DOMAIN" "$SONAR_PORT" 2>/dev/null; then
|
|
100
|
+
echo "[SonarQube] Server unreachable — skipping analysis."
|
|
101
|
+
else
|
|
102
|
+
SONAR_INCLUSIONS=$(echo "$STAGED_FILES" | tr '\n' ',' | sed 's/,$//')
|
|
103
|
+
echo "[SonarQube] Scanning: $SONAR_INCLUSIONS"
|
|
104
|
+
|
|
105
|
+
$SONAR_BIN -Dsonar.inclusions="$SONAR_INCLUSIONS" -Dsonar.qualitygate.wait=true
|
|
106
|
+
SONAR_EXIT=$?
|
|
107
|
+
|
|
108
|
+
if [ $SONAR_EXIT -ne 0 ]; then
|
|
109
|
+
echo "[SonarQube] Quality Gate FAILED. Commit blocked."
|
|
110
|
+
echo "[SonarQube] Fix issues at: $SONAR_HOST/dashboard?id=$(grep 'sonar.projectKey' sonar-project.properties | cut -d'=' -f2)"
|
|
111
|
+
exit 1
|
|
112
|
+
fi
|
|
113
|
+
|
|
114
|
+
echo "[SonarQube] Quality Gate PASSED. ✔"
|
|
104
115
|
fi
|
|
105
|
-
|
|
106
|
-
echo "[SonarQube] Quality Gate PASSED. ✔"
|
|
107
116
|
fi
|
|
108
117
|
fi
|
|
109
118
|
|
package/lib/sonarqube.js
CHANGED
|
@@ -12,7 +12,7 @@ const SONAR_PROPS_FILE = 'sonar-project.properties';
|
|
|
12
12
|
// Switch to GCP later by changing SONAR_HOST_URL and SONAR_TOKEN
|
|
13
13
|
// ---------------------------------------------------------------
|
|
14
14
|
const SONAR_HOST_URL = 'http://192.168.1.72:9000';
|
|
15
|
-
const SONAR_TOKEN = '
|
|
15
|
+
const SONAR_TOKEN = 'sqa_4579719d9a294abff391f803ddb08ca6d32d27c5';
|
|
16
16
|
// const SONAR_ORG = 'arjunlatiwala'; // only needed for SonarCloud
|
|
17
17
|
|
|
18
18
|
// Auto-create project on SonarQube via API so developer never needs to do it manually
|