Update JK

2025-10-21 08:35:51 +07:00 · 2025-10-21 08:35:51 +07:00 · 5df9aede66
commit 5df9aede66
parent b02408abc0
1 changed files with 35 additions and 24 deletions
--- a/59
+++ b/59
@ -18,8 +18,8 @@ pipeline {
    DC_DATA = "${JENKINS_HOME}/.dc-cache"

    // ถ้าจะใช้ SonarQube ให้ตั้งค่าตามระบบจริง
-    // SONAR_HOST_URL = 'http://sonarqube:9000'
-    // SONAR_TOKEN = credentials('SONAR_TOKEN')
+    SONARQUBE_INSTANCE = 'SonarQube'
+    SONAR_PROJECT_KEY = 'AS400API'
  }

  stages {
@ -125,32 +125,43 @@ pipeline {

    stage('SAST') {
      steps {
-        sh '''
-          set -euo pipefail
+        script {
+          if (env.SONARQUBE_INSTANCE?.trim()) {
+            withSonarQubeEnv(env.SONARQUBE_INSTANCE) {
+              sh """
+                set -euo pipefail

-          if [ -n "${SONAR_HOST_URL:-}" ] && [ -n "${SONAR_TOKEN:-}" ]; then
-            echo "=== SAST with SonarQube ==="
-            # ถ้าใช้ sonarscanner for .NET (แนะนำ)
-            dotnet tool update --global dotnet-sonarscanner || dotnet tool install --global dotnet-sonarscanner
-            export PATH="$HOME/.dotnet/tools:${PATH}"
+                echo "=== SAST with SonarQube (${env.SONARQUBE_INSTANCE}) ==="
+                dotnet tool update --global dotnet-sonarscanner || dotnet tool install --global dotnet-sonarscanner
+                export PATH="$HOME/.dotnet/tools:${PATH}"

-            dotnet-sonarscanner begin \
-              /k:"AS400API" \
-              /d:sonar.host.url="${SONAR_HOST_URL}" \
-              /d:sonar.login="${SONAR_TOKEN}"
+                dotnet clean -c Release

-            dotnet build -c Release
+                dotnet sonarscanner begin \
+                  /k:"${env.SONAR_PROJECT_KEY}" \
+                  /d:sonar.host.url="\$SONAR_HOST_URL" \
+                  /d:sonar.login="\$SONAR_AUTH_TOKEN"

-            dotnet-sonarscanner end /d:sonar.login="${SONAR_TOKEN}"
-          else
-            echo "=== SAST with Roslyn analyzers (no Sonar) ==="
-            # เปิด .NET analyzers และ treat warnings เป็น error
-            dotnet build -c Release \
-              -p:EnableNETAnalyzers=true \
-              -p:TreatWarningsAsErrors=true \
-              -warnaserror
-          fi
-        '''
+                dotnet build -c Release \
+                  -p:EnableNETAnalyzers=true \
+                  -p:TreatWarningsAsErrors=true \
+                  -warnaserror
+
+                dotnet sonarscanner end /d:sonar.login="\$SONAR_AUTH_TOKEN"
+              """
+            }
+          } else {
+            sh '''
+              set -euo pipefail
+              echo "=== SAST with Roslyn analyzers (no Sonar) ==="
+              dotnet clean -c Release
+              dotnet build -c Release \
+                -p:EnableNETAnalyzers=true \
+                -p:TreatWarningsAsErrors=true \
+                -warnaserror
+            '''
+          }
+        }
      }
    }