JK

2025-10-21 15:27:54 +07:00 · 2025-10-21 15:27:54 +07:00 · 9c38937e02
commit 9c38937e02
parent 20933ec47c
1 changed files with 21 additions and 17 deletions
--- a/38
+++ b/38
@ -119,34 +119,38 @@ pipeline {

    stage('SAST with SonarQube') {
      steps {
-        withSonarQubeEnv("${SONARQUBE_INSTANCE}") {
+        withSonarQubeEnv('SonarQube') {
          sh '''
            set -euo pipefail
            echo "=== SAST with SonarQube ==="

+            # Ensure scanner is available and PATH includes global tools
            dotnet tool update --global dotnet-sonarscanner
            export PATH="$PATH:/root/.dotnet/tools"

+            # BEGIN
            dotnet sonarscanner begin \
-              /k:"${SONAR_PROJECT_KEY}" \
-              /d:sonar.host.url="$SONAR_HOST_URL" \
-              /d:sonar.login="$SONAR_AUTH_TOKEN" \
-              /d:sonar.exclusions="**/bin/**,**/obj/**" \
-              /d:sonar.test.exclusions="**/*.Tests/**"\
-              /d:sonar.issue.ignore.multicriteria.e1.ruleKey="csharpsquid:S2068" \
-              /d:sonar.issue.ignore.multicriteria.e1.resourceKey="**/appsettings*.json"
+              /k:AS400API \
+              /d:sonar.host.url=$SONAR_HOST_URL \
+              /d:sonar.login=$SONAR_AUTH_TOKEN \
+              /d:sonar.exclusions=**/bin/**,**/obj/** \
+              /d:sonar.test.exclusions=**/*.Tests/** \
+              /d:sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml

-            dotnet clean -c Release
-            # สำคัญ: ปิด warnings-as-errors
-            dotnet build -c Release -warnaserror:false -p:TreatWarningsAsErrors=false
-  
+            # BUILD & TEST (generate coverage if you want it on Sonar)
+            dotnet restore
+            dotnet build -c Release
+            dotnet test AS400API.Tests/AS400API.Tests.csproj -c Release \
+              /p:CollectCoverage=true \
+              /p:CoverletOutput=./TestResults/coverage/ \
+              /p:CoverletOutputFormat=\"opencover\"
+
+            # END (must be inside withSonarQubeEnv so it can create report-task.txt)
+            dotnet sonarscanner end /d:sonar.login=$SONAR_AUTH_TOKEN
          '''
        }
-      }
-      post {
-        always {
-          sh 'dotnet sonarscanner end /d:sonar.login="$SONAR_AUTH_TOKEN" || true'
-        }
+        // Optionally wait for Quality Gate
+        // waitForQualityGate abortPipeline: true
      }
    }