diff --git a/Jenkinsfile b/Jenkinsfile index cf9669f..61944e9 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -119,34 +119,38 @@ pipeline { stage('SAST with SonarQube') { steps { - withSonarQubeEnv("${SONARQUBE_INSTANCE}") { + withSonarQubeEnv('SonarQube') { sh ''' set -euo pipefail echo "=== SAST with SonarQube ===" + # Ensure scanner is available and PATH includes global tools dotnet tool update --global dotnet-sonarscanner export PATH="$PATH:/root/.dotnet/tools" + # BEGIN dotnet sonarscanner begin \ - /k:"${SONAR_PROJECT_KEY}" \ - /d:sonar.host.url="$SONAR_HOST_URL" \ - /d:sonar.login="$SONAR_AUTH_TOKEN" \ - /d:sonar.exclusions="**/bin/**,**/obj/**" \ - /d:sonar.test.exclusions="**/*.Tests/**"\ - /d:sonar.issue.ignore.multicriteria.e1.ruleKey="csharpsquid:S2068" \ - /d:sonar.issue.ignore.multicriteria.e1.resourceKey="**/appsettings*.json" + /k:AS400API \ + /d:sonar.host.url=$SONAR_HOST_URL \ + /d:sonar.login=$SONAR_AUTH_TOKEN \ + /d:sonar.exclusions=**/bin/**,**/obj/** \ + /d:sonar.test.exclusions=**/*.Tests/** \ + /d:sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml - dotnet clean -c Release - # สำคัญ: ปิด warnings-as-errors - dotnet build -c Release -warnaserror:false -p:TreatWarningsAsErrors=false - + # BUILD & TEST (generate coverage if you want it on Sonar) + dotnet restore + dotnet build -c Release + dotnet test AS400API.Tests/AS400API.Tests.csproj -c Release \ + /p:CollectCoverage=true \ + /p:CoverletOutput=./TestResults/coverage/ \ + /p:CoverletOutputFormat=\"opencover\" + + # END (must be inside withSonarQubeEnv so it can create report-task.txt) + dotnet sonarscanner end /d:sonar.login=$SONAR_AUTH_TOKEN ''' } - } - post { - always { - sh 'dotnet sonarscanner end /d:sonar.login="$SONAR_AUTH_TOKEN" || true' - } + // Optionally wait for Quality Gate + // waitForQualityGate abortPipeline: true } }