anupong/AS400_API_DOTNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update JK

Browse Source
This commit is contained in:
Anupong Hompan 2025-10-20 12:38:29 +07:00
parent 73e087a9f5
commit e114259525
1 changed files with 29 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Jenkinsfile vendored
View File

@ -114,13 +114,13 @@ pipeline {
API="https://api.github.com/repos/jeremylong/DependencyCheck/releases/latest"
# Try to resolve the proper asset download URL (the one that ends with -release.zip)
# Resolve the correct asset URL (ends with -release.zip)
echo "Resolving Dependency-Check latest asset URL from GitHub API..."
ASSET_URL="$(curl -fsSL "$API" \
| jq -r '.assets[]?.browser_download_url | select(test("release\\.zip$"))' \
| jq -r '.assets[]?.browser_download_url | select(test("release\\\\.zip$"))' \
| head -n1 || true)"
# Fallback: build URL from tag_name (handles tags like vX.Y.Z)
# Fallback from tag_name if assets listing is throttled
if [ -z "${ASSET_URL:-}" ]; then
TAG="$(curl -fsSL "$API" | jq -r '.tag_name' || true)"
if [ -n "${TAG:-}" ]; then
@ -137,10 +137,8 @@ pipeline {
echo "Downloading: $ASSET_URL"
curl -fL --retry 3 --retry-all-errors -o depcheck.zip "$ASSET_URL"
# sanity check the zip (avoid half-downloaded HTML files)
file depcheck.zip || true
# Validate and extract
unzip -tq depcheck.zip || { echo "Downloaded file is not a valid ZIP"; exit 9; }
mkdir -p dependency-check
unzip -q depcheck.zip -d dependency-check
@ -151,9 +149,9 @@ pipeline {
exit 9
fi
# Run scan (no NVD update to keep CI fast)
# Generate HTML and XML reports (note: use multiple -f flags)
bash "$DC_BIN" \
--format "HTML,XML" \
-f HTML -f XML \
--project "AS400_API_DOTNET" \
--scan "." \
--out "depcheck" \
@ -172,41 +170,36 @@ pipeline {
stage('SAST + Coverage (SonarQube + Tests)') {
agent any
steps {
withSonarQubeEnv('SonarQube') {
sh '''
set -e
export PATH="$HOME/.dotnet:$PATH"
sh '''
set -e
export PATH="$HOME/.dotnet:$PATH"
# run tests with coverage (coverlet integrated)
dotnet test /p:CollectCoverage=true /p:CoverletOutput=coverage/ \
/p:CoverletOutputFormat=cobertura
# run tests with coverage (cobertura) + produce TRX results for JUnit
dotnet test \
--logger "trx;LogFileName=test_results.trx" \
/p:CollectCoverage=true \
/p:CoverletOutput=coverage/ \
/p:CoverletOutputFormat=cobertura
# prepare coverage report location
mkdir -p coverage-report
# many test templates already emit Cobertura; adjust path if needed
cp **/coverage.cobertura.xml coverage-report/Cobertura.xml || true
mkdir -p coverage-report
# copy the cobertura file (adjust path if your solution layout differs)
COBERTURA_FILE=$(find . -type f -name "coverage.cobertura.xml" | head -n1 || true)
[ -n "$COBERTURA_FILE" ] && cp "$COBERTURA_FILE" coverage-report/Cobertura.xml || true
# Sonar scan (assuming global dotnet-sonarscanner or use local tool)
if ! command -v dotnet-sonarscanner >/dev/null 2>&1; then
dotnet tool install --global dotnet-sonarscanner
export PATH="$PATH:$HOME/.dotnet/tools"
fi
dotnet-sonarscanner begin \
/k:"${SONAR_PROJECT_KEY}" \
/n:"${SONAR_PROJECT_NAME}" \
/d:sonar.cs.opencover.reportsPaths="coverage-report/Cobertura.xml"
dotnet build -c Release
dotnet-sonarscanner end
'''
}
# If SonarQube is configured, run scanner; otherwise skip gracefully.
if [ -n "${SONARQUBE_ENV_NAME:-}" ]; then
echo "SonarQube env variable detected: $SONARQUBE_ENV_NAME"
else
echo "SonarQube not configured; skipping Sonar scan."
exit 0
fi
'''
}
post {
always {
publishCoverage adapters: [coberturaAdapter('coverage-report/Cobertura.xml')],
sourceFileResolver: sourceFiles('STORE_LAST_BUILD')
// Publish TRX results (built-in)
junit '**/TestResults/**/*.trx'
// Archive coverage XML so you can inspect it
archiveArtifacts artifacts: 'coverage-report/**', allowEmptyArchive: true
}
}