Merge branch 'add-sonar-integration'

d57c2344 · michael.minelli · 7819f93a · 196cf0bf · d57c2344 · cc047073
Commit d57c2344 authored 1 year ago by michael.minelli
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -5,9 +5,32 @@ variables:


 stages:
+    - code_quality
    - deploy


+code_quality:sonarqube:
+    stage: code_quality
+    tags:
+        - code_quality
+    image:
+        name: leadrien/isc-sonar-scanner-cli
+        entrypoint: [ "" ]
+    variables:
+        GIT_SUBMODULE_STRATEGY: recursive
+        GIT_SUBMODULE_FORCE_HTTPS: "true"
+        SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
+        GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
+    cache:
+        key: "${CI_JOB_NAME}"
+        paths:
+            - .sonar/cache
+    script:
+        - sonar-scanner
+    rules:
+        -   if: '$CI_COMMIT_TAG =~ "/^$/"'
+
+
 deploy:
    image: docker:latest
    stage: deploy
@@ -22,7 +45,11 @@ deploy:
        # Get env file
        - |
            echo "Decrypt production env vars" # Do not remove this line because it is used for hide the production key from the ci/cd console
-            npx dotenv-vault local decrypt "${DOTENV_PROD_KEY}" > ../../.env
+            
+            echo "DOTENV_KEY_PRODUCTION=\"${DOTENV_PROD_KEY}\"" > .env.keys
+            npx @dotenvx/dotenvx decrypt
+            mv .env.production ../../.env
+            rm .env.keys
            cp ../../.env ../.env

        # Deploy

--- a/API @ cc047073
+++ b/API @ cc047073
-Subproject commit 54c0e2bf0bf2631d072d56d3ec4685c7bcbc6763
+Subproject commit cc0470731fcfac6d44308c71c797fbf3a2052d9c
--- a/sonar-project.properties
+++ b/sonar-project.properties
+sonar.projectKey=DojoBackend
+sonar.qualitygate.wait=true
+sonar.exclusions=API/**, Frontend/**
\ No newline at end of file