Custom pipelines for different solutions

This scanner allows you to use ACS/StackRox to drive auditing and compliance.

Note: allowing the build to fail should be allowed as ACS has the ability to flag a rule to break pipelines if detected.

The following CI/CD variables need to be defined

To turn it on please place the following in your .gitlab-ci.yml in the include stanza and make sure you have a stage for test

stages:
  - test

include:
  - remote: 'https://github.com/paulbadcock/gitlab-pipeline/raw/main/acs-scanner.yml' # ACS Scanner

This scanner allows you to use SonarQube to test code.

Note: allowing the build to fail is optional but driving policies from SonarQube would require it enabled.

The following CI/CD variables need to be defined

Inside the root of your source code you should place a sonar-project.properties to configure the scanner

sonar.scm.provider=git
sonar.host.url=${env.SONAR_URL}
sonar.projectName=${env.CI_PROJECT_NAME}
sonar.projectKey=${env.CI_PROJECT_NAME}
sonar.projectVersion=${env.CI_COMMIT_REF_NAME}
sonar.gitlab.commit_sha=${env.CI_COMMIT_SHA}
sonar.gitlab.ref_name=${env.CI_COMMIT_REF_NAME}
sonar.sources=${env.SONAR_SOURCES}
sonar.qualitygate.wait=${env.SONAR_QUALITYGATE_WAIT}
sonar.exclusions=${env.SONAR_EXCLUSIONS}

Then include the following in your .gitlab-ci.yml in the include stanza and make sure you have a stage for test

stages:
  - test

include:
  - remote: 'https://github.com/paulbadcock/gitlab-pipeline/raw/main/sonarqube-scanner.yml' # SonarQube Scanner