duynguyen/homelab-jenkins-shared-libs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use sonar-scanner-cli container instead of npx for sonar scan

Browse Source 
npx sonar-scanner fails on node:18-slim — no Java. Switch to dedicated
sonarsource/sonar-scanner-cli container with Java + scanner bundled.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
duynguyen
2026-05-02 15:25:49 +07:00
parent 1bd3dd7b82
commit 22c8593d23
2 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
vars/homelabK8sAgent.groovy
View File

@@ -5,11 +5,13 @@
* nodeImage - default: node:18-slim * nodeImage - default: node:18-slim
* harborRegistry - default: harbor-core.harbor.svc.cluster.local * harborRegistry - default: harbor-core.harbor.svc.cluster.local
* withTools - include alpine/git container, default: false * withTools - include alpine/git container, default: false
* withSonar - include sonarsource/sonar-scanner-cli container, default: false
*/ */
def call(Map config = [:]) { def call(Map config = [:]) {
def nodeImage = config.nodeImage ?: 'node:18-slim' def nodeImage = config.nodeImage ?: 'node:18-slim'
def harborReg = config.harborRegistry ?: 'harbor-core.harbor.svc.cluster.local' def harborReg = config.harborRegistry ?: 'harbor-core.harbor.svc.cluster.local'
def withTools = config.withTools ?: false def withTools = config.withTools ?: false
def withSonar = config.withSonar ?: false
def toolsBlock = withTools ? """ def toolsBlock = withTools ? """
- name: tools - name: tools
@@ -19,6 +21,14 @@ def call(Map config = [:]) {
args: args:
- infinity""" : "" - infinity""" : ""
def sonarBlock = withSonar ? """
- name: sonar
image: sonarsource/sonar-scanner-cli:latest
command:
- sleep
args:
- infinity""" : ""
return """ return """
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
@@ -38,6 +48,6 @@ spec:
- name: DOCKER_TLS_CERTDIR - name: DOCKER_TLS_CERTDIR
value: "" value: ""
args: args:
- --insecure-registry=${harborReg}${toolsBlock} - --insecure-registry=${harborReg}${toolsBlock}${sonarBlock}
""".stripIndent() """.stripIndent()
} }

7
vars/scanCodeQuality.groovy
View File

@@ -1,6 +1,7 @@
/** /**
* Runs sonar-scanner via npx inside current container. * Runs sonar-scanner inside container('sonar') (sonarsource/sonar-scanner-cli).
* Must be called inside container('node') block. * Must be called inside container('sonar') block.
* Agent pod must be created with homelabK8sAgent(withSonar: true).
* *
* config keys: * config keys:
* projectKey (required) - SonarQube project key * projectKey (required) - SonarQube project key
@@ -22,7 +23,7 @@ def call(Map config) {
withCredentials([string(credentialsId: credId, variable: 'SONAR_TOKEN')]) { withCredentials([string(credentialsId: credId, variable: 'SONAR_TOKEN')]) {
sh """ sh """
npx sonar-scanner \ sonar-scanner \
-Dsonar.projectKey=${projectKey} \ -Dsonar.projectKey=${projectKey} \
-Dsonar.sources=${sources} \ -Dsonar.sources=${sources} \
-Dsonar.host.url=${sonarUrl} \ -Dsonar.host.url=${sonarUrl} \