Closed kharyam closed 3 years ago
@kharyam the CI file needs to be updated to tel it that the sonar image now depends on the JS image both from a CI depend upon but also the FRoM is overwritten in the CI.
also I see yo I marked the change as breaking, but it doesn’t seem this would break any exiting scenarios right?
@kharyam the CI file needs to be updated to tel it that the sonar image now depends on the JS image both from a CI depend upon but also the FRoM is overwritten in the CI. @itewk Very cool - updated.
also I see yo I marked the change as breaking, but it doesn’t seem this would break any exiting scenarios right? Correct, it won't break any existing scenarios (updated the PR description)
@kharyam thanks
Purpose
In order to perform SonarQube static code analysis on javascript-based projects, the ploigos-tool-sonar container must have access to the
node
command.Breaking?
Yes. (Note - this update will not break any existing functionality)
Whats Breaking and why?
When scanning javascript based projects using nodejs, the sonar scanner client attempts to run the
node
command. If it is not available, the scan completes however no files are analyzed.Integration Testing
(Performed in private environment)