-
Notifications
You must be signed in to change notification settings - Fork 129
/
entrypoint.sh
executable file
·47 lines (34 loc) · 2.15 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/bin/bash
set -eo pipefail
echo "::warning title=Docker removed in the next major version::Users on the master branch of this GitHub action will be upgraded automatically on December 9th to its next major version, which replaces Docker with a composite action, executing in the runner environment. Self-hosted runners analyzing JS/TS code against SonarQube 10.2 and below will need to have Node JS installed."
declare -a args=()
if [[ -z "${SONAR_TOKEN}" ]]; then
echo "============================ WARNING ============================"
echo "Running this GitHub Action without SONAR_TOKEN is not recommended"
echo "============================ WARNING ============================"
fi
if [[ -n "${SONAR_ROOT_CERT}" ]]; then
echo "Adding custom root certificate to the scanner truststore"
rm -f /tmp/tmpcert.pem
echo "${SONAR_ROOT_CERT}" > /tmp/tmpcert.pem
# we can't use the default "sonar" password as keytool requires a password with at least 6 characters
args+=("-Dsonar.scanner.truststorePassword=changeit")
mkdir -p $SONAR_USER_HOME/ssl
keytool -storetype PKCS12 -keystore $SONAR_USER_HOME/ssl/truststore.p12 -storepass changeit -noprompt -trustcacerts -importcert -alias sonarqube -file /tmp/tmpcert.pem
# for older SQ versions < 10.6
export SONAR_SCANNER_OPTS="${SONAR_SCANNER_OPTS:-} -Djavax.net.ssl.trustStore=$SONAR_USER_HOME/ssl/truststore.p12 -Djavax.net.ssl.trustStorePassword=changeit"
fi
if [[ -f "${INPUT_PROJECTBASEDIR%/}/pom.xml" ]]; then
echo "WARNING! Maven project detected. Sonar recommends running the 'org.sonarsource.scanner.maven:sonar-maven-plugin:sonar' goal during the build process instead of using this GitHub Action
to get more accurate results."
fi
if [[ -f "${INPUT_PROJECTBASEDIR%/}/build.gradle" || -f "${INPUT_PROJECTBASEDIR%/}/build.gradle.kts" ]]; then
echo "WARNING! Gradle project detected. Sonar recommends using the SonarQube plugin for Gradle during the build process instead of using this GitHub Action
to get more accurate results."
fi
if [[ "$RUNNER_DEBUG" == '1' ]]; then
args+=("--debug")
fi
unset JAVA_HOME
args+=("-Dsonar.projectBaseDir=${INPUT_PROJECTBASEDIR}")
sonar-scanner "${args[@]}" ${INPUT_ARGS}