sonarcloud: true
sonarcloud-project-key: KEY
sonarcloud-project-organization: ORGANIZATION
- sonarcloud-api-token: TOKEN
+ sonarcloud-api-token-cred-id: TOKEN
scan-dev-branch: false
sonarcloud-qualitygate-wait: false
sonarcloud: true
sonarcloud-project-key: KEY
sonarcloud-project-organization: ORGANIZATION
- sonarcloud-api-token: TOKEN
+ sonarcloud-api-token-cred-id: TOKEN
sonar-prescan-script: |
echo "Run script at start of job."
scan-dev-branch: false
sonarcloud: true
sonarcloud-project-key: KEY
sonarcloud-project-organization: ORGANIZATION
- sonarcloud-api-token: TOKEN
+ sonarcloud-api-token-cred-id: TOKEN
scan-dev-branch: true
sonarcloud-qualitygate-wait: true
:build-node: The node to run build on.
:jenkins-ssh-credential: Credential to use for SSH. (Configure in
defaults.yaml)
- :sonarcloud-api-token: SonarCloud API Token.
:sonarcloud-organization: SonarCloud project organization.
:sonarcloud-project-key: SonarCloud project key.
setting up dependencies. (default: '')
:sonar-scanner-version: Version of sonar-scanner to install.
(see YAML for default value; e.g., 3.3.0.1492)
+ :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token.
+ This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all
+ projects (default: 'sonarcloud-api-token')
:submodule-recursive: Whether to checkout submodules recursively.
(default: true)
:submodule-timeout: Timeout (in minutes) for checkout operation.
:mvn-settings: Maven settings.xml file containing credentials to use.
:sonarcloud-project-key: SonarCloud project key.
:sonarcloud-project-organization: SonarCloud project organization.
- :sonarcloud-api-token: SonarCloud API Token.
:sonarcloud-java-version: Version of Java to run the Sonar scan. (default: openjdk11)
:sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to
wait for the quality gate result. (default: false)
:sonarcloud-project-key: SonarCloud project key. (default: '')
:sonarcloud-project-organization: SonarCloud project organization.
(default: '')
- :sonarcloud-api-token: SonarCloud API Token. (default: '')
+ :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token.
+ This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all
+ projects (default: 'sonarcloud-api-token')
:sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11)
:stream: Keyword that represents a release code-name.
Often the same as the branch. (default: master)
:sonarcloud-project-key: SonarCloud project key. (default: '')
:sonarcloud-project-organization: SonarCloud project organization.
(default: '')
- :sonarcloud-api-token: SonarCloud API Token. (default: '')
+ :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token.
+ This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all
+ projects (default: 'sonarcloud-api-token')
:sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11)
:sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to
wait for the quality gate result. (default: false)
:sonarcloud-project-key: SonarCloud project key. (default: '')
:sonarcloud-project-organization: SonarCloud project organization.
(default: '')
- :sonarcloud-api-token: SonarCloud API Token. (default: '')
+ :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token.
+ This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all
+ projects (default: 'sonarcloud-api-token')
:sonar-scanner-home: Sonar scanner home directory.
(default: $WORKSPACE/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux)
:sonar-scanner-opts: Sonar scanner Java options. (default: '-server')
:sonarcloud-project-key: SonarCloud project key. (default: '')
:sonarcloud-project-organization: SonarCloud project organization.
(default: '')
- :sonarcloud-api-token: SonarCloud API Token. (default: '')
+ :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token.
+ This one SHOULDN'T be overwritten as per we are standarizing the credential ID for all
+ projects (default: 'sonarcloud-api-token')
:sonar-mvn-goal: The Maven goal to run the Sonar plugin. (default: sonar:sonar)
:stream: Keyword used to represent a release code-name.
Often the same as the branch. (default: master)
make-opts: ""
pre-build: ""
sonar-scanner-version: 3.3.0.1492
- sonarcloud-api-token: ""
+ sonarcloud-api-token-cred-id: sonarcloud-api-token
sonarcloud-organization: ""
sonarcloud-project-key: ""
stream: master
SONAR_SCANNER_VERSION={sonar-scanner-version}
PROJECT_KEY={sonarcloud-project-key}
PROJECT_ORGANIZATION={sonarcloud-organization}
- API_TOKEN={sonarcloud-api-token}
- shell: !include-raw-escape: ../shell/cmake-sonar.sh
- lf-provide-maven-settings-cleanup
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: '{sonarcloud-api-token-cred-id}'
+ variable: API_TOKEN
+
- job-template:
name: "{project-name}-cmake-sonar"
id: gerrit-cmake-sonar
sonarcloud: false
sonarcloud-project-key: ""
sonarcloud-project-organization: ""
- sonarcloud-api-token: ""
+ sonarcloud-api-token-cred-id: sonarcloud-api-token
sonarcloud-qualitygate-wait: false
# SonarCloud scan using jdk8 will become deprecated by Oct, 2020
# Projects not compatible with jdk11 can set java-version to something else
however to use a specific version of the sonar-maven-plugin we
can call "org.codehaus.mojo:sonar-maven-plugin:3.3.0.603:sonar".
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: '{sonarcloud-api-token-cred-id}'
+ variable: API_TOKEN
+
triggers:
- timed: "{obj:cron}"
- gerrit:
mvn-version: "{mvn-version}"
sonarcloud-project-key: "{sonarcloud-project-key}"
sonarcloud-project-organization: "{sonarcloud-project-organization}"
- sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
scan-dev-branch: "{scan-dev-branch}"
mvn-version: "{mvn-version}"
sonarcloud-project-key: "{sonarcloud-project-key}"
sonarcloud-project-organization: "{sonarcloud-project-organization}"
- sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
scan-dev-branch: "{scan-dev-branch}"
PROJECT_KEY={sonarcloud-project-key}
PROJECT_ORGANIZATION={sonarcloud-project-organization}
MAVEN_GOALS={mvn-goals}
- API_TOKEN={sonarcloud-api-token}
SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
SCAN_DEV_BRANCH={scan-dev-branch}
SONARCLOUD_QUALITYGATE_WAIT={sonarcloud-qualitygate-wait}
sonarcloud: false
sonarcloud-project-key: ""
sonarcloud-project-organization: ""
- sonarcloud-api-token: ""
+ sonarcloud-api-token-cred-id: sonarcloud-api-token
sonarcloud-qualitygate-wait: false
# SonarCloud scan using jdk8 will become deprecated by Oct, 2020
# Projects not compatible with jdk11 can set java-version to something else
however to use a specific version of the sonar-maven-plugin we
can call "org.codehaus.mojo:sonar-maven-plugin:3.3.0.603:sonar".
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: '{sonarcloud-api-token-cred-id}'
+ variable: API_TOKEN
+
builders:
- lf-infra-pre-build
- lf-infra-tox-install:
sonarcloud-project-key: "{sonarcloud-project-key}"
# yamllint disable-line rule:line-length
sonarcloud-project-organization: "{sonarcloud-project-organization}"
- sonarcloud-api-token: "{sonarcloud-api-token}"
sonarcloud-java-version: "{sonarcloud-java-version}"
sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
scan-dev-branch: "{scan-dev-branch}"
--- /dev/null
+---
+features:
+ - |
+ Replace the usage of plaintext sonarcloud api token with a Jenkins credential.
+ The default value for the credential ID is 'sonarcloud-api-token' and we are
+ standarizing it for all projects so this parameter does not require an override