admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add OWASP Dependency-Check integration for SonarQube

Browse Source 
- Add sonar.dependencyCheck.jsonReportPath and htmlReportPath to sonar-project.properties
- Add Dependency-Check action scanning composer.lock and package.json
- Generate JSON and HTML reports for SonarQube analysis
- Add to ci.yml sonarqube job and sonarqube.yml workflow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-19 14:41:25 +01:00
parent 7474ada434
commit 7cce3a2999
3 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.gitea/workflows/ci.yml
View File

@@ -204,6 +204,24 @@ jobs:
./hadolint docker/php/dev/Dockerfile -f json > hadolint-dev.json || true
./hadolint docker/php/prod/Dockerfile -f json > hadolint-prod.json || true
- name: OWASP Dependency-Check
uses: dependency-check/Dependency-Check_Action@main
with:
project: 'e-ticket'
path: '.'
format: 'JSON,HTML'
args: >
--scan composer.lock
--scan package.json
--out .
--disableAssembly
continue-on-error: true
- name: Rename Dependency-Check reports
run: |
mv dependency-check-report.json dependency-check-report.json 2>/dev/null || true
mv dependency-check-report.html dependency-check-report.html 2>/dev/null || true
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@v5
env:

13
.gitea/workflows/sonarqube.yml
View File

@@ -92,6 +92,19 @@ jobs:
./hadolint docker/php/dev/Dockerfile -f json > hadolint-dev.json || true
./hadolint docker/php/prod/Dockerfile -f json > hadolint-prod.json || true
- name: OWASP Dependency-Check
uses: dependency-check/Dependency-Check_Action@main
with:
project: 'e-ticket'
path: '.'
format: 'JSON,HTML'
args: >
--scan composer.lock
--scan package.json
--out .
--disableAssembly
continue-on-error: true
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@v5
with: