Fix: Update CI workflow to use Alpine-based images, install Node.js and Trivy with improved methods, and enhance dependency scanning steps #1
@ -218,8 +218,11 @@ jobs:
|
||||
fi
|
||||
done
|
||||
if [ $failed -eq 1 ]; then
|
||||
echo "Some playbooks have errors (this is expected without inventory/vault)"
|
||||
exit 0
|
||||
echo "❌ Some playbooks have syntax errors!"
|
||||
echo "Note: This may be expected if playbooks require inventory/vault, but syntax errors should still be fixed."
|
||||
exit 1
|
||||
else
|
||||
echo "✅ All playbooks passed syntax check"
|
||||
fi
|
||||
continue-on-error: true
|
||||
|
||||
@ -287,13 +290,32 @@ jobs:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Verify SonarQube connection
|
||||
run: |
|
||||
echo "Checking SonarQube connectivity..."
|
||||
if [ -z "$SONAR_HOST_URL" ] || [ -z "$SONAR_TOKEN" ]; then
|
||||
echo "❌ ERROR: SONAR_HOST_URL or SONAR_TOKEN secrets are not set!"
|
||||
echo "Please configure them in: Repository Settings → Actions → Secrets"
|
||||
exit 1
|
||||
fi
|
||||
echo "✓ Secrets are configured"
|
||||
echo "SonarQube URL: ${SONAR_HOST_URL}"
|
||||
echo "Testing connectivity to SonarQube server..."
|
||||
if curl -f -s -o /dev/null -w "%{http_code}" "${SONAR_HOST_URL}/api/system/status" | grep -q "200"; then
|
||||
echo "✓ SonarQube server is reachable"
|
||||
else
|
||||
echo "⚠️ Warning: Could not verify SonarQube server connectivity"
|
||||
fi
|
||||
|
||||
- name: Run SonarScanner
|
||||
run: |
|
||||
echo "Starting SonarQube analysis..."
|
||||
sonar-scanner \
|
||||
-Dsonar.projectKey=ansible-infra \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=${SONAR_HOST_URL} \
|
||||
-Dsonar.login=${SONAR_TOKEN}
|
||||
-Dsonar.login=${SONAR_TOKEN} \
|
||||
-X
|
||||
continue-on-error: true
|
||||
|
||||
workflow-summary:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user