diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a07582efce1aad47004d9f8a8bfb8f953923e348..dea6775f6e6603baa78bb4be24a6a2b9693915b2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -5,9 +5,32 @@ variables:
stages:
+ - code_quality
- deploy
+code_quality:sonarqube:
+ stage: code_quality
+ tags:
+ - code_quality
+ image:
+ name: leadrien/isc-sonar-scanner-cli
+ entrypoint: [ "" ]
+ variables:
+ GIT_SUBMODULE_STRATEGY: recursive
+ GIT_SUBMODULE_FORCE_HTTPS: "true"
+ SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
+ GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
+ cache:
+ key: "${CI_JOB_NAME}"
+ paths:
+ - .sonar/cache
+ script:
+ - sonar-scanner
+ rules:
+ - if: '$CI_COMMIT_TAG =~ "/^$/"'
+
+
deploy:
image: docker:latest
stage: deploy
@@ -22,7 +45,11 @@ deploy:
# Get env file
- |
echo "Decrypt production env vars" # Do not remove this line because it is used for hide the production key from the ci/cd console
- npx dotenv-vault local decrypt "${DOTENV_PROD_KEY}" > ../../.env
+
+ echo "DOTENV_KEY_PRODUCTION=\"${DOTENV_PROD_KEY}\"" > .env.keys
+ npx @dotenvx/dotenvx decrypt
+ mv .env.production ../../.env
+ rm .env.keys
cp ../../.env ../.env
# Deploy
diff --git a/API b/API
index 54c0e2bf0bf2631d072d56d3ec4685c7bcbc6763..cc0470731fcfac6d44308c71c797fbf3a2052d9c 160000
--- a/API
+++ b/API
@@ -1 +1 @@
-Subproject commit 54c0e2bf0bf2631d072d56d3ec4685c7bcbc6763
+Subproject commit cc0470731fcfac6d44308c71c797fbf3a2052d9c
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000000000000000000000000000000000000..84c36f477e858f58e828e6ad6e24de11a0eb3f6a
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,3 @@
+sonar.projectKey=DojoBackend
+sonar.qualitygate.wait=true
+sonar.exclusions=API/**, Frontend/**
\ No newline at end of file