1、Jenkins安装插件
https://plugins.jenkins.io/dependency-check-jenkins-plugin/
2、下载并配置
# 下载 wget https://github.com/dependency-check/DependencyCheck/releases/download/v9.0.9/dependency-check-9.0.9-release.zip # 解压并配置 cd /usr/local/ unzip /usr/local/src/dependency-check-9.0.9-release.zip # 查看版本 ./dependency-check/bin/dependency-check.sh --version
3、配置Jenkins构建任务sonar-scanner(Pipeline代码)
stage('Dependency-Check') {
steps {
sh '/usr/local/dependency-check/bin/dependency-check.sh -s ./ -f HTML -o ./dependency-check-report.html'
}
}
stage('Sonarqube') {
steps {
script {
scannerHome = tool 'sonar-scanner'
}
withSonarQubeEnv('SonarQube') {
sh """
${scannerHome}/bin/sonar-scanner \
-Dsonar.projectKey=$JOB_BASE_NAME \
-Dsonar.projectName=$JOB_BASE_NAME \
-Dsonar.projectVersion=v$BUILD_NUMBER \
-Dsonar.sourceEncoding=UTF-8 \
-Dsonar.language=java \
-Dsonar.sources=${WORKSPACE} \
-Dsonar.branch.name=${params.BRANCH} \
-Dsonar.scm.provider=git \
-Dsonar.dependencyCheck.htmlReportPath=./dependency-check-report.html \
-Dsonar.dependencyCheck.summarize=true \
-Dsonar.dependencyCheck.securityHotspot=true
"""
}
}
}
参考:
https://github.com/dependency-check/DependencyCheck
浙公网安备 33010602011771号