Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Story #11854 Clean code: Fix Sonar build #1913

Merged
merged 1 commit into from
Jun 24, 2024
Merged

Story #11854 Clean code: Fix Sonar build #1913

merged 1 commit into from
Jun 24, 2024

Conversation

marob
Copy link
Contributor

@marob marob commented Jun 24, 2024
edited
Loading

Description

Sonar a besoin des jar des dépendances, or le repository m2 était vide car l'action sonarcloud s'exécute dans une nouvelle machine. On récupère donc le cache maven généré par l'action build-backend en début d'action sonarcloud

Type de changement

  • Build

Contributeur

  • VAS (Vitam Accessible en Service)

@GiooDev GiooDev added this to the IT 137 milestone Jun 24, 2024
@vitam-devops
Copy link
Collaborator

Logo
Checkmarx One – Scan Summary & Details08c22da8-f261-4c6e-87fe-4f2d54d75ccd

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 26 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 10 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /vitam-recette.yml: 20 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 9 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 25 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 26 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 25 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /vitam-recette.yml: 57 Container has sensitive host directory mounted as a volume
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 27 Container has sensitive host directory mounted as a volume
MEDIUM Unpinned Actions Full Length Commit SHA /build-and-test.yml: 150 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /build-and-test.yml: 155 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM Unpinned Actions Full Length Commit SHA /build-and-test.yml: 147
MEDIUM Unpinned Actions Full Length Commit SHA /build-and-test.yml: 142

@marob marob merged commit 97e842a into develop Jun 24, 2024
8 checks passed
@marob marob deleted the gh-actions-cache branch June 24, 2024 14:48
@marob marob added clean Code Clean Code VitamUI VAS VAS contribution labels Jun 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mohatizaoui mohatizaoui mohatizaoui approved these changes

@Regzox Regzox Regzox approved these changes

Assignees
No one assigned
Labels
clean Code Clean Code VitamUI VAS VAS contribution
Projects
None yet
Milestone
IT 137
Development

Successfully merging this pull request may close these issues.
5 participants
@marob @vitam-devops @Regzox @mohatizaoui @GiooDev