Updated sonar-project properties and quiet option for Docker compose config validation.

2024-12-02 16:44:10 -05:00
parent 216ce90a44
commit fe86d85892
2 changed files with 12 additions and 8 deletions
@@ -62,7 +62,7 @@ jobs:
    - name: Validate Docker Compose Configuration
      id: docker-lint
      run: |
-        docker compose config --no-interpolate --dry-run
+        docker compose config --no-interpolate --quiet --dry-run
        EXIT_CODE=$?
        if [ $? -ne 0 ]; then
          echo "Docker Compose configuration validation failed."
@@ -3,12 +3,16 @@ sonar.projectKey=rinoa-docker
 # Source directories to analyze
 sonar.sources=.

-# Include only YAML and Docker-related files
-sonar.inclusions=**/*.yaml,**/*.yml,**/Dockerfile,**/*.docker
+# Include only the docker-compose.yml file for IaC analysis
+sonar.inclusions=docker-compose.yml

-# Language-specific configuration (if required)
-sonar.lang.patterns=generic=**/*.yaml,**/*.yml,**/Dockerfile,**/*.docker
+# Disable all other sensors explicitly
+sonar.iac.enabled=true
+sonar.iac.exclusions=**/*.* # Exclude everything not explicitly included
+sonar.exclusions=**/*.*

-# Optional: Enable specific quality profiles for clean code practices
-sonar.qualitygate.wait=true
-sonar.qualitygate=Clean Code
+# Explicitly include IaC file types (if required for broader IaC scanning)
+sonar.iac.inclusions=**/*.yml,**/*.yaml,**/docker-compose.yml
+
+# Optional: Wait for quality gate in pipelines
+sonar.qualitygate.wait=true