[#186993968] Fix Dockerfile and Sonar's properties

DNAstack · Feb 22, 2024 · 988f669 · 988f669
1 parent a126817
commit 988f669
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 11 deletions.
diff --git a/.github/workflows/build-test-analyse.yml b/.github/workflows/build-test-analyse.yml
@@ -9,18 +9,19 @@ on:
 jobs:
   build-and-test-java-app:
     name: Build & Test Java App
-    uses: DNAstack/dnastack-development-tools/.github/workflows/build-test-java-app.yml@60321a2d7bd83b31dee31376bfcdba24b65ccf99
+    uses: DNAstack/dnastack-development-tools/.github/workflows/build-test-java-app.yml@4e75ec231d7c954329f7e47bacd5b02928c5f28e
     with:
-      java-version: 17
+      java-version: 21
     secrets:
       pat-with-read-packages-permission: ${{ secrets.AUTH_TOKEN }}
   code-analysis-and-dependency-check:
     name: Code Analysis and OWASP Dependency Check
-    uses: DNAstack/dnastack-development-tools/.github/workflows/code-analysis-and-dependency-check.yml@60321a2d7bd83b31dee31376bfcdba24b65ccf99
+    uses: DNAstack/dnastack-development-tools/.github/workflows/code-analysis-and-dependency-check.yml@4e75ec231d7c954329f7e47bacd5b02928c5f28e
     with:
       with-frontend: false
-      java-version: 17
+      java-version: 21
     secrets:
       pat-with-read-packages-permission: ${{ secrets.AUTH_TOKEN }}
       sonar-token: ${{ secrets.SONAR_TOKEN }}
       sonar-host-url: ${{ secrets.SONAR_HOST_URL }}
+      nvd-api-key: ${{ secrets.NVD_API_KEY }}
diff --git a/ci/impl/Dockerfile b/ci/impl/Dockerfile
@@ -10,8 +10,7 @@ FROM amazoncorretto:21-al2023 AS build
 ARG APP_NAME
 ARG APP_VERSION
 
-RUN apt-get update
-RUN apt-get install -y curl
+RUN yum install -y curl tar gzip --allowerasing
 
 WORKDIR /build
 

diff --git a/pom.xml b/pom.xml
@@ -30,11 +30,12 @@
         <maven.compiler.target>${java.version}</maven.compiler.target>
         <maven.surefire.plugin.version>3.0.0-M7</maven.surefire.plugin.version>
         <maven.go-offline.plugin.version>1.2.8</maven.go-offline.plugin.version>
-        <!-- Sonar -->
-        <sonar.dependency-check.plugin.version>7.4.1</sonar.dependency-check.plugin.version>
-        <sonar.dependency-check.jsonReportPath>target/dependency-check-report.json</sonar.dependency-check.jsonReportPath>
-        <sonar.dependency-check.htmlReportPath>target/dependency-check-report.html</sonar.dependency-check.htmlReportPath>
-        <sonar.dependency-check.summarize>true</sonar.dependency-check.summarize>
+        <!-- Sonar: https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html -->
+        <!-- Note: sonar plugin picks up sonar.dependencyCheck.* properties -->
+        <sonar.dependency-check.plugin.version>9.0.9</sonar.dependency-check.plugin.version>
+        <sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
+        <sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
+        <sonar.dependencyCheck.summarize>true</sonar.dependencyCheck.summarize>
         <!-- DNAstack Libs -->
         <dnastack.token-validator.version>1.0.11</dnastack.token-validator.version>
         <dnastack.spring-boot-audit-event-logger.version>1.0.17</dnastack.spring-boot-audit-event-logger.version>