google-cloud-platform - 当 SonarQube 7.8 质量门检查失败时如何终止 Google 云构建作业

您的cloudbuild.yaml. 花一些时间查看文档中有关语法的相关部分。特别强调处理替换的方式和您的secretEnv 变量。请注意，对于机密，您需要使用 Cloud KMS 或 Secret Manager。

您的文件的以下修改cloudbuild.yaml假定您已按照相关说明使用 Cloud KMS（以它为基础，根据您的具体环境进行所需的相关更改）：

steps:
 
#build jar file 
- name: 'maven:3.6.1-jdk-8'
  entrypoint : 'mvn'
  args: ['package', '-q']
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'build-jar'
  
#static code analysis by sonarqube
- name: 'maven:3.6.1-jdk-8'
  entrypoint: 'bash'
  args:
    - -c
    - |
      unset MAVEN_CONFIG \
      
      && mvn sonar:sonar -q -Dsonar.login=abc\
      '-Dsonar.projectKey=abc' \
      '-Dsonar.projectName=ABC' \
      '-Dsonar.host.url=https://sonarqube.home' \
      '-Dsonar.qualitygate.wait=true' \
      'allow_failure: true'
  dir: 'dataflows/generic/pubsub-sftp/src'
  id: 'sonarqube-analysis'
  
#Move jar to artifactory
- name: 'gcr.io/cloud-builders/gcloud'
  entrypoint: 'bash'
  args: ['-c', 'curl -u $$ARTIFACTORY_CREDENTIALS -X PUT "https://artifactory.build.ingka.ikea.com/artifactory/$_ARTIFACTORY_REPO/$_PACKAGE_NAME/pubsub-sftp-$BRANCH_NAME.jar" -T pipeline-bundled-0.1.jar']
  dir: 'dataflows/generic/pubsub-sftp/src/pipeline/target'  
  secretEnv: ['ARTIFACTORY_CREDENTIALS']
#Change these fields according to your configuration
substitutions:
    _ARTIFACTORY_REPO: 'your-example-value-1'
    _PACKAGE_NAME: 'your-example-value-2'
options:
    substitution_option: 'ALLOW_LOOSE'
 #Change these fields according to your configuration
secrets:
 - kmsKeyName: projects/project-id/locations/global/keyRings/keyring-name/cryptoKeys/key-name
   secretEnv:
     ARTIFACTORY_CREDENTIALS: 'encrypted-password'