added OWASP dependency check for GitLab CI Runner with SonarQube plugin properties

2019-01-07 18:49:25 +01:00 · 2019-01-07 18:49:25 +01:00 · bf735e8254
parent 0d03b63b7c
commit bf735e8254
1 changed files with 15 additions and 0 deletions
--- a/pom.xml
+++ b/pom.xml
@ -17,6 +17,7 @@
    <properties>
        <java.version>1.8</java.version>
        <kotlin.version>1.2.71</kotlin.version>
+        <sonar.dependencyCheck.reportPath></sonar.dependencyCheck.reportPath>
    </properties>

    <dependencies>
@ -61,6 +62,20 @@
        <sourceDirectory>${project.basedir}/src/main/kotlin</sourceDirectory>
        <testSourceDirectory>${project.basedir}/src/test/kotlin</testSourceDirectory>
        <plugins>
+            <plugin>
+                <groupId>org.sonarsource.scanner.maven</groupId>
+                    <artifactId>sonar-maven-plugin</artifactId>
+                    <version>3.5.0.1254</version>
+            </plugin>
+            <plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>4.0.2</version>
+                <configuration>
+                    <format>HTML</format>
+                    <outputDirectory>dependency-check-report.html</outputDirectory>
+                </configuration>
+            </plugin>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>