0.0.2 • Published 11 months ago

cdk-codebuild-sonarcloud v0.0.2

Weekly downloads
-
License
Apache-2.0
Repository
github
Last release
11 months ago

This CDK construct creates an AWS Codebuild action to perform static code analysis using Sonarcloud.

Getting started

Here is how to include the construct in your CDK code :

const sonarcloudScan = new CDKCodeBuildSonarcloud(this, 'SonarcloudBuildAction', {
      sourceOutput: sourceOutput,
      sonarOrganizationName: 'my-sonarcloud-organization-name',
      sonarProjectName: 'my-sonarcloud-project-name',
});

Check Here for an example on how to use the construct.

Security

A Sonarcloud account is required to use this construct. Create a Sonarcloud token to connect securely to Sonarcloud from AWS CodeBuild. Store this token in your AWS account in AWS Secret Manager, name the secret "sonar-token" and use "SONAR_TOKEN" as the secret key.

Please review the AWS Secret Manager security best practices in order to securely create and manage your secret.

0.0.2

11 months ago

0.0.1

11 months ago

0.0.0

11 months ago