-
Notifications
You must be signed in to change notification settings - Fork 1
/
security-sonarqube.yaml
71 lines (71 loc) · 2.17 KB
/
security-sonarqube.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: sonarqube-deployment
labels:
app: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
template:
metadata:
labels:
app: sonarqube
spec:
containers:
- name: sonarqube
image: sonarqube:6.7
ports:
- containerPort: 9000
env:
- name: SONARQUBE_JDBC_USERNAME
valueFrom:
secretKeyRef:
name: sonarqube-jdbc
key: user
- name: SONARQUBE_JDBC_PASSWORD
valueFrom:
secretKeyRef:
name: sonarqube-jdbc
key: pass
- name: SONARQUBE_JDBC_URL
valueFrom:
secretKeyRef:
name: sonarqube-jdbc
key: url
- name: GITHUB_TOKEN
valueFrom:
secretKeyRef:
name: github
key: token
command: ["sh", "-c"]
args:
- "echo sonar.log.level=TRACE >> $SONARQUBE_HOME/conf/sonar.properties &&
curl -L -H \"Accept: application/octet-stream\" \"https://$GITHUB_TOKEN:@api.github.com/repos/SonarSource/sonar-security/releases/assets/6671654\" -o $SONARQUBE_HOME/extensions/plugins/sonar-java.jar &&
curl -L -H \"Accept: application/octet-stream\" \"https://$GITHUB_TOKEN:@api.github.com/repos/SonarSource/sonar-security/releases/assets/6671469\" -o $SONARQUBE_HOME/extensions/plugins/sonar-security.jar &&
curl -L \"https://sonarsource.bintray.com/CommercialDistribution/sonar-license-plugin/sonar-license-plugin-3.3.0.1341.jar\" -o $SONARQUBE_HOME/extensions/plugins/sonar-license.jar &&
$SONARQUBE_HOME/bin/run.sh
"
resources:
requests:
cpu: 0.51
memory: "2G"
readinessProbe:
exec:
command: ["sh", "-c", "curl -s http://localhost:9000/api/system/status | grep \\\"status\\\":\\\"UP\\\""]
initialDelaySeconds: 30
periodSeconds: 5
---
kind: Service
apiVersion: v1
metadata:
name: sonarqube-service
spec:
type: LoadBalancer
selector:
app: sonarqube
ports:
- protocol: TCP
port: 9000