feat: add SonarQube integration for code quality analysis

- Add SonarQube configuration files - sonar-project.properties with Node.js/Express settings - .sonarignore to exclude test files, database, and build artifacts - Configure source paths (src, index.js, db.js) - Set up test coverage paths - Add SonarQube npm script - npm run sonar command for manual analysis - Integrate SonarQube into Jenkins pipeline - Add SonarQube Analysis stage with sonar-scanner-cli - Add Quality Gate verification stage - Block deployment if quality gate fails - 5-minute timeout for quality gate check This enables continuous code quality monitoring and ensures code meets quality standards before deployment. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-21 01:24:59 +01:00 · 2025-11-21 01:24:59 +01:00 · 0e1cd727c4
commit 0e1cd727c4
parent 86ccc3ef4f
4 changed files with 121 additions and 1 deletions
--- a/.sonarignore
+++ b/.sonarignore
@ -0,0 +1,64 @@
+# Dependencies
+node_modules/
+**/node_modules/**
+
+# Build outputs
+dist/
+build/
+
+# Testing
+coverage/
+.nyc_output/
+
+# Database
+database/
+*.sql
+
+# Scripts
+scripts/
+*.sh
+*.bat
+*.ps1
+
+# Configuration files
+*.config.js
+jest.config.js
+eslint.config.js
+
+# Environment files
+.env*
+
+# Logs
+logs/
+*.log
+npm-debug.log*
+backend.log
+
+# Test files
+test-*.js
+*.test.js
+*.spec.js
+
+# IDE
+.vscode/
+.idea/
+
+# Docker
+Dockerfile
+docker-compose*.yml
+
+# CI/CD
+Jenkinsfile
+.github/
+
+# Documentation
+*.md
+postman-collection.json
+
+# Public files
+public/
+
+# Temporary files
+*.tmp
+*.bak
+*.backup
--- a/26
+++ b/26
@ -81,6 +81,32 @@ pipeline {
            }
        }

+        stage('SonarQube Analysis') {
+            agent {
+                docker {
+                    image 'sonarsource/sonar-scanner-cli:latest'
+                    args '-u root'
+                }
+            }
+            steps {
+                echo "🔍 Analyse de la qualité du code avec SonarQube..."
+                script {
+                    withSonarQubeEnv('SonarQube') {
+                        sh 'sonar-scanner'
+                    }
+                }
+            }
+        }
+
+        stage('Quality Gate') {
+            steps {
+                echo "🚦 Vérification du Quality Gate SonarQube..."
+                timeout(time: 5, unit: 'MINUTES') {
+                    waitForQualityGate abortPipeline: true
+                }
+            }
+        }
+
        stage('Build Docker image') {
            steps {
                echo "🐳 Construction de l’image Docker backend..."
--- a/package.json
+++ b/package.json
@ -15,7 +15,8 @@
    "db:seed": "node database/seed.js",
    "db:check": "node scripts/check-database.js",
    "kill": "powershell -ExecutionPolicy Bypass -File ./scripts/kill-server.ps1",
-    "fresh": "powershell -ExecutionPolicy Bypass -File ./scripts/start-fresh.ps1"
+    "fresh": "powershell -ExecutionPolicy Bypass -File ./scripts/start-fresh.ps1",
+    "sonar": "sonar-scanner"
  },
  "keywords": [],
  "author": "",
--- a/sonar-project.properties
+++ b/sonar-project.properties
@ -0,0 +1,29 @@
+# Informations du projet
+sonar.projectKey=the-tip-top-backend
+sonar.projectName=Thé Tip Top - Backend
+sonar.projectVersion=1.0.0
+
+# Chemin des sources
+sonar.sources=src,index.js,db.js
+sonar.tests=test
+
+# Exclusions
+sonar.exclusions=**/node_modules/**,**/*.spec.js,**/*.test.js,**/coverage/**,**/dist/**,**/build/**,**/database/**,**/scripts/**,**/*.config.js
+
+# Encodage des fichiers
+sonar.sourceEncoding=UTF-8
+
+# Langage du projet
+sonar.language=js
+
+# Chemins de couverture de code (si tests configurés)
+sonar.javascript.lcov.reportPaths=coverage/lcov.info
+
+# Niveau de logs
+sonar.log.level=INFO
+
+# URL du serveur SonarQube (à adapter selon votre configuration)
+# sonar.host.url=http://localhost:9000
+
+# Token d'authentification (à configurer via variable d'environnement)
+# sonar.login=${SONAR_TOKEN}