From 331a16ba64bf48913ccadd3ef8fb8d4421c0a7e5 Mon Sep 17 00:00:00 2001
From: Sarah Funkhouser <147884153+golanglemonade@users.noreply.github.com>
Date: Fri, 22 Nov 2024 13:03:12 -0700
Subject: [PATCH 1/2] bk pipeline updates

Signed-off-by: Sarah Funkhouser <147884153+golanglemonade@users.noreply.github.com>
---
 .buildkite/pipeline.yaml | 27 ++++++++-------------------
 1 file changed, 8 insertions(+), 19 deletions(-)

diff --git a/.buildkite/pipeline.yaml b/.buildkite/pipeline.yaml
index add0136..771fbd7 100644
--- a/.buildkite/pipeline.yaml
+++ b/.buildkite/pipeline.yaml
@@ -26,26 +26,14 @@ steps:
               environment:
                 - "GOTOOLCHAIN=auto"
         artifact_paths: ["coverage.out"]
-  - group: ":closed_lock_with_key: Security Checks"
-    depends_on: "go_test"
-    key: "security"
-    steps:
-      - label: ":closed_lock_with_key: gosec"
-        key: "gosec"
-        plugins:
-          - docker#v5.12.0:
-              image: "securego/gosec:2.20.0"
-              command: ["-no-fail", "-exclude-generated", "-fmt sonarqube", "-out", "results.txt", "./..."]
-              environment:
-                - "GOTOOLCHAIN=auto"
-        artifact_paths: ["results.txt"]
       - label: ":github: upload PR reports"
         key: "scan-upload-pr"
         if: build.pull_request.id != null
-        depends_on: ["gosec", "go_test"]
+        depends_on: ["go_test"]
         plugins:
-          - artifacts#v1.9.4:
-              download: "results.txt"
+          - cluster-secrets#v1.0.0:
+              variables:
+                SONAR_TOKEN: SONAR_TOKEN
           - artifacts#v1.9.4:
               download: "coverage.out"
               step: "go_test"
@@ -58,10 +46,11 @@ steps:
       - label: ":github: upload reports"
         key: "scan-upload"
         if: build.branch == "main"
-        depends_on: ["gosec", "go_test"]
+        depends_on: ["go_test"]
         plugins:
-          - artifacts#v1.9.4:
-              download: results.txt
+          - cluster-secrets#v1.0.0:
+              variables:
+                SONAR_TOKEN: SONAR_TOKEN
           - artifacts#v1.9.4:
               download: coverage.out
               step: "go_test"

From 0ca1548b56b2ad78715c3fbfaab4d456d0a31ab2 Mon Sep 17 00:00:00 2001
From: Sarah Funkhouser <147884153+golanglemonade@users.noreply.github.com>
Date: Fri, 22 Nov 2024 13:05:46 -0700
Subject: [PATCH 2/2] sonar

Signed-off-by: Sarah Funkhouser <147884153+golanglemonade@users.noreply.github.com>
---
 sonar-project.properties | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sonar-project.properties b/sonar-project.properties
index ea0cebc..3119f2c 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -12,5 +12,4 @@ sonar.test.inclusions=**/*_test.go
 sonar.test.exclusions=**/vendor/**
 
 sonar.sourceEncoding=UTF-8
-sonar.go.coverage.reportPaths=coverage.out
-sonar.externalIssuesReportPaths=results.txt
\ No newline at end of file
+sonar.go.coverage.reportPaths=coverage.out
\ No newline at end of file