-
Pierre Smeyers authoredPierre Smeyers authored
GitLab CI template for SonarQube
This project implements a generic GitLab CI template for running SonarQube analysis.
SonarQube is a Code Quality and Security tool that helps you analyse your source code and detect quality issues or security vulnerabilities as early as possible.
Usage
In order to include this template in your project, add the following to your gitlab-ci.yml
:
include:
- project: 'to-be-continuous/sonar'
ref: '3.1.0'
file: '/templates/gitlab-ci-sonar.yml'
SonarQube analysis job
This job performs a SonarQube analysis of your code.
It is bound to the test
stage, and uses the following variables:
Name | description | default value |
---|---|---|
SONAR_SCANNER_IMAGE |
The Docker image used to run sonar-scanner | sonarsource/sonar-scanner-cli:latest |
SONAR_HOST_URL |
SonarQube server url | none (disabled) |
SONAR_PROJECT_KEY |
SonarQube Project Key (might also be set in the sonar-project.properties file) |
fallbacks to $CI_PROJECT_PATH_SLUG (see below) |
SONAR_PROJECT_NAME |
SonarQube Project Name (might also be set in the sonar-project.properties file) |
fallbacks to $CI_PROJECT_PATH (see below) |
![]() SONAR_TOKEN
|
SonarQube authentication token (depends on your authentication method) | none |
![]() SONAR_LOGIN
|
SonarQube login (depends on your authentication method) | none |
![]() SONAR_PASSWORD
|
SonarQube password (depends on your authentication method) | none |
SONAR_BASE_ARGS |
SonarQube analysis arguments | -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues |
SONAR_QUALITY_GATE_ENABLED |
Set to true to enable SonarQube Quality Gate verification.Uses sonar.qualitygate.wait parameter (see doc).
|
none (disabled) |
Automatic Branch Analysis & Merge Request Analysis
This template relies on SonarScanner's GitLab integration, that is able to auto-detect whether to launch Branch Analysis or Merge Request Analysis from GitLab's environment variables.
Configuring SonarQube project key, project name and other parameters
You shall define your SonarQube project key and project name in a sonar-project.properties
file located at the root of your repository (as respectively sonar.projectKey
and sonar.projectName
entries), although they might alternately be set as $SONAR_PROJECT_KEY
and $SONAR_PROJECT_NAME
variables.
Note that when not explictly set, the template will use $CI_PROJECT_PATH_SLUG
and $CI_PROJECT_PATH
as fallback project key and project name.
The sonar-project.properties
file is also the recommended way to configure other SonarQube analysis parameters
as well as language specific parameters.
Each to-be-continuous build template shall briefly document the supported language-specific SonarQube parameters.