Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • 4
  • 4.3
  • 4.3.1
  • 4.3.0
  • 4.2
  • 4.2.4
  • 4.2.3
  • 4.2.2
9 results

README.md

Blame
  • GitLab CI template for SonarQube

    This project implements a generic GitLab CI template for running SonarQube analysis.

    SonarQube is a Code Quality and Security tool that helps you analyse your source code and detect quality issues or security vulnerabilities as early as possible.

    Usage

    In order to include this template in your project, add the following to your gitlab-ci.yml:

    include:
      - project: 'to-be-continuous/sonar'
        ref: '3.1.0'
        file: '/templates/gitlab-ci-sonar.yml'

    SonarQube analysis job

    This job performs a SonarQube analysis of your code.

    It is bound to the test stage, and uses the following variables:

    Name description default value
    SONAR_SCANNER_IMAGE The Docker image used to run sonar-scanner sonarsource/sonar-scanner-cli:latest
    SONAR_HOST_URL SonarQube server url none (disabled)
    SONAR_PROJECT_KEY SonarQube Project Key (might also be set in the sonar-project.properties file) fallbacks to $CI_PROJECT_PATH_SLUG (see below)
    SONAR_PROJECT_NAME SonarQube Project Name (might also be set in the sonar-project.properties file) fallbacks to $CI_PROJECT_PATH (see below)
    :lock: SONAR_TOKEN SonarQube authentication token (depends on your authentication method) none
    :lock: SONAR_LOGIN SonarQube login (depends on your authentication method) none
    :lock: SONAR_PASSWORD SonarQube password (depends on your authentication method) none
    SONAR_BASE_ARGS SonarQube analysis arguments -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues
    SONAR_QUALITY_GATE_ENABLED Set to true to enable SonarQube Quality Gate verification.
    Uses sonar.qualitygate.wait parameter (see doc).
    none (disabled)

    Automatic Branch Analysis & Merge Request Analysis

    This template relies on SonarScanner's GitLab integration, that is able to auto-detect whether to launch Branch Analysis or Merge Request Analysis from GitLab's environment variables.

    :warning: This feature also depends on your SonarQube server version and license. If using Community Edition, you'll have to install the sonarqube-community-branch-plugin to enable automatic Branch & Merge Request analysis (only works from SonarQube version 8).

    :warning: Merge Request Analysis only works if you're running Merge Request pipeline strategy (default).

    Configuring SonarQube project key, project name and other parameters

    You shall define your SonarQube project key and project name in a sonar-project.properties file located at the root of your repository (as respectively sonar.projectKey and sonar.projectName entries), although they might alternately be set as $SONAR_PROJECT_KEY and $SONAR_PROJECT_NAME variables.

    Note that when not explictly set, the template will use $CI_PROJECT_PATH_SLUG and $CI_PROJECT_PATH as fallback project key and project name.

    The sonar-project.properties file is also the recommended way to configure other SonarQube analysis parameters as well as language specific parameters.

    Each to-be-continuous build template shall briefly document the supported language-specific SonarQube parameters.