Skip to content
Snippets Groups Projects
Commit 139c6d18 authored by Benoit Martin's avatar Benoit Martin
Browse files

feat(sonar): autodetect Merge Request from current branch

parent 612518af
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
README.md
+ 12
11
View file @ 139c6d18
...@@ -29,26 +29,27 @@ It is bound to the `test` stage, and uses the following variables: ...@@ -29,26 +29,27 @@ It is bound to the `test` stage, and uses the following variables:
| :lock: `SONAR_AUTH_TOKEN`| SonarQube authentication [token](https://docs.sonarqube.org/latest/user-guide/user-token/) (depends on your authentication method) | _none_ | | :lock: `SONAR_AUTH_TOKEN`| SonarQube authentication [token](https://docs.sonarqube.org/latest/user-guide/user-token/) (depends on your authentication method) | _none_ |
| :lock: `SONAR_LOGIN` | SonarQube login (depends on your authentication method) | _none_ | | :lock: `SONAR_LOGIN` | SonarQube login (depends on your authentication method) | _none_ |
| :lock: `SONAR_PASSWORD` | SonarQube password (depends on your authentication method) | _none_ | | :lock: `SONAR_PASSWORD` | SonarQube password (depends on your authentication method) | _none_ |
| `SONAR_BASE_ARGS` | SonarQube [analysis arguments](https://docs.sonarqube.org/latest/analysis/analysis-parameters/) | `-Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG} -Dsonar.projectName=${CI_PROJECT_PATH} -Dsonar.projectBaseDir=. -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues -Dsonar.branch.name=${CI_COMMIT_REF_NAME}` | | `SONAR_BASE_ARGS` | SonarQube [analysis arguments](https://docs.sonarqube.org/latest/analysis/analysis-parameters/) | `-Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG} -Dsonar.projectName=${CI_PROJECT_PATH} -Dsonar.projectBaseDir=. -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues` |
| :lock: `SONAR_GITLAB_TOKEN` | GitLab [access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) with `api` scope. When set, activates the [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) integration. | _none_ | | :lock: `SONAR_GITLAB_TOKEN` | GitLab [access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) with `api` scope. When set, activates the [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) integration. | _none_ |
| `SONAR_BRANCH_ANALYSIS_DISABLED` | Set to disable automatic [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/) and [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/) | _none_ (enabled) |
| `SONAR_GITLAB_ARGS` | Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) | `-Dsonar.gitlab.url=${CI_SERVER_URL} -Dsonar.gitlab.user_token=${SONAR_GITLAB_TOKEN} -Dsonar.gitlab.project_id=${CI_PROJECT_ID} -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA} -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}` | | `SONAR_GITLAB_ARGS` | Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) | `-Dsonar.gitlab.url=${CI_SERVER_URL} -Dsonar.gitlab.user_token=${SONAR_GITLAB_TOKEN} -Dsonar.gitlab.project_id=${CI_PROJECT_ID} -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA} -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}` |
| `SONAR_AUTO_ON_DEV_DISABLED` | When set, SonarQube analysis becomes **manual** on development branches (automatic otherwise) | _none_ | | `SONAR_AUTO_ON_DEV_DISABLED` | When set, SonarQube analysis becomes **manual** on development branches (automatic otherwise) | _none_ |
### About branch analysis #### Automatic Branch Analysis & Pull Request Analysis
As you can see, default SonarQube analysis arguments uses the [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/) By default, this template tries to auto-detect and use [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/) or [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/) (depending on the context).
feature (`sonar.branch.name` argument).
This is a great SonarQube feature but it assumes one of the following conditions: Those is a great SonarQube features but it assumes one of the following conditions:
* you are using a [Developer Edition](https://www.sonarqube.org/developer-edition/) version, * you are using a [Developer Edition](https://www.sonarqube.org/developer-edition/) version,
* or you are using Community Edition with an opensource plugin emulating the Branch Analysis feature: * or you are using Community Edition with an opensource plugin emulating those features, such as [sonarqube-community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin).
* etiher [sonar-branch-community](https://github.com/msanez/sonar-branch-community),
* or [sonarqube-community-branch-plugin](https://github.com/mc1arke/sonarqube-community-branch-plugin),
* ...
If you're not in those cases, then the SonarQube analysis will fail with default parameters. You'll have to override the If you're not in one of those cases, then you shall disable this feature by setting `SONAR_BRANCH_ANALYSIS_DISABLED`.
default `SONAR_BASE_ARGS` and disable it by removing the `sonar.branch.name` argument.
If you leave the feature enabled, if `SONAR_AUTH_TOKEN` is provided, the template will try to autodetect (using GitLab APIs) an opened merge request matching the current branch:
* If one is found, a SonarQube [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/) will be made.
* Otherwise, a simple [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/) is performed on the current branch.
### About Sonar GitLab plugin ### About Sonar GitLab plugin
......
kicker.json
+ 7
2
View file @ 139c6d18
...@@ -33,14 +33,19 @@ ...@@ -33,14 +33,19 @@
{ {
"name": "SONAR_BASE_ARGS", "name": "SONAR_BASE_ARGS",
"description": "SonarQube [analysis arguments](https://docs.sonarqube.org/latest/analysis/analysis-parameters/)", "description": "SonarQube [analysis arguments](https://docs.sonarqube.org/latest/analysis/analysis-parameters/)",
"default": "-Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG} -Dsonar.projectName=${CI_PROJECT_PATH} -Dsonar.projectBaseDir=. -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues -Dsonar.branch.name=${CI_COMMIT_REF_NAME}", "default": "-Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${CI_PROJECT_PATH_SLUG} -Dsonar.projectName=${CI_PROJECT_PATH} -Dsonar.projectBaseDir=. -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues",
"advanced": true "advanced": true
}, },
{ {
"name": "SONAR_GITLAB_TOKEN", "name": "SONAR_GITLAB_TOKEN",
"description": "GitLab API access token. When set, activates the [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) integration", "description": "GitLab API access token. When set, activates the [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) integration, and enables SonarQube [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/)",
"secret": true "secret": true
}, },
{
"name": "SONAR_BRANCH_ANALYSIS_DISABLED",
"description": "Set to disable automatic [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/) and [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/)",
"type": "boolean"
},
{ {
"name": "SONAR_GITLAB_ARGS", "name": "SONAR_GITLAB_ARGS",
"description": "Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties)", "description": "Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties)",
......
templates/gitlab-ci-sonar.yml
+ 35
2
View file @ 139c6d18
...@@ -28,7 +28,6 @@ variables: ...@@ -28,7 +28,6 @@ variables:
-Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.homepage=${CI_PROJECT_URL}
-Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines
-Dsonar.links.issue=${CI_PROJECT_URL}/-/issues -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues
-Dsonar.branch.name=${CI_COMMIT_REF_NAME}
# Sonar GitLab plugin args # Sonar GitLab plugin args
# see: https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties # see: https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties
...@@ -119,6 +118,39 @@ stages: ...@@ -119,6 +118,39 @@ stages:
fi fi
} }
function sonar_autodetect_mr() {
if [[ "$SONAR_BRANCH_ANALYSIS_DISABLED" ]]
then
log_info "Branch Analysis and Merge Request Analysis are disabled"
return
fi
if [[ "$CI_MERGE_REQUEST_ID" ]]
then
# we are in an MR pipeline: no need to pass arguments as the SonarScanner for Maven will
log_info "Merge Request pipeline detected: let Maven plugin handle..."
return
fi
if [[ -n "$SONAR_GITLAB_TOKEN" ]]
then
wget -q "$CI_API_V4_URL/projects/${CI_PROJECT_ID}/merge_requests?state=opened&source_branch=${CI_COMMIT_REF_NAME}&private_token=$SONAR_GITLAB_TOKEN" -O mr.json || log_warn "Failed requesting GitLab API: check \$SONAR_GITLAB_TOKEN"
if [[ -f mr.json ]] && [[ "$(cat mr.json)" != "[]" ]]
then
mr_title=$(sed -E 's/.*"title":"([^"]*)".*/\1/g' < mr.json)
mr_target=$(sed -E 's/.*"target_branch":"([^"]*)".*/\1/g' < mr.json)
mr_id=$(sed -E 's/.*"iid":([0-9]+).*/\1/g' < mr.json)
log_info "Merge Request \\e[33;1m$mr_title\\e[0m detected associated to this branch: trigger MR analysis..."
export sonar_mr_args="-Dsonar.pullrequest.key=$mr_id -Dsonar.pullrequest.branch=${CI_COMMIT_REF_NAME} -Dsonar.pullrequest.base=$mr_target"
else
log_info "No Merge Request associated to this branch: trigger branch analysis..."
export sonar_mr_args="-Dsonar.branch.name=${CI_COMMIT_REF_NAME}"
fi
else
log_info "\$SONAR_GITLAB_TOKEN unset: trigger branch analysis..."
export sonar_mr_args="-Dsonar.branch.name=${CI_COMMIT_REF_NAME}"
fi
}
function unscope_variables() { function unscope_variables() {
_scoped_vars=$(env | awk -F '=' "/^scoped__[a-zA-Z0-9_]+=/ {print \$1}" | sort) _scoped_vars=$(env | awk -F '=' "/^scoped__[a-zA-Z0-9_]+=/ {print \$1}" | sort)
if [[ -z "$_scoped_vars" ]]; then return; fi if [[ -z "$_scoped_vars" ]]; then return; fi
...@@ -265,8 +297,9 @@ sonar: ...@@ -265,8 +297,9 @@ sonar:
- install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
- eval_java_proxy_args - eval_java_proxy_args
script: script:
- sonar_autodetect_mr
- if [[ "$SONAR_GITLAB_TOKEN" ]]; then sonar_extra_args=$SONAR_GITLAB_ARGS; fi - if [[ "$SONAR_GITLAB_TOKEN" ]]; then sonar_extra_args=$SONAR_GITLAB_ARGS; fi
- sonar-scanner ${TRACE+-Dsonar.verbose=true} $java_proxy_args ${SONAR_AUTH_TOKEN+-Dsonar.login=$SONAR_AUTH_TOKEN} ${SONAR_LOGIN+-Dsonar.login=$SONAR_LOGIN} ${SONAR_PASSWORD+-Dsonar.password=$SONAR_PASSWORD} $SONAR_BASE_ARGS $sonar_extra_args - sonar-scanner ${TRACE+-Dsonar.verbose=true} $java_proxy_args ${SONAR_AUTH_TOKEN+-Dsonar.login=$SONAR_AUTH_TOKEN} ${SONAR_LOGIN+-Dsonar.login=$SONAR_LOGIN} ${SONAR_PASSWORD+-Dsonar.password=$SONAR_PASSWORD} $SONAR_BASE_ARGS $sonar_extra_args $sonar_mr_args
rules: rules:
# exclude merge requests # exclude merge requests
- if: $CI_MERGE_REQUEST_ID - if: $CI_MERGE_REQUEST_ID
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment