This is an old revision of the document!
SonarQube
SonarQube is an open-source platform for static code analysis, used to verify the technical quality of the source code. The development is managed by sonarsource (Tool website: sonarqube.org). The tool was released in 2007 and was called “Sonar” until the name was changed in 2013.
Homepage: https://www.sonarqube.org/
Install Server
Activate in Projekt on GitLab
Doc: https://docs.sonarqube.org/latest/analysis/gitlab-integration/
- Create Access Token in Gitlab in the Instance, Group or Project
- Token name: SonarQube
- Scopes: api
- Expiration date: empty = no
- Role: Reporter
Save the group access token
- Import GitLab Project into SonarQube
- Add Projekt
- Enter group access token
- Select Project you want to add
- Choose “With GitLab CI” for analyze your repository
- Project key: Other
- file: .sonar-project.properties
- In root dir of the project.
- Filename: .sonar-project.properties
- Content:
sonar.projectKey=<project-name>_<key from sonarqube> sonar.qualitygate.wait=true sonar.python.version=2
- Add two vars to Project: Settings→ CI/CD → Variables
- key: SONAR_TOKEN
- Value: generate token in SonarQube Webinterface
- uncheck “Protect Variable”
- CHECK “Mask Variable”
- key: SONAR_HOST_URL
- Uncheck both: Protect Variable / Mask Variable
- add sonarqube job in .gitlab-ci.yml
stages: - sonarqube sonarqube_check_job: only: refs: - tags variables: - $CI_COMMIT_TAG =~ /^[Cc]heck_source-.*$/ # commit tag starts job image: name: sonarsource/sonar-scanner-cli:latest entrypoint: [""] tags: - sonarqube-runner stage: sonarqube variables: SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task cache: key: "${CI_JOB_NAME}" paths: - .sonar/cache script: - sonar-scanner -Dsonar.qualitygate.wait=false -Dproject.settings=.sonar-project.properties # -X = debug, only for tests if failed allow_failure: true