...
New code changes pushed to Bitbucket (or new pull request is created)
Bitbucket triggers your build pipeline for code changes
Your build pipeline must trigger the Sonar analysis
and executes the SonarScanneror one of its build system-dependent alternatives.
see below for required parameters
SonarQube informs Sonar for Bitbucket over a Webhook about a new analysis report.
Sonar for Bitbucket annotates existing pull requests with the issues found in the analysis.
...
Use Bitbucket Webhook to Jenkins or any other app to notify Jenkins about new code changes. See these instructions on how to set it up. It is important enabling the setting "Omit SHA1 Hash Code" in the repository settings of the app (see this issue on Github for more details).
Follow the instructions on the Sonar Scanner for Jenkins Wiki to set up the SonarScanner configuration.
The Jenkins Git plugin includes the
origin/prefix in branch names, which has to be removed. Use a Jenkins freestyle job.Code Block language bash echo SONAR_BRANCH=$(printf '%s' $GIT_BRANCH | cut -d'/' -f 2-) > sonar-branch
(Community Edition only) SonarQube versions 7.9.x and 8.x need to replace illegal branch characters.
Use the following command to export the sanitized branch name to a file:Code Block echo SONAR_BRANCH=$(printf '%s' $GIT_BRANCH | cut -d'/' -f 2- | sed s/[^0-9a-zA-Z:_.\-]/'<YOUR_CONFIGURED_CHAR>'/g) > sonar-branch
...