Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Code Quality for Bitbucket never triggers a SonarQube™ analysis.

...

The table shows the minimally necessary parameters to get Include Code Quality for Bitbucket to work with Sonar™Scanner. Look at the SonarQube™ documentation for additional parameters or different scanning methods.

Developer Edition or higher

Community Edition

SonarCloud™ https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/overview/

Common Parameters

Code Block
languagebash
sonar-scanner \
  -Dsonar.projectKey=<SONAR_PROJECT_KEY> \ 
  -Dsonar.host.url=<SONAR_SERVER_URL>

Code Block
languagebash
sonar-scanner \
  -Dsonar.projectKey=<SONAR_PROJECT_KEY_PREFIX:BRANCH_NAME> \
  -Dsonar.host.url=<SONAR_SERVER_URL>
Note

SonarQube™ versions 7.9.x and 8+ only allow certain characters [0-9a-zA-Z:-_.] in their project keys. Branch names typically contain / and cannot be used.

Use the same character as configured in the SonarQube™ server configuration under ‘Branch renaming for Sonar™ Project Keys’.

To replace illegal characters with the replacement character, the following sed expression can be used in your CI/CD configuration:

sed s/[^0-9a-zA-Z:_.\-]/'<YOUR_CONFIGURED_CHAR>'/g

Code Block
languagebash
sonar-scanner \
  -Dsonar.projectKey=<SONAR_PROJECT_KEY> \
  -Dsonar.host.url=https://sonarcloud.io \
  -Dsonar.organization=<SONAR_CLOUD_ORGANIZATION>

Branch Analysis

Code Block
languagebash
  -Dsonar.branch.name=<branch_name> 

Parameter not supported, branch included in Sonar™ project key asBRANCH_NAME

See Developer Edition or higher

Pull Request Analysis

Code Block
languagebash
  -Dsonar.
pullrequests
pullrequest.key=<pull request id from Bitbucket>
  -Dsonar.pullrequest.branch=<source branch name of pull request>
  -Dsonar.pullrequest.base=<destination branch name of pull request>

See: https://docs.sonarqube.org/latest/analysis/pull-request/

Info

Take the source branch name of pull requests for BRANCH_NAME in Sonar™ project key

See Developer Edition or higher

Only SonarQube™ 7.7

Code Block
languagebash
  -Dsonar.analysis.scmRevision=COMMIT_ID
Code Block
languagebash
  -Dsonar.analysis.scmRevision=COMMIT_ID

Not needed

Build Systems

Bamboo

We provide a first class integration for Bamboo with our Include Code Quality for Bamboo plugin. See our dedicated wiki page for more information.

...

Use this Jenkinsfile for inspiration:

...

Only Branch Analysis is working: Due to missing feature https://issues.jenkins.io/browse/JENKINS-66581 pull request analysis is currently not possible

Code Block
languagegroovy
pipeline {
    agent any
    environment {
        scannerHome = tool name: 'scanner', type: 'hudson.plugins.sonar.SonarRunnerInstallation' 
    }
    stages {
        stage('branch analysis') {
            when { 
              not {
                changeRequest()
              } 
            }
            steps {
                withSonarQubeEnv('sonar-cloud') {
                sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}"
                }
            }
        }

        
       // NOT WORKING: https://issues.jenkins.io/browse/JENKINS-66581
        stage('PR analysis') {
            when {
                changeRequest()
            }
            steps {
                withSonarQubeEnv('sonar-cloud') {
                sh "${scannerHome}/bin/sonar-scanner \
                      -Dsonar.pullrequest.key=${env.CHANGE_ID} \
                      -Dsonar.pullrequest.base=${env.CHANGE_TARGET} \
                      -Dsonar.pullrequest.branch=${env.CHANGE_BRANCH}"
                }
            }
        }
    }
}

...