How to setup Include Code Quality for Bitbucket

Getting started - watch intro video to get high-level concepts

Getting Started video for Include Code Quality for Bitbucket

Prerequisites

  • Bitbucket Datacenter/Server with version 7.0 or newer

  • SonarQube™ Server version 7.7 or newer

Developer Edition or higher

Community Edition

SonarCloud™

Developer Edition or higher

Community Edition

SonarCloud™

1

Add a SonarQube™ server configuration in the Sonar™ for Bitbucket app under Bitbucket Admin → Sonar™. 

  1. Configure name and SonarQube™ Application URL

  2. Add a User Token of the SonarQube™ Service Account. It should have system admin permissions to allow automatic webhook setup, otherwise a manual webhook configuration is required.

Follow the same steps as for Developer Edition or higher

Community Edition version 7.9.x and 8.3+:
You will be asked to enter a replacement character for illegal characters in SonarQube™ project keys.

Add a SonarQube™ server configuration in the Sonar™ for Bitbucket app under Bitbucket Admin → Sonar™. 

  1. Configure name

  2. Add https://sonarcloud.io as SonarQube™ Application URL

  3. Add your Sonar™ Cloud organization key

  4. Add a User Token of the SonarQube™ Service Account. It should have project admin permissions to allow automatic webhook setup.

2

Configure Sonar™ Analysis based on your build infrastructure. If you use Bamboo, a seamless integration is possible with our Include Code Quality for Bamboo app.

Follow our Sonar™ Analysis Configuration guide and configure the analysis parameters for your SonarQube™ version based on the Analysis Parameter Matrix.

Include Code Quality for Bitbucket 6.0 supports multiple SonarQube™ projects for the same repository. To use it, configure the Sonar™ Analysis on sub directories of the repositories

Follow the same steps as for Developer Edition or higher

The SonarQube™ Community Edition does not know about branches and pull requests. A separate SonarQube™ project for each branch is used to show SonarQube™ information for pull requests and branches.

The app expects Sonar™ project keys in the format <projectKey>:<branchName> More details can be found in our Sonar™ Analysis Configuration guide

Follow the same steps as for Developer Edition or higher

 

3

Run a Sonar™ Analysis on the main branch of the repository where you want to enable the app.

Verify that the analysis results are available in SonarQube™.

Follow the same steps as for Developer Edition or higher

Follow the same steps as for Developer Edition or higher

4

Connect one or more SonarQube™ project to a Repository (Repository → Settings → Sonar™)

  1. Click Add new SonarQube™ project

  2. Select the Module Directory of the project. Leave empty for a single SonarQube™ project in the repository. Select a subfolder of the repository for multiple projects.

  3. Select the appropriate SonarQube™ server and SonarQube™ project

  4. Configure the Sonar™ analysis directory:

    1. to the path where the analysis runs

    2. must start with the module directory

Follow the same steps as for Developer Edition or higher and additionally set:

  1. Branch project key prefix, which is used together with the branch name for the branch projects in SonarQube™

Follow the same steps as for Developer Edition or higher

5

Enable Sonar™ for Bitbucket in the settings page of your repository (Repository → Settings → Sonar™)

  1. Verify you have one or more SonarQube™ projects linked to the repository.

  2. Configure additional settings in the tabs if required.

    1. enable Merge Checks based on SonarQube™ quality gates to enforce high code quality:
      ‘Use SonarQube™ Quality Gates as Pull Request Merge Checks’

  3. Toggle the Sonar™ Enabled button

 

Follow the same steps as for Developer Edition or higher and additionally set:

  1. Configure the branch project provisioning if you want the project settings from the main project copied to the branch projects

 

Follow the same steps as for Developer Edition or higher

6

Go to Repository → Source View of the already analyzed main branch. You should see the issue annotations:

If you cannot see Sonar™ issues or test coverage in here, please follow our configuration checklist to find out what went wrong.

Follow the same steps as for Developer Edition or higher

Follow the same steps as for Developer Edition or higher

7

Create a new branch and add a commit with some issues in it. Create a pull request from that branch.

Your Sonar™ Analysis Configuration should pick up the new pull request and analyze it correctly.

If you cannot see Sonar™ issues or test coverage in here, please follow our configuration checklist to find out what went wrong.

Follow the same steps as for Developer Edition or higher

Follow the same steps as for Developer Edition or higher

 

SONAR™, SONARQUBE™ and SONARCLOUD™ are independent and trademarked products and services of SonarSource SA: see sonarsource.com, sonarqube.org, sonarcloud.io.