| date | title | author | tags | logo | repo | image | ||||
|---|---|---|---|---|---|---|---|---|---|---|
2021-09-26 13:36:00 +0000 |
SonarQube |
diegopereiraeng |
|
sonarqube.svg |
drone-plugins/sonarqube-scanner |
drone-plugins/sonarqube-scanner:latest |
This plugin can scan your code quality and post the analysis report to your SonarQube server. SonarQube (previously called Sonar), is an open source code quality management platform.
The below pipeline configuration demonstrates simple usage:
steps:
- name: code-analysis
image: drone-plugins/sonarqube-scanner:latest
settings:
sonar_host:
from_secret: sonar_host
sonar_token:
from_secret: sonar_tokenCustomized parameters could be specified:
steps:
- name: code-analysis
image: drone-plugins/sonarqube-scanner
settings:
sonar_host:
from_secret: sonar_host
sonar_token:
from_secret: sonar_token
sonar_name: project-harness
sonar_key: project-harness
+ build_number: 1.0
+ timeout: 20
+ sources: .
+ level: DEBUG
+ showProfiling: true
+ exclusions: **/static/**/*,**/dist/**/*.js
+ usingProperties: false
+ binaries: .Safety first, the host and token are stored in Drone Secrets.
sonar_host: Host of SonarQube with schema(http/https).sonar_token: User token used to post the analysis report to SonarQube Server. Click User -- My Account -- Security -- Generate Tokens.
-
sonar_name: Sonar Project NAme. -
sonar_key: Sonar Project Key. -
sonar_qualitygate_timeout: Timeout in seconds for Sonar Scan. -
artifact_file: Timeout in seconds for Sonar Scan. -
sonar_quality_enabled: True to block pipeline if sonar quality gate conditions are not met. -
branch: Branch for analysis. (-Dsonar.branch.name=) -
build_number: Build Version. -
build_version: Code version, Default valueDRONE_BUILD_NUMBER. -
timeout: Default seconds60. -
sources: Comma-separated paths to directories containing source files. -
inclusions: Comma-delimited list of file path patterns to be included in analysis. When set, only files matching the paths set here will be included in analysis. -
exclusions: Comma-delimited list of file path patterns to be excluded from analysis. Example:**/static/**/*,**/dist/**/*.js. -
level: Control the quantity / level of logs produced during an analysis. Default valueINFO.- DEBUG: Display INFO logs + more details at DEBUG level.
- TRACE: Display DEBUG logs + the timings of all ElasticSearch queries and Web API calls executed by the SonarQube Scanner.
-
showProfiling: Display logs to see where the analyzer spends time. Default valuefalse(-Dsonar.showProfiling=) -
branchAnalysis: Pass currently analysed branch to SonarQube. (Must not be active for initial scan!) Default valuefalse -
usingProperties: Using thesonar-project.propertiesfile in root directory as sonar parameters. (Not includesonar_hostandsonar_token.) Default valuefalse -
sonar_qualitygate_timeout: Quality gate timeout. (-Dsonar.qualitygate.timeout=) -
binaries: app binaries (-Dsonar.java.binaries=)
javascript_icov_reportPath: Path to coverage report (-Dsonar.javascript.lcov.reportPath)
-
jacoco_report_path: Path to Jacoco Report (if not default). (-Dsonar.jacoco.reportPath=) -
java_coverage_plugin: plugin to use as coverage. ex: jacoco (-Dsonar.java.coveragePlugin=)
- projectKey:
PLUGIN_SONAR_KEY - projectName:
PLUGIN_SONAR_NAME - You could also add a file named
sonar-project.propertiesat the root of your project to specify parameters.
Code repository: drone-plugins/sonarqube-scanner.
SonarQube Parameters: Analysis Parameters
Replace the parameter values with your own:
sonar-scanner \
-Dsonar.projectKey=Harness:cie \
-Dsonar.sources=. \
-Dsonar.projectName=Harness/cie \
-Dsonar.projectVersion=1.0 \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=60878847cea1a31d817f0deee3daa7868c431433