2018-10-29 12:22:22 +00:00
---
2019-02-12 09:54:27 +00:00
date: 2019-02-12T10:50:00+00:00
2018-10-29 12:22:22 +00:00
title: SonarQube
author: aosapps
tags: [ Sonar, SonarQube, Analysis, report ]
logo: sonarqube.svg
repo: aosapps/drone-sonar-plugin
image: aosapps/drone-sonar-plugin
---
2018-08-28 16:39:09 +00:00
2018-10-29 12:22:22 +00:00
This plugin can scan your code quality and post the analysis report to your SonarQube server. SonarQube (previously called Sonar), is an open source code quality management platform.
2018-08-28 16:39:09 +00:00
2018-10-29 12:22:22 +00:00
The below pipeline configuration demonstrates simple usage:
2018-08-28 16:39:09 +00:00
```yaml
2019-02-17 03:10:46 +00:00
steps
- name: code-analysis
image: aosapps/drone-sonar-plugin
settings:
sonar_host:
from_secret: sonar_host
sonar_token:
from_secret: sonar_token
2018-08-28 16:39:09 +00:00
```
2018-10-29 12:22:22 +00:00
Customized parameters could be specified:
```diff
2019-02-17 03:10:46 +00:00
steps
- name: code-analysis
2018-10-29 12:22:22 +00:00
image: aosapps/drone-sonar-plugin
2019-02-12 09:54:27 +00:00
settings:
sonar_host:
from_secret: sonar_host
sonar_token:
from_secret: sonar_token
+ ver: 1.0
+ timeout: 20
+ sources: .
+ level: DEBUG
+ showProfiling: true
+ exclusions: ** /static/**/*,**/dist/**/*.js
2018-10-29 12:22:22 +00:00
```
# Secret Reference
2018-08-28 16:39:09 +00:00
Safety first, the host and token are stored in Drone Secrets.
* `sonar_host` : Host of SonarQube with schema(http/https).
* `sonar_token` : User token used to post the analysis report to SonarQube Server. Click User -- My Account -- Security -- Generate Tokens.
2018-10-29 12:22:22 +00:00
# Parameter Reference
2018-08-28 16:39:09 +00:00
* `ver` : Code version, Default value `DRONE_BUILD_NUMBER` .
* `timeout` : Default seconds `60` .
* `sources` : Comma-separated paths to directories containing source files.
* `inclusions` : Comma-delimited list of file path patterns to be included in analysis. When set, only files matching the paths set here will be included in analysis.
2018-10-29 12:22:22 +00:00
* `exclusions` : Comma-delimited list of file path patterns to be excluded from analysis. Example: `**/static/**/*,**/dist/**/*.js` .
2018-08-28 16:39:09 +00:00
* `level` : Control the quantity / level of logs produced during an analysis. Default value `INFO` .
* DEBUG: Display INFO logs + more details at DEBUG level.
* TRACE: Display DEBUG logs + the timings of all ElasticSearch queries and Web API calls executed by the SonarQube Scanner.
* `showProfiling` : Display logs to see where the analyzer spends time. Default value `false`
2019-11-20 21:36:35 +00:00
* `branchAnalysis` : Pass currently analysed branch to SonarQube. (Must not be active for initial scan!) Default value `false`
2018-08-28 16:39:09 +00:00
2018-10-29 12:22:22 +00:00
# Notes
2018-08-28 16:39:09 +00:00
* projectKey: `DRONE_REPO`
* projectName: `DRONE_REPO`
* You could also add a file named `sonar-project.properties` at the root of your project to specify parameters.
2018-10-29 12:22:22 +00:00
Code repository: [aosapps/drone-sonar-plugin ](https://github.com/aosapps/drone-sonar-plugin ).
2018-08-28 16:39:09 +00:00
SonarQube Parameters: [Analysis Parameters ](https://docs.sonarqube.org/display/SONAR/Analysis+Parameters )
2018-10-29 12:22:22 +00:00
# Test your SonarQube Server:
Replace the parameter values with your own:
2018-08-28 16:39:09 +00:00
```commandline
sonar-scanner \
-Dsonar.projectKey=Neptune:news \
-Dsonar.sources=. \
-Dsonar.projectName=Neptune/news \
-Dsonar.projectVersion=1.0 \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=60878847cea1a31d817f0deee3daa7868c431433
```
