Codefresh Steps: Reusable Code for Common Operations
This page provides code you can use to perform common operations in the Codefresh CI/CD platform.
507.6K

sonar-scanner-cli sonar-scanner-cli

Invokes scan using Sonarqube, step is not compatible with C/C++/Objective-C projects. Requires sonar-project.properties file with Project Name and Key defined. Documentation - https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/

arguments

  • SONAR_ANALYSIS_PARAMETERS - Array of additional Sonarqube Analysis Parameters Ex. - sonar.projectDescription='mycustomdescription'. List: https://docs.sonarqube.org/latest/analysis/analysis-parameters/
  • SONAR_CLI_IMAGE - The Docker image registry/image for step.
  • SONAR_HOST_URL - the server URL
  • SONAR_LOGIN - The login or authentication token of a SonarQube user with Execute Analysis permission on the project.
  • SONAR_PASSWORD - The password that goes with the sonar.login username. This should be left blank if an authentication token is being used.
  • SONAR_PROJECT_BASE_DIR - Use this property when you need analysis to take place in a directory other than the one from which it was launched. E.G. analysis begins from jenkins/jobs/myjob/workspace but the files to be analyzed are in ftpdrop/cobol/project1. The path may be relative or absolute. Specify not the the source directory, but some parent of the source directory. The value specified here becomes the new 'analysis directory', and other paths are then specified as though the analysis were starting from the specified value of sonar.projectBaseDir. Note that the analysis process will need write permissions in this directory; it is where the sonar.working.directory will be created.
  • SONAR_SCANNER_CLI_VERSION - Version of Sonar Scanner CLI to use, Docker image tag.
  • SONAR_SCANNER_OPTS - Default jvm memory setting for the Sonar process.
    SimpleScan:
  type: sonar-scanner-cli
  arguments:
    SONAR_HOST_URL: 'http://foo.acme:9000'
    SONAR_LOGIN: username or key
    SONAR_PASSWORD: password if username is used
    SONAR_PROJECT_BASE_DIR: set working directory for analysis
    SONAR_SCANNER_CLI_VERSION: latest
PullRequestScan:
  type: sonar-scanner-cli
  arguments:
    SONAR_HOST_URL: 'https://sonarcloud.io'
    SONAR_ANALYSIS_PARAMETERS:
      - 'sonar.pullrequest.key=${{CF_PULL_REQUEST_NUMBER}}'
      - 'sonar.pullrequest.branch=${{CF_BRANCH}}'
      - 'sonar.pullrequest.base=${{CF_PULL_REQUEST_TARGET}}'
      - 'sonar.organization=${{CF_REPO_OWNER}}'
      - 'sonar.projectKey=${{CF_REPO_OWNER}}_${{CF_REPO_NAME}}'
      - >-
        sonar.projectBaseDir=/codefresh/volume/${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}
      - 'sonar.login=${{SONAR_LOGIN}}'

  
github.com
Dustin Van Buskirk
Oct 20, 2021