sonar-quality-gate
v1.3.2
Published
Sonarqube have feature quality code gate, but it's not work for Community Edition. So, this plugin will be intergate to CI/CD, get quality code and push report to merge request when has change.
Downloads
37
Maintainers
Readme
Sonar quality gate code
Sonarqube have feature quality code gate, but it's not work for Community Edition. So, this plugin will be intergate to CI/CD, get quality code and push report to merge request when has change.
quality-gate is a command line interface for quality code gate.
- Analytics code: Use command
sonar-scanner
to analytic code, report and push issues to sonar servers. - Push issue to code changes of merge request
- Generate report quality code of new code, and create note for merge request.
For Github and Gitlab
Result:
Getting Started
$ npm install -g sonar-quality-gate
# Show help
$ quality-gate --help
Result:
__ _ _ _ __ _ | | (_) | |_ _ _ __ _ __ _ | |_ ___
/ _` | | | | | / _` | | | | | | __| | | | | _____ / _` | / _` | | __| / _ \
| (_| | | |_| | | (_| | | | | | | |_ | |_| | |_____| | (_| | | (_| | | |_ | __/
\__, | \__,_| \__,_| |_| |_| \__| \__, | \__, | \__,_| \__| \___|
|_| |___/ |___/
Usage: quality-gate [options]
Global Options:
-h, --help [boolean]
-D, --define Define sonar property
Authentication:
sonar.login The authentication token or login of a SonarQube user with Execute Analysis permission on
the project.
More parameters:
- https://docs.sonarqube.org/latest/analysis/analysis-parameters/ [array]
--git Config git
--git.url Git server URL. Default: $GIT_URL
--git.token Git token. Default: $GIT_TOKEN
--git.project_id Gitlab project ID or Github repository. Default: $CI_PROJECt_ID or $GITHUB_REPOSITORY
--git.merge_id Git merge request IID. Default: $CI_MERGE_REQUEST_IID
[default: {}]
--sonar Config sonar
--sonar.url Sonarqube server URL. Default: $SONAR_URL or sonar.host.url in file
sonar-project.properties.
--sonar.token The authentication token of a SonarQube user with Execute Analysis permission on the
project. Default: $SONAR_TOKEN
--sonar.project_key Sonar project key. Default: sonar.projectKey in file sonar-project.properties
[default: {}]
-v, --version Show version [boolean]
-X, --debug Produce execution debug output [boolean] [default: false]
-p, --provide [default: "gitlab"]
To run check quality code gate:
quality-gate -p=github -D sonar.login="<token>" --sonar.url="<sonar url>" --sonar.token="<sonar token>" --sonar.project_key="<sonar token>" --git.url="https://gitlab.com" --git.token="xxx" --git.project_id=123 --git.merge_id=345
if set env for bellow parameters:
GIT_URL=""
GIT_TOKEN=""
CI_PROJECt_ID=""
CI_MERGE_REQUEST_IID=""
SONAR_URL=""
SONAR_TOKEN=""
and has file sonar-project.properties
:
sonar.host.url=
sonar.projectKey=
We can use short command:
quality-gate -Dsonar.login=""
Config CI/CD
Add sonar-project.properties
Add new file sonar-project.properties
as below content:
# sonar.organization=dieuhd # if use sonarcloud, uncomment this line
sonar.host.url=[SONAR_HOST]
sonar.projectKey=[SONAR_PROJECT_KEY]
sonar.qualitygate.wait=true
Run with Gitlab-CI
Use quality-gate
instead of sonar-scanner
.
Example:
quality-gate -Dsonar.login=$SONAR_KEY
And config for gitlab-ci:
stages:
- CheckSonar
.CheckSonarqube: &CheckSonarqube |
quality-gate -Dsonar.login=$SONAR_KEY
Sonar:
stage: CheckSonar
image: dieuhd/sonar-quality-gate
rules:
- if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "master"'
script:
- *CheckSonarqube
P/S: Only work for merge request. Becase, the plugin need Merge Request IID.
Run with Github Action
Example:
name: Check sonarqube
on: [pull_request]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up Sonar Quality Gate
uses: dieuhd/sonar-quality-gate@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GIT_URL: "https://api.github.com"
GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
SONAR_URL: ${{ secrets.SONAR_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }}
with:
login: ${{ secrets.SONAR_TOKEN }}
url: ${{ secrets.SONAR_URL }}
projectKey: ${{ secrets.SONAR_PROJECT_KEY }}
Contribute
$ git clone https://github.com/dieuhd/sonar-quality-gate.git
$ cd sonar-quality-gate
$ npm install
$ husky install && chmod ug+x .husky/*
$ npm run start:dev
License
MIT. See LICENSE.txt.