Kovair DevOps and SonarQube Integration Plugin

SonarQube Plugin Details

Plugin Version: 1.0.0
Last Update on: December 10, 2019

Overview

SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.

SonarQube:

More information can be found at SonarQube.

Version Supported:

This plugin was developed and tested against SonarCloud(https://sonarcloud.io/). SonarScanner 4.2 is used for code analysis (Ref : https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarscanner/)

Plugin Operation:

1. Run Code Analysis This operation allows to code analysis using SonarQube.

Input parameter(s):

Parameter Is Mandatory Help Text
Url true Sonarqube Cloud Url(https://sonarcloud.io)
Token true Sonarqube Token.
SonarqubeScanner Path true SonarqubeScanner file path (Ex: C:\\sonar-scanner-windows\\bin\\sonar-scanner.bat).
Project Path true Project Path (Ex: C:\\DemoAspProject)
ProjectKey true Sonarqube ProjectKey
Organization true Sonarqube Organization

Output parameter(s):

Parameter Help Text
SonarqubeStatus Status of the Operation

Pass/Fail Condition:

Status Condition
Passed Outputlog should contain ‘EXECUTION SUCCESS’
Failed If outputlog does not contain ‘EXECUTION SUCCESS’ or some internal error occurs.


2. Analysis Report This operation allows to fetch code analysis report(Quality Gate,Bugs,Vulnerabilities etc).

Input parameter(s):

Parameter Is Mandatory Help Text
Url true Sonarqube Cloud Url(https://sonarcloud.io)
Token true Sonarqube Token.
ProjectKey true Sonarqube ProjectKey

Output parameter(s):

Parameter Help Text
Quality Gate Quality Gate.
Bugs Total bugs.
Vulnerabilities Vulnerabilities.
Code Smells Code Smells.
Coverage Coverage.
Duplications Duplications.
Lines of Code Lines of Code.
SonarqubeStatus Status of the Operation

Pass/Fail Condition:

Status Condition
Passed If basecomponent in console outputlog contains required data.
Failed If basecomponent in console outputlog does not contains required data. or some internal error occurs.


3. Get Issues This operation allows to get top 100 issues from sonarqube.

Input parameter(s):

Parameter Is Mandatory Help Text
Url true Sonarqube Cloud Url(https://sonarcloud.io)
Token true Sonarqube Token.
ProjectKey true Sonarqube ProjectKey

Output parameter(s):

Parameter Help Text
Issue Count Issue Count.
SonarqubeStatus Status of the Operation

Pass/Fail Condition:

Status Condition
Passed If outputlog contains the issue list.
Failed If outputlog does not contains the issue list or some internal error occurs.

Disclaimers:

  1. User should have account in sonarcloud as the adapter is developed for sonarcloud(https://sonarcloud.io/).
  2. Sonarqube scanner(https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/) should be installed in Agent machine.
  3. This plugin will not work with Maven, Make and Gradle.

Release Details:

SonarQube Plugin: 1.0.0
Initial version with basic functionalities

Contact us:

    Yes, I accept the Privacy Statement and want to receive latest information from Kovair.
    [tracking]