SonarQube Plugin Details
Plugin Version: 1.0.0
Last Update on: December 10, 2019
Last Update on: December 10, 2019
Overview
SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
SonarQube:
More information can be found at SonarQube.
Version Supported:
This plugin was developed and tested against SonarCloud(https://sonarcloud.io/). SonarScanner 4.2 is used for code analysis (Ref : https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarscanner/)
Plugin Operation:
1. Run Code Analysis This operation allows to code analysis using SonarQube.Input parameter(s):
Parameter | Is Mandatory | Help Text |
Url | true | Sonarqube Cloud Url(https://sonarcloud.io) |
Token | true | Sonarqube Token. |
SonarqubeScanner Path | true | SonarqubeScanner file path (Ex: C:\\sonar-scanner-windows\\bin\\sonar-scanner.bat). |
Project Path | true | Project Path (Ex: C:\\DemoAspProject) |
ProjectKey | true | Sonarqube ProjectKey |
Organization | true | Sonarqube Organization |
Output parameter(s):
Parameter | Help Text |
SonarqubeStatus | Status of the Operation |
Pass/Fail Condition:
Status | Condition |
Passed | Outputlog should contain ‘EXECUTION SUCCESS’ |
Failed | If outputlog does not contain ‘EXECUTION SUCCESS’ or some internal error occurs. |
2. Analysis Report This operation allows to fetch code analysis report(Quality Gate,Bugs,Vulnerabilities etc).
Input parameter(s):
Parameter | Is Mandatory | Help Text |
Url | true | Sonarqube Cloud Url(https://sonarcloud.io) |
Token | true | Sonarqube Token. |
ProjectKey | true | Sonarqube ProjectKey |
Output parameter(s):
Parameter | Help Text |
Quality Gate | Quality Gate. |
Bugs | Total bugs. |
Vulnerabilities | Vulnerabilities. |
Code Smells | Code Smells. |
Coverage | Coverage. |
Duplications | Duplications. |
Lines of Code | Lines of Code. |
SonarqubeStatus | Status of the Operation |
Pass/Fail Condition:
Status | Condition |
Passed | If basecomponent in console outputlog contains required data. |
Failed | If basecomponent in console outputlog does not contains required data. or some internal error occurs. |
3. Get Issues This operation allows to get top 100 issues from sonarqube.
Input parameter(s):
Parameter | Is Mandatory | Help Text |
Url | true | Sonarqube Cloud Url(https://sonarcloud.io) |
Token | true | Sonarqube Token. |
ProjectKey | true | Sonarqube ProjectKey |
Output parameter(s):
Parameter | Help Text |
Issue Count | Issue Count. |
SonarqubeStatus | Status of the Operation |
Pass/Fail Condition:
Status | Condition |
Passed | If outputlog contains the issue list. |
Failed | If outputlog does not contains the issue list or some internal error occurs. |
Disclaimers:
- User should have account in sonarcloud as the adapter is developed for sonarcloud(https://sonarcloud.io/).
- Sonarqube scanner(https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/) should be installed in Agent machine.
- This plugin will not work with Maven, Make and Gradle.
Release Details:
SonarQube Plugin: 1.0.0
Initial version with basic functionalities
Initial version with basic functionalities