Skip to content

BUILD-8700: Add sonarqube support for poetry#38

Merged
jayadeep-km-sonarsource merged 2 commits intomasterfrom
feat/jd/BUILD-8700-poetry-sq
Aug 7, 2025
Merged

BUILD-8700: Add sonarqube support for poetry#38
jayadeep-km-sonarsource merged 2 commits intomasterfrom
feat/jd/BUILD-8700-poetry-sq

Conversation

@jayadeep-km-sonarsource
Copy link
Copy Markdown
Contributor

@jayadeep-km-sonarsource jayadeep-km-sonarsource commented Aug 4, 2025
edited
Loading

BUILD-8700

Adds sonarqube support in build-poetry action

Tested in SonarSource/sonar-dummy-python-oss#50

  • Add support for sonar-platform parameter
  • Run sonar scan using pysonar
  • Make code consistent with build-npm

@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-8700-poetry-sq branch from a2cb49f to b74d05c Compare August 4, 2025 14:54
matemoln
matemoln reviewed Aug 5, 2025
View reviewed changes
Comment thread README.md Outdated
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-8700-poetry-sq branch 3 times, most recently from b1a64f1 to 65bdce8 Compare August 5, 2025 14:23
@jayadeep-km-sonarsource jayadeep-km-sonarsource marked this pull request as ready for review August 5, 2025 14:36
@jayadeep-km-sonarsource jayadeep-km-sonarsource requested a review from a team August 5, 2025 14:36
hedinasr
hedinasr reviewed Aug 6, 2025
View reviewed changes
Comment thread README.md
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-8700-poetry-sq branch 2 times, most recently from 8cc6f16 to 8a7c9a5 Compare August 7, 2025 07:05
@hedinasr hedinasr self-requested a review August 7, 2025 07:41
@jayadeep-km-sonarsource
BUILD-8700: Add sonarqube support for poetry
c0a1c2f 
Signed-off-by: Jayadeep Kinavoor Madam <jayadeep.kinavoormadam@sonarsource.com>
@jayadeep-km-sonarsource
BUILD-8700: Fixing tests and handling review comments
c5d3ad3 
Signed-off-by: Jayadeep Kinavoor Madam <jayadeep.kinavoormadam@sonarsource.com>
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-8700-poetry-sq branch from 8a7c9a5 to c5d3ad3 Compare August 7, 2025 08:09
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Aug 7, 2025

🤖 Pull Request summary

Updates build-poetry action to enable full SonarQube integration and improve build workflow.

  • Enabled SonarQube analysis: Removed "currently disabled" comments and activated pysonar integration across all supported branch types (main, maintenance, PR, long-lived feature branches)
  • Enhanced build configuration: Added intelligent branch-based logic to determine when to run SonarQube analysis and artifact deployment
  • Added project version output: New project-version output exposes the computed version for downstream workflow steps
  • Improved Git handling: Added unshallow fetch for SonarQube analysis to ensure proper blame and change detection
  • Updated documentation: Revised README to reflect SonarQube integration and added comprehensive input parameter examples

Focus areas for review:

  • Verify SonarQube token handling and security in the vault integration
  • Confirm the pysonar installation approach (pip install

💬 Please send your feedback

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jayadeep-km-sonarsource jayadeep-km-sonarsource merged commit d148c31 into master Aug 7, 2025
8 checks passed
@jayadeep-km-sonarsource jayadeep-km-sonarsource deleted the feat/jd/BUILD-8700-poetry-sq branch August 7, 2025 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matemoln matemoln matemoln left review comments

@hedinasr hedinasr hedinasr approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jayadeep-km-sonarsource @matemoln @hedinasr