This action is deprecated in favour of the first party action available here - https://github.com/SonarSource/sonarqube-scan-action
A GitHub action to configure and run the SonarQube scanner inside a SonarQube Docker container and connect to a self hosted Sonar.
The action support the following features
- Configure scanner
- Configure scanner for pull request decoration
- Run sonar scanner
- Export scanner configuration for consuming by e.g.
gradle,maven.
Static Analysis using SonarQube
| parameter | description | required | default |
|---|---|---|---|
| projectName | Sonar Project name | true |
|
| projectKey | Sonar Project Key | true |
|
| baseDir | Project Base Directory | false |
|
| token | Sonar Login Token | true |
|
| url | Sonar Server url | true |
|
| scmProvider | SCM provider | false |
git |
| sourceEncoding | Encoding of the source files | false |
UTF-8 |
| enablePullRequestDecoration | Decorate a pull request. PR, branch and base are extracted from the pull request event | false |
|
| onlyConfig | Generate sonar configuration, scanner will not be invoked. Sonar parameters are available as output | false |
false |
| isCommunityEdition | Flags if your SonarQube instance is Community edition. Skips setting PRs/branches and defaults to master | false |
false |
| runQualityGate | Run the quality gate associated to this repo in SonarQube | false |
|
| qualityGateTimeout | Number of seconds until build is failed for not passing quailty gate. Defaulted to 300 by SonarQube | false |
|
| organization | Organization in case of using sonarcloud | false |
| parameter | description |
|---|---|
| sonarParameters | Sonar parameters generate based on input. |
| Tool | Version |
|---|---|
| SonarScanner | 4.7.0.2747 |
| Java | 11.0.15 |
| Node | v16.15.1 |
| Python | 2.7.16 |
| Python | 3.7.3 |
To prevent your token from showing in the runner's output, it is advised to store the token configuration inside of a github secret variable.
The listing below uses the secret SONARQUBE_TOKEN from your project's configuration.
sonarqube:
name: SonarQube
runs-on: self-hosted
steps:
- uses: philips-software/sonar-scanner-action@<version>
with:
token: ${{ secrets.SONARQUBE_TOKEN }}
projectName: My Project Name
projectKey: project.key.from.sonar.qube
baseDir: .
url: https://your.sonar.instance.io/name: SonarQube
runs-on: self-hosted
steps:
- uses: philips-software/sonar-scanner-action@<version>
with:
token: ${{ secrets.SONARQUBE_TOKEN }}
projectName: My Project Name
projectKey: project.key.from.sonar.qube
url: https://your.sonar.instance.io/
enablePullRequestDecoration: truesonarqube:
name: SonarQube
runs-on: self-hosted
steps:
- uses: philips-software/sonar-scanner-action@<version>
with:
token: ${{ secrets.SONARQUBE_TOKEN }}
projectName: My Project Name
projectKey: project.key.from.sonar.qube
url: https://your.sonar.instance.io/
isCommunityEdition: trueArgument organization is available since 1.4.0
sonarqube:
name: SonarQube
runs-on: self-hosted
steps:
- uses: philips-software/sonar-scanner-action@<version>
with:
token: ${{ secrets.SONARQUBE_TOKEN }}
projectName: My Project Name
projectKey: project.key.from.sonar.qube
url: https://sonarcloud.io
organization: organization-on-sonarcloud name: SonarQube
runs-on: self-hosted
steps:
- name: Configure sonar scanner
uses: philips-software/sonar-scanner-action@<version>
id: sonarconfig
with:
token: ${{ secrets.SONARQUBE_TOKEN }}
projectName: My Project Name
projectKey: project.key.from.sonar.qube
url: https://your.sonar.instance.io/
enablePullRequestDecoration: true
onlyConfig: true
- name: Run sonar scanner
uses: docker://openjdk:11.0.6-jdk-slim
with:
entrypoint: bash
args:
-c "./gradlew --info sonarQube ${{ steps.sonarconfig.outputs.sonarParameters }}"
Please look at CONTRIBUTING.md on how to contribute.
You can test the action locally by building the docker image and use with the correct parameters.
docker build . -t sonarSet your environment variables as given in the statement below. All the fields after a -e:
docker run -e INPUT_PROJECTNAME -e INPUT_PROJECTKEY -e INPUT_URL -e INPUT_BASEDIR -e INPUT_SCMPROVIDER -e INPUT_SOURCEENCODING -e INPUT_ENABLEPULLREQUESTDECORATION -e INPUT_ONLYCONFIG -e INPUT_ISCOMMUNITYEDITION -e INPUT_RUNQUALITYGATE -e INPUT_QUALITYGATETIMEOUT -e INPUT_TOKEN -e GITHUB_REF -e GITHUB_SHA sonarThis module is part of the Philips Forest.
___ _
/ __\__ _ __ ___ ___| |_
/ _\/ _ \| '__/ _ \/ __| __|
/ / | (_) | | | __/\__ \ |_
\/ \___/|_| \___||___/\__|
CI
Talk to the forestkeepers in the forest-channel on Slack.