How to: Set up Sonarcloud scans for non-Java projects
While we have a long-established job type for running Sonar scans via maven (as is used by camunda_workflow and portal_user_interface), the LF recently added a generic job type for Sonar scanning in any supported language (see all supported languages here). The below instructions will guide you through adding one of these Sonarcloud scans to your project.
Step-by-step guide
- In your project's JJB file (generally found in the ci-management repo, in the path
jjb/<project-name>/<project-name>.yaml
), you need to add "gerrit-sonar" to the list of jobs. - Next, you will need to add properties. There are two ways to do this: either by adding a
sonar-project.properties
file to the project repo, or by adding them in the JJB job.- If you are putting the properties directly into the JJB file, you'll need to supply an empty string for the
sonar-project-file
parameter, and then put your properties under thesonar-properties
parameter. - A list of properties (referred to in the docs as "Analysis Parameters", but both the file name and the Jenkins plugin for Sonar refer to these as "properties") can be found here: https://sonarcloud.io/documentation/analysis/analysis-parameters/. The first mandatory parameter listed,
sonar.host.url
, does not need to be provided. It will be injected into the environment by the Sonar Scanner plugin, and should not be overwritten.
- If you are putting the properties directly into the JJB file, you'll need to supply an empty string for the
That's all there is to it! If you need to tweak Quality Profiles or Quality Gates, please submit a support ticket at support.linuxfoundation.org.
Example JJB file
Below is the file used by the LF RelEng team to test this feature. It shows the proper formatting for adding the properties to the JJB job, and provides a list of typical properties than can be provided for optimal scan results. In order to best reflect the real-world use of this feature, the file has not been truncated to show only the relevant section. However, the primary relevant code is entirely contained in the gerrit-sonar
job details.
--- - project: name: ta-caas-install-amd64 project: ta/caas-install project-name: ta-caas-install-amd64 project-type: - merge - verify build-node: centos7-builder-2c-1g stream: master jobs: - akraino-project-stream-type-ta - gerrit-sonar: sonar-project-file: "" sonar-properties: | # Required metadata sonar.projectKey=ta-caas-install sonar.projectName=ta-caas-install sonar.organization=akraino-edge-stack # Source sonar.sources=. # Language sonar.language=py # Encoding sonar.build.sourceEncoding=UTF-8 # Unit tests sonar.junit.reportsPath=xunit-results.xml sonar.python.coverage.reportPath=coverage.xml # Inclusions sonar.inclusions=**/**.py # Exclusions sonar.exclusions=**/tests/**.py,**/test*.py - project: name: ta-caas-install-arm64 project: ta/caas-install project-name: ta-caas-install-arm64 project-type: - merge - verify build-node: aarch64_dev gerrit-skip-vote: true arch: arm64 stream: master jobs: - akraino-project-stream-type-ta
Related articles