SonarCloud Code Quality and Code Security - lyes-sefiane/microservices-monitoring-and-observability GitHub Wiki
Table Of Contents
What is SonarCloud ?
- Please refer to the official documentation available at https://docs.sonarcloud.io/
Analysis Method
- Please refer to the official documentation available at https://docs.sonarcloud.io/getting-started/github/
CI-based Analysis
Prerequisite
- Analyze projects - Select repositories (including Organization Import/Creation)
- Navigate to Administration > Analysis Method & Deactivate SonarCloud Automatic Analysis
CircleCI
- Please refer to .circleci/config.yml for more information
Orb Declaration
orbs:
sonarcloud: sonarsource/[email protected]
Job Definition
jobs:
sonar-cloud:
parameters:
image:
type: string
default: cimg/openjdk:11.0.13
command:
type: string
docker:
- image: <<parameters.image>>
steps:
- checkout
- run:
name: Analyze on SonarCloud
command: <<parameters.command>>
Workflows Definition
- Please refer to the official documentation available at https://circleci.com/docs/2.0/contexts/ regarding the context usage
workflows:
network-device-inventory-development-workflow:
jobs:
- sonar-cloud:
name: sonar-cloud-inventory
command: mvn verify sonar:sonar -Dsonar.projectKey=$PROJECT_KEY -Dsonar.host.url=$HOST_URL -Dsonar.organization=$ORGANIZATION
context:
- SonarCloud
network-device-inventory-release-workflow:
jobs:
- sonar-cloud:
name: sonar-cloud-inventory
command: mvn verify sonar:sonar -Dsonar.projectKey=$PROJECT_KEY -Dsonar.host.url=$HOST_URL -Dsonar.organization=$ORGANIZATION
context:
- SonarCloud
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/