Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
sonarcloud: sonarsource/sonarcloud@2.0.0
Use sonarcloud
elements in your existing workflows and jobs.
Opt-in to use of uncertified orbs on your organization’s Security settings page.
Use the sonarcloud orb to detect bugs and vulnerabilities in your repository
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
jobs:
build:
docker:
- image: node:latest
steps:
- checkout
- sonarcloud/scan
orbs:
sonarcloud: sonarsource/sonarcloud@1.1.0
version: 2.1
workflows:
main:
jobs:
- build:
context: sonarcloud
Detect bugs and vulnerabilities
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
cache_version | increment this value if the cache is corrupted and you want to start with a clean cache | No | 1 | integer |
project_root | the root of the project that should be analyzed (relative to the root directory of the repository) | No | . | string |
sonar_token_variable_name | the name of the environment variable where the SonarCloud API token is stored | No | SONAR_TOKEN | env_var_name |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
commands:
scan:
description: Detect bugs and vulnerabilities
parameters:
cache_version:
default: 1
description: increment this value if the cache is corrupted and you want to start with a clean cache
type: integer
project_root:
default: .
description: the root of the project that should be analyzed (relative to the root directory of the repository)
type: string
sonar_token_variable_name:
default: SONAR_TOKEN
description: the name of the environment variable where the SonarCloud API token is stored
type: env_var_name
steps:
- run:
command: mkdir -p /tmp/cache/scanner
name: Create cache directory if it doesn't exist
- restore_cache:
keys:
- v<<parameters.cache_version>>-sonarcloud-scanner-5.0.1.3006
- run:
command: |
set -e
VERSION=5.0.1.3006
SONAR_TOKEN=$<<parameters.sonar_token_variable_name>>
SCANNER_DIRECTORY=/tmp/cache/scanner
export SONAR_USER_HOME=$SCANNER_DIRECTORY/.sonar
OS="linux"
echo $SONAR_USER_HOME
if [[ ! -x "$SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner" ]]; then
curl -Ol https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$VERSION-$OS.zip
unzip -qq -o sonar-scanner-cli-$VERSION-$OS.zip -d $SCANNER_DIRECTORY
fi
chmod +x $SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner
chmod +x $SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/jre/bin/java
cd <<parameters.project_root>>
$SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner
environment:
SONARQUBE_SCANNER_PARAMS: '{"sonar.host.url":"https://sonarcloud.io"}'
name: SonarCloud
- save_cache:
key: v<<parameters.cache_version>>-sonarcloud-scanner-5.0.1.3006
paths: /tmp/cache/scanner
description: Detect bugs and vulnerabilities in your repository.
display:
home_url: https://www.sonarcloud.io/
source_url: https://github.com/SonarSource/sonarcloud-circleci-orb
examples:
scan-docker:
description: Use the sonarcloud orb to detect bugs and vulnerabilities in your repository
usage:
jobs:
build:
docker:
- image: node:latest
steps:
- checkout
- sonarcloud/scan
orbs:
sonarcloud: sonarsource/sonarcloud@1.1.0
version: 2.1
workflows:
main:
jobs:
- build:
context: sonarcloud
version: 2.1