1. sonarsource/sonarcloud@2.0.0

sonarsource/sonarcloud@2.0.0

Partner
Sections
Detect bugs and vulnerabilities in your repository.
Created: September 24, 2019Version Published: August 9, 2023Releases: 7
Org Usage:
432

Orb Quick Start Guide

Use CircleCI version 2.1 at the top of your .circleci/config.yml file.

1 version: 2.1

Add the orbs stanza below your version, invoking the orb:

1 2 orbs: sonarcloud: sonarsource/sonarcloud@2.0.0

Use sonarcloud elements in your existing workflows and jobs.

Opt-in to use of uncertified orbs on your organization’s Security settings page.

Usage Examples

scan-docker

Use the sonarcloud orb to detect bugs and vulnerabilities in your repository

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 jobs: build: docker: - image: node:latest steps: - checkout - sonarcloud/scan orbs: sonarcloud: sonarsource/sonarcloud@1.1.0 version: 2.1 workflows: main: jobs: - build: context: sonarcloud

Commands

scan

Detect bugs and vulnerabilities

Show command Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
cache_version
increment this value if the cache is corrupted and you want to start with a clean cache
No
1
integer
project_root
the root of the project that should be analyzed (relative to the root directory of the repository)
No
.
string
sonar_token_variable_name
the name of the environment variable where the SonarCloud API token is stored
No
SONAR_TOKEN
env_var_name

Orb Source

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 # This code is licensed from CircleCI to the user under the MIT license. # See here for details: https://circleci.com/developer/orbs/licensing commands: scan: description: Detect bugs and vulnerabilities parameters: cache_version: default: 1 description: increment this value if the cache is corrupted and you want to start with a clean cache type: integer project_root: default: . description: the root of the project that should be analyzed (relative to the root directory of the repository) type: string sonar_token_variable_name: default: SONAR_TOKEN description: the name of the environment variable where the SonarCloud API token is stored type: env_var_name steps: - run: command: mkdir -p /tmp/cache/scanner name: Create cache directory if it doesn't exist - restore_cache: keys: - v<<parameters.cache_version>>-sonarcloud-scanner-5.0.1.3006 - run: command: | set -e VERSION=5.0.1.3006 SONAR_TOKEN=$<<parameters.sonar_token_variable_name>> SCANNER_DIRECTORY=/tmp/cache/scanner export SONAR_USER_HOME=$SCANNER_DIRECTORY/.sonar OS="linux" echo $SONAR_USER_HOME if [[ ! -x "$SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner" ]]; then curl -Ol https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$VERSION-$OS.zip unzip -qq -o sonar-scanner-cli-$VERSION-$OS.zip -d $SCANNER_DIRECTORY fi chmod +x $SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner chmod +x $SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/jre/bin/java cd <<parameters.project_root>> $SCANNER_DIRECTORY/sonar-scanner-$VERSION-$OS/bin/sonar-scanner environment: SONARQUBE_SCANNER_PARAMS: '{"sonar.host.url":"https://sonarcloud.io"}' name: SonarCloud - save_cache: key: v<<parameters.cache_version>>-sonarcloud-scanner-5.0.1.3006 paths: /tmp/cache/scanner description: Detect bugs and vulnerabilities in your repository. display: home_url: https://www.sonarcloud.io/ source_url: https://github.com/SonarSource/sonarcloud-circleci-orb examples: scan-docker: description: Use the sonarcloud orb to detect bugs and vulnerabilities in your repository usage: jobs: build: docker: - image: node:latest steps: - checkout - sonarcloud/scan orbs: sonarcloud: sonarsource/sonarcloud@1.1.0 version: 2.1 workflows: main: jobs: - build: context: sonarcloud version: 2.1
Developer Updates
Get tips to optimize your builds
Or join our research panel and give feedback
By submitting this form, you are agreeing to ourTerms of UseandPrivacy Policy.