SonarQube plugin
The Release SonarQube plugin enables Release to work with reports and metrics from a Sonar server.
Important: You must set up a connection to a Sonar server before adding SonarQube tasks or tiles. For information, see Set up a Sonar server.
Note: In the release flow editor, the SonarQube tasks have a red border.
Features
- Create a SonarQube Check Compliance task.
- Create a SonarQube Check Quality task.
- Create a SonarQube Check Blocking Violations task.
- Create a Set Latest Analysis Version task.
- Add a SonarQube analysis summary tile on the release dashboard.
- Add a SonarQube metrics trend per version tile to a release dashboard.
The SonarQube Check Compliance, Check Quality, and Check Blocking Violations tasks create a gate in the release flow that fails if project metrics do not match the metrics configured in quality gate.
Requirements
The SonarQube plugin requires the following:
- A Sonar server running and accessible via HTTP(s).
- A FPR artifact uploaded in the SonarQube for the application.
- A configured SonarQube quality gate.
Set up a connection to a Sonar server
To set up a connection to a Sonar server:
- From the navigation pane, under Configuration, click Connections.
- Under HTTP Server Connections, next to Sonar:Sever, click
.
- In the Title field, enter a name for the configuration.
- In the URL field, enter the address of the server.
- In the Authentication method field, select: None, Basic, Ntlm, or PAT.
- If required, enter authentication and proxy details.
- Click Test to test the connection.
- Click Save.
Create a SonarQube Check Compliance task
To add a SonarQube Check Compliance task:
- In the release flow tab of a Release template, add a task type SonarQube > Check Compliance.
- Open the added task and in the Server field, select the Sonar server.
- In the Resource field, add the project you want to check for compliance.
Create a SonarQube Check Quality task
To add a SonarQube Check Quality task:
- In the release flow tab of a Release template, add a task type SonarQube > Check Quality.
- Add the branch and PR number in the respective fields.
- Open the task that is added and select Sonar server in the Server field.
- In the Resource field, add the project you want to check for compliance.
- In the Line Coverage field, provide the expected percentage of coverage.
- In the Complexity field, provide the maximum expected complexity for the project.
- In the Duplicated Lines Density field, provide the maximum duplicate lines density for the project in percentage.
- In the Violations field, provide the number of expected violations for the project.
Note: To skip the fields like Line Coverage, Complexity, Duplicated Lines Density and Violations during the validation, enter -1 as the default value.
Create a SonarQube Check Blocking Violations task
To add a SonarQube Check Blocking Violations task:
- In the release flow tab of a Release template, add a task type SonarQube > Check Blocking Violations.
- Add the branch and PR number in the respective fields
- Open the task that is added and select Sonar server in the Server field.
- In the Resource field, add the project you want to check for compliance.
- In the Blocker Violations field, provide the maximum expected number of blocker violations.
- In the Critical Violations field, provide the maximum expected number of critical violations.
- In the Major Violations field, provide the maximum expected number of major violations.
Note: To skip the fields like Blocker Violations, Critical Violations, and Major Violations during the validation, enter -1 as the default value.
Create a SonarQube Set Latest Analysis Version task
To add a SonarQube Set Latest Analysis Version task:
- In the release flow tab of a Release template, add a task type SonarQube > Set Latest Analysis Version.
- Add the branch and PR number in the respective fields
- Open the task that is added and select Sonar server in the Server field.
- In the Resource field, add the project you want to check for compliance.
- In the Version field, provide the version to be set in the configured project.
Add a SonarQube analysis summary tile to a release dashboard
The SonarQube analysis summary tile type creates a dashboard tile that displays metrics for the selected project and version.
To configure a SonarQube analysis summary tile:
- Click Dashboards, in the top navigation bar.
- Select the dashboard that you want to add to the new tile.
Note: To create a new dashboard, Click Add dashboard and provide a name for the dashboard.
- Click Configure dashboard.
- Click Add tiles.
- Hover over SonarQube analysis summary,
- Click Add.
- On the dashboard, hover over the new SonarQube analysis summary tile, and click
.
- In the Title field, enter the name for the tile.
- In the Server field, enter the name of the SonarQube server you want to connect with.
- In the Project field, enter the project that you want to display metrics on.
Add a SonarQube metrics trend per version tile to a release dashboard
To add a SonarQube metrics trend per version tile:
- Click Dashboards on the navigation bar.
- Select the dashboard where you want to add the new tile.
Note: To create a new dashboard, Click Add dashboard.
- Click Configure dashboard.
- Click Add tiles.
- Hover over SonarQube metrics trend per version, and select Add.
- On the dashboard, hover over the new SonarQube metrics trend per version tile, and click
.
- In the Title field, enter a name for the tile.
- In the Server field, enter the name of the SonarQube server to connect with.
- In the Project field, add the name project to pull data from.
- In the Metrics field, select the metrics you want to add.
Note: Once the metrics type is selected, the same metrics type will be applicable for all Metrics that are measured. For example, if you select a metric that is measured as a percentage, then all other metrics are measured in percentages only.
- In the Version filter field, select the versions to display.
Note: Version filters follow semantic versioning. A custom regex can also be used, provided that it is python compatible.
- In the Render as field, select the type of chart to display.
- Click Save.
Release notes
Release SonarQube plugin 9.8.0
Bug fixes
- [ENG-863] - Fixed python vulnerabilities
Release SonarQube plugin 9.7.1
Bug fixes
- [ENG-863] - Fixed python vulnerabilities
Release SonarQube plugin 9.7.0
Improvements
- [ENG-646] - Modified metrics api for sonarqube version 8 and above
Bug fixes
- [ENG-345] - Fixed vulnerability issue
Release SonarQube plugin 9.6.0
Improvements
[XLINT-895] - Lodash library version upgrade to 4.17.15 [XLINT-1287] - Configure Dependabot, Overcommit, SonarCloud, Black Duck Server and GitHub pull request templates for Release
Release SonarQube plugin 9.5.0
- Added compatibility with Release 9.5.0
Release SonarQube plugin 9.0.0
- Added compatibility with Release 9.0.0
- Added support for SonarCloud
Release SonarQube plugin 8.5.0
- Added SonarQube metrics trend per version tile to a release dashboard