Skip to content

SonarCloud

Jonathan Austin edited this page Jul 26, 2019 · 8 revisions

Setting up GitHub, Travis-ci and SonarCloud

Getting automatic analysis on SonarCloud is done via Travis-ci. Automatic analysis is coming but at the moment it is up to you to launch the analysis inside your existing Travis-CI scripts.

Before being able to do an automatic analysis on Pull Requests via Travis, you must do a one off manual project analysis.

Integrate GitHub and SonarCloud

Initial project analysis

FYI - The SonarCloud dashboard provides an initial config option that helps create the script below and access-token.

mvn sonar:sonar
 -Dsonar.projectKey=YOUR_PROJECT_KEY
 -Dsonar.organization=YOUR_ORGANIZATION_KEY
 -Dsonar.host.url=https://sonarcloud.io
 -Dsonar.login=YOUR_ACCESS_TOKEN

Integrate GitHub and Travis-ci

Integrate SonarCloud and Travis-ci

  • Log into Travis-CI and goto the settings of your project.
  • Create the SONAR_TOKEN environment variable with your SonarCloud access token.
  • Update your travis.yml to include the sonarcloud addon in the repo's travis.yml and add the mvn sonar:sonar command.
dist: trusty
addons:
  sonarcloud:
    organization: "YOUR_ORGANIZATION_KEY"
    token:
      secure: $SONAR_TOKEN
script:
  # The following command line builds the project, runs the tests with coverage and then execute the SonarCloud analysis
  - mvn package sonar:sonar

Appendix - How to Encrypt SonarCloud access token

  • Create SonarCloud access token for the project under Account -> Security.
  • Encrypt access token via Travis CLI (sample commands below). Travis encrypts the token for a specific repo. This is done by running the encryption command in the repo's project directory.
  • Copy encrypted text into travis.yml
gem install travis
## As using travis-ci.com we need to login first
travis login --pro
## Change into your project repo directory
cd project
## Encrypt the access token you generated
travis encrypt --com <access-token>

References

Clone this wiki locally