Sonarqube Scanner CLI [Updated]

Step: https://codefresh.io/steps/step/sonar-scanner-cli

What’s new?

Sonarqube Scanner now supports Pull Requests and will scan the delta in the pull request. (See Example PR below)

When using sonarcloud.io with this step the results of the scan will be published back to your GitHub Pull Request.

Below is an example code block and a link to an example PR with the scan report.

You will need to generate a sonarcloud API token and place it in the pipeline or shared secret to use during the step under the key name SONAR_LOGIN.

  PullRequestScan:
    type: sonar-scanner-cli
    arguments:
      SONAR_HOST_URL: 'https://sonarcloud.io'
      SONAR_ANALYSIS_PARAMETERS:
        - 'sonar.pullrequest.key=${{CF_PULL_REQUEST_NUMBER}}'
        - 'sonar.pullrequest.branch=${{CF_BRANCH}}'
        - 'sonar.pullrequest.base=${{CF_PULL_REQUEST_TARGET}}'
        - 'sonar.organization=${{CF_REPO_OWNER}}'
        - 'sonar.projectKey=${{CF_REPO_OWNER}}_${{CF_REPO_NAME}}'
        - 'sonar.projectBaseDir=/codefresh/volume/${{CF_REPO_NAME}}'
        - 'sonar.login=${{SONAR_LOGIN}}'
        - 'sonar.scm.revision=${{CF_REVISION}}'
        - 'sonar.sources=.'
        - 'sonar.sourceEncoding=UTF-8'
    when:
      condition:
        all:
          whenPullRequestTargetMainBranch: 'includes("${{CF_PULL_REQUEST_TARGET}}", "main") == true'

Pull Request Example: https://github.com/salesdemocf/argo-voting-app/pull/84