Configure project in SonarCloud.
If you have a public project on GitHub, Bitbucket or GitLab you can configure the SonarQube analyzer (sonar-scanner) to generate the static code analysis of your project and upload it to SonarCloud. If you haven't installed SonarScanner yet, I invite you to review the following post:
Registration in SonarCloud
The first thing you need to do is create an account in SonarCloud with your GitHub, GitLab or Bitbucket account. You must follow the steps indicated by SonarCloud to register your organization and the repositories you want to appear on the SonarCloud panel. Once this is done, you will have several options to launch the sonar-scanner analysis, including automatic analysis and manual analysis.
Automatic analysis
To run this analysis, simply click on the repository indicated in the SonarCloud panel. For this, you must also take into account the following:
- The first analysis will be done on the default branch of your repository
- Each new push on the default branch will automatically generate a new analysis
- Each new pull request on the default branch will automatically generate a new analysis
You can create a file called .sonarcloud.properties to create additional settings for your project. One good practice is to indicate the source where the project sources are and the encoding of the files, as you can see below.
sonar.sources=./src
sonar.sourceEncoding=UTF-8The complete list of available options can be found in Automatic Analysis Feature. However, there are not really many options available because many of them can be configured directly in the project panel.
If your project is not compatible with SonarCloud, you will be prompted to use other analysis methods such as using CI (Continuous Integration) tools.
Finally, if your project is existing and you want to change the status of the automatic analysis, either to activate or deactivate it, you can do so in the menu option Administration > Analysis Method.
Manual analysis
To be able to perform manual analysis, you must have previously installed SonarScanner on your computer. You can follow the same steps that we used in our post Configuring a private project with SonarQube, taking into account that the projectKey will be generated automatically and will be available in the panel of your project in SonarCloud. In addition to the projectKey, you must also configure the sonar.organization variable.
If for some reason you had already activated automatic analysis, you must deactivate it since if you try to run the sonar-scanner you will get an error like the following:
ERROR: Error during SonarQube Scanner execution
ERROR: You are running manual analysis while Automatic Analysis is enabled. Please consider disabling one or the other.Token generation (login)
To generate a token with which the sonar-scanner can start a login and upload the report to SonarCloud, you must generate a token in My Account > Security and assign it to the sonar.login property.