Currently, Sonarqube has removed the multi-branch analysis support from the CE, so after Sonarqube >7.7 this functionality is only available in the developer edition.
However, by using the sonarqube-community-branch-plugin + the sonarqube API we can be able to mimic a similar behavior.
🛠 Systemd
- Install the community branch plugin
wget -P <Path to extensions/plugins/> https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/download/1.14.0/sonarqube-community-branch-plugin-1.14.0.jar- Restart your Sonarqube server.
🐳 Docker Compose
- Download community branch plugin
cd /opt/application
wget https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/download/1.14.0/sonarqube-community-branch-plugin-1.14.0.jar- Copy .jar file to sonarqube volume folder
ls /var/lib/docker/volumes/ | grep extension
# sonarqube_sonarqube_extensions
cp sonarqube-community-branch-plugin-1.14.0.jar /var/lib/docker/volumes/sonarqube_sonarqube_extensions/_data/plugins/- Final Docker Compose
version: "3"
services:
sonarqube:
image: sonarqube:lts-community
depends_on:
- sonar_db
environment:
SONAR_JDBC_URL: jdbc:postgresql://sonar_db:5432/sonar_db
SONAR_JDBC_USERNAME: sonar_user
SONAR_JDBC_PASSWORD: StR0N9p@S5WORD!
### Add below line
SONAR_WEB_JAVAADDITIONALOPTS: -javaagent:/opt/sonarqube/extensions/plugins/sonarqube-community-branch-plugin-1.14.0.jar=web
SONAR_CE_JAVAADDITIONALOPTS: -javaagent:/opt/sonarqube/extensions/plugins/sonarqube-community-branch-plugin-1.14.0.jar=ce
### End of line
ports:
- "9000:9000"
volumes:
- sonarqube_conf:/opt/sonarqube/conf
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_logs:/opt/sonarqube/logs
- sonarqube_temp:/opt/sonarqube/temp
sonar_db:
image: postgres:alpine
environment:
POSTGRES_USER: sonar_user
POSTGRES_PASSWORD: StR0N9p@S5WORD!
POSTGRES_DB: sonar_db
volumes:
- sonar_db:/var/lib/postgresql
- sonar_db_data:/var/lib/postgresql/data
volumes:
sonarqube_conf:
sonarqube_data:
sonarqube_extensions:
sonarqube_logs:
sonarqube_temp:
sonar_db:
sonar_db_data:docker compose up -dOperational Test
- Open Sonarqube, Understand Risk
- Create Sonarqube Project
- Create .gitlab-ci.yml
stages:
- SAST
sonarqube:
stage: SAST
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
script:
- |
if [ "$CI_COMMIT_REF_NAME" == "stg" ]; then
SONAR_BRANCH="stg"
elif [ "$CI_COMMIT_REF_NAME" == "dev" ]; then
SONAR_BRANCH="dev"
else
SONAR_BRANCH="$CI_COMMIT_REF_NAME"
fi
sonar-scanner
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
rules:
- if: '$CI_COMMIT_BRANCH == "stg" && $CI_COMMIT_TAG == null'
when: always
- if: '$CI_COMMIT_BRANCH == "dev" && $CI_COMMIT_TAG == null'
when: always
tags:
- docker
allow_failure: true- Create sonar-project.properties
sonar.projectKey=Dummy-Project
sonar.qualitygate.wait=true
- Create variable on Repository
SONAR_HOST_URL: https://sonarqube.example.com
SONAR_TOKEN: <Your Token>- Run Pipeline on dev branch
- Run Pipeline on stg branch. After pipeline success, there will be a new branch on sonarqube
Reference
GitHub - mc1arke/sonarqube-community-branch-plugin: A plugin that allows branch analysis and pull request decoration in the Community version of Sonarqube
A plugin that allows branch analysis and pull request decoration in the Community version of Sonarqube - mc1arke/sonarqube-community-branch-plugin
mc1arke
