SonarQube GitHub Plugin on Automatic Pull Requests

Question

SonarQube helps to highlight all SONAR violations and in the analysis of each Pull Request code change when done on the local system.

Is there any option/set-up where I can automate any Pull Request to be analyzed by SonarQube in GIT and send out an email or update a dashboard with the latest SONAR code violations? All I want is to automate the SONAR analysis as soon as someone initiates a pull request.

What have you tried so far? Did you do any googling? Have you read the sonarqube docs? — StillLearnin, Sep 16 '15 at 16:26
I have provided the detail answer with example here: http://stackoverflow.com/questions/32047585/jenkins-sonar-github-integration — Bhuwan Gautam, Jan 18 '16 at 12:25

score 0 · Answer 1 · answered Nov 22 '16 at 22:59

You would need to have a third component namely the CI server. This is the TL;DR solution for is how I did it full version in https://www.trajano.net/2016/11/integrating-travis-sonarqube/

Create tokens for your account in SonarQube.com accounts security.
Create a GitHub personal access token with repo access.
Enable Travis build for your repository.
Create a .travis.yml file.

    language: java
    jdk:
      - oraclejdk8
    sudo: false
    cache:
      directories:
      - "$HOME/.m2"
      - "$HOME/.sonar/cache"
    addons:
      sonarqube: true
    install:
    - mvn dependency:go-offline
    script:
    - mvn install site -Dmaven.test.failure.ignore=true
    after_success:
    - mvn sonar:sonar

Add the tokens using travis encrypt

    travis encrypt SONAR_TOKEN=[token from sonarqube.com]
    travis encrypt SONAR_GITHUB_TOKEN=[token from github.com]

SonarQube GitHub Plugin on Automatic Pull Requests

1 Answers1