SonarQube Community edition and PR analysis

akuryan

Anton Kuryan

Posted on December 8, 2020

SonarQube Community edition and PR analysis

SonarQube is awesome tool and it's Community edition (which is free) fulfills almost everything one could dream for in the world of static code analysis. But, you could not analyze PR's with it by default and have to pay for at least Developer edition. Further you could find my attempt to overcome this limitation (it fulfills MY goals and seems to be worth sharing with broader audience).

When I started working with SonarQube back in version 5 and 6 there was one mode which brought me a lot of interesting discoveries and prevented my colleague developers from submitting bad code - preview. In this mode, SonarQube does not stores data on server, but executes analysis and sends results back - and in conjunction with PR decoration plugin it was very useful. But, time goes by and version 7 removed preview mode from Community edition.

So, I tried to mimic this, using a separate project on SonarQube server and created powershell script, which will retrieve quality gate status from current analysis and create bugs in Jira and attach them to some existing issue (actually, that's the added value of this script, which was my target, opposing to default CI server SonarQube runners, which would just fail your build).

Script seems to be heavily commented and speaks by itself. Feel free to adopt it for your own usage pattern, if you will ever need it.

I shall note that Developers edition of SonarQube solves the same problem much better - it have PR analysis and built-in PR decorator, but it costs money, while Community edition brings things in for free.

💖 💪 🙅 🚩
akuryan
Anton Kuryan

Posted on December 8, 2020

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related