Overview of integrated CIs
CI integrations
SonarQube Cloud supports integration with the following continuous integration (CI) systems:
Scanners
In SonarQube Cloud terminology, a scanner is the piece of software that performs the actual analysis on your code.
Typically, a scanner is configured to work as part of your build pipeline. SonarSource provides different versions of the SonarScanner tool for different set-ups.
If your build process takes place on an on-premises machine (your own or some central build machine in your organization), you will need to download the appropriate scanner from SonarSource, install it, and configure it.
If your build process is cloud-based (using CircleCI or similar), SonarSource provides SonarScanner plugins that can be installed in those services.
SonarQube Cloud supports the following scanners, adapted to different setups:
- SonarScanner CLI: Generic command-line tool for setups where no specialized scanner is available.
- SonarScanner for Azure DevOps: For use with Azure DevOps projects.
- SonarScanner for Gradle: For use with Java Gradle projects.
- SonarScanner for Jenkins: For use with Jenkins projects.
- SonarScanner for Maven: For use with Java Maven projects.
- SonarScanner for .NET: For use with .NET projects.
Prerequisites for scanners
See Scanner environment.
How the scanners work
All the scanner variants just wrap SonarQube Cloud's powerful set of language analyzers. Since the scanner is installed as part of your build process, we don't want you to have to re-install it every time a SonarQube Cloud language analyzer is added or improved. To ensure this, SonarScanner always checks for updates to its analyzer set from SonarQube Cloud and downloads any recent additions or changes, thus always staying up-to-date.
When the scanner is invoked it executes the analysis on the code and sends the results back up to SonarQube Cloud, where they are processed, stored, and displayed in the SonarQube Cloud interface.
Comparison with automatic analysis
SonarQube Cloud's automatic analysis can be thought of as a scanner that is integrated into the cloud service. It can be used without installing any additional software or integrating anything into your build pipeline.
For more details on automatic analysis, see Automatic Analysis.
Conflict between CI-based and automatic analysis
CI-based analysis (i.e., using SonarScanner as part of your build process) is not meant to run concurrently with automatic analysis. If automatic analysis is enabled on a project, any attempt to run a SonarScanner on the same project will fail, failing the build pipeline as it does so. Either use automatic analysis or use a CI-based analysis with SonarScanner, but not both!
For details on deactivating or reactivating automatic analysis, see Automatic Analysis.
Was this page helpful?