Project analysis setup
This page introduces briefly the prerequisites and the setup steps necessary for a project analysis with SonarQube Community Build.
For an overview of the analysis process, see the Analysis overview page.
Prerequisites and recommendations
SonarQube Server is integrated with your DevOps platform / CI tool
It is highly recommended that you integrate SonarQube Server with your DevOps platform or CI tool. See DevOps platform integration.
The SCM integration is properly set up
The SCM data used during the analysis will be automatically imported from Git and SVN. Other providers require additional plugins. We highly recommend using the full depth during the cloning of the code from the project repository.
A full Git clone is required. If a shallow clone is found, the blame information retrieval will be skipped and the analysis may fail.
For more information, see SCM integration.
The SonarScanner is installed on the CI/CD host
The SonarScanner must be installed on the CI/CD host. You must install the scanner that is most appropriate for your needs depending on your build system: Gradle, Maven, .NET, NPM, or Python. For other project types, use the SonarScanner CLI which requires more manual configuration.
For installation requirements, see General requirements.
For installation instructions, see the corresponding SonarScanner section: SonarScanner for Maven, SonarScanner for Gradle, Installing the scanner (.NET), Installing the scanner (NPM), SonarScanner for Python, or SonarScanner CLI.
Creating your SonarQube Community Build project
Your project repository is represented in SonarQube Community Build by a project.
You can create a SonarQube Community Build project in the SonarQube Community Build UI before starting the first project analysis. Or you can start your first project analysis to automatically create the SonarQube Community Build project on the server (SonarQube Community Build creates automatically a new project if the received project key does not exist in its database).
To create a project, see Importing your DevOps platform repository.
Integrating the SonarQube Community Build analysis into your CI or build pipeline
To integrate the SonarQube Community Build analysis into your CI pipeline, see the corresponding section:
Jenkins: Adding analysis to a Jenkins job
GitHub Actions: Adding analysis to GitHub Actions workflow
GitLab CI/CD: Adding analysis to GitLab CI/CD pipeline
Azure Pipelines: Introduction
Bitbucket Pipelines: Adding analysis to Bitbucket pipeline
To integrate the SonarQube Community Build analysis into your build pipeline, see the scanner invoking instructions in the corresponding section:
SonarScanner for .NET: Using the scanner
SonarScanner for NPM:Using the scanner
For general information about SonarQube Community Build integration with a CI or build pipeline, see Analysis overview.
Adjusting the analysis of your project
The analysis performed by the SonarScanner is configured through analysis parameters. The following applies:
A few analysis parameters are mandatory.
Many analysis parameters, such as those defining the analysis scope, have a default value and can be adjusted.
Analysis parameters allow you to include the code and test coverage in your analysis, or to import issues generated by a third-party analyzer, etc.
SonarQube Community Build manages the analysis parameters through sonar properties (The sonar property key has the following syntax: sonar.<property>.).
You can configure the analysis parameters in different places. For more information, see Configuration overview.
You can:
Include the code and test coverage in your analysis: see Overview.
Adjust the analysis scope: see Setting analysis scope.
Import issues generated by third-party analyzers: see the External analyzer reports section.
Last updated
Was this helpful?