Setting parameters for GitHub Actions

SonarQube provides feedback about security issues inside the GitHub interface.

You can define at the global level the parameters used in GitHub Actions workflows to connect to the SonarQube Community Build (Server URL and token).

Storing the authentication token in GitHub at the global level

To store sensitive data, use GitHub secrets: see GitHub’s documentation on Encrypted secrets for more information.

A token defined at the global level gives permissions on all projects in the SonarQube Community Build instance.

Proceed as follows to store the authentication token at the global level:

  1. In the SonarQube Community Build UI, generate a SonarQube Community Build token at the global level.

  2. Create an organization secret in GitHub with:

    • Name: SONAR_TOKEN

    • Value: the token you generated in the previous step.

Storing the SonarQube Community Build URL in GitHub at the global level

Create an organization variable in GitHub with:

  • Name: SONAR_HOST_URL

  • Value: SonarQube Community Build URL.

PreviousSetting up a GitHub AppNextImporting GitHub repositories

Last updated

Was this helpful?