Setting parameters for GitHub Actions
SonarQube provides feedback about security issues inside the GitHub interface.
You can define at the global level the parameters used in GitHub Actions workflows to connect to the SonarQube Community Build (Server URL and token).
Storing the authentication token in GitHub at the global level
To store sensitive data, use GitHub secrets: see GitHub’s documentation on Encrypted secrets for more information.
A token defined at the global level gives permissions on all projects in the SonarQube Community Build instance.
Proceed as follows to store the authentication token at the global level:
In the SonarQube Community Build UI, generate a SonarQube Community Build token at the global level.
Create an organization secret in GitHub with:
Name: SONAR_TOKEN
Value: the token you generated in the previous step.
Storing the SonarQube Community Build URL in GitHub at the global level
Create an organization variable in GitHub with:
Name: SONAR_HOST_URL
Value: SonarQube Community Build URL.
Last updated
Was this helpful?