pagreczner/codefresh_sonarqube.yaml

## codefresh_sonarqube.yaml
# This gist covers how to create a pipeline for running Sonarqube scanner as part of your Codefresh CI/CD process.
version: "1.0"
stages:
  - "clone"
  - "scan_pr"
  - "scan_master"

steps:
  clone:
    title: "Cloning repository"
    type: "git-clone"
    repo: "${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}"
    revision: "${{CF_REVISION}}"
    stage: "clone"

  # For PR branches, run sonarqube and specify that this is a PR branch and what the target is.
  scan_pr:
    title: 'Scan PR with docker image'
    image: 'sonarsource/sonar-scanner-cli:4.4'
    stage: 'scan_pr'
    environment:
      - SONAR_HOST_URL= # Replace with the URL of your organization, ie. sonarqube.yourdomain.com
    volumes:
      - "${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}:/usr/src"
    cmd:
      # SONAR_LOGIN is the key used to authenticate the analysis request with the Sonarqube Server.
      # Create a encrypted variable SONAR_LOGIN as part of your pipeline in Codefresh and reference it here.
      - "-Dsonar.login=${{SONAR_LOGIN}}"
      # This is the Project Key that is defined when setting up a sonarqube project. By convention, it should be the Repo's name.
      - "-Dsonar.projectKey=${{CF_REPO_NAME}}"
      - "-Dsonar.pullrequest.key=${{CF_PULL_REQUEST_NUMBER}}"
      - "-Dsonar.pullrequest.branch=${{CF_BRANCH}}"
      - "-Dsonar.pullrequest.base=${{CF_PULL_REQUEST_TARGET}}"
      - "-Dsonar.pullrequest.provider=github"
      # This may be necessary depending on what git access the image has available to it
      - "-Dsonar.scm.revision=${{CF_REVISION}}"
      - "-Dsonar.pullrequset.github.repository=${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}"
      # For Sonarqube Developer addition, the API URL below should be appropriate. Change it to match your desired SCM integration.
      - "-Dsonar.pullrequest.github.endpoint=https://api.github.com"
      - "-X"
    when:
      branch:
        ignore:
          - master # Ignore PR scans for the Master Branch
      condition:
        all: # Ensure that we are only targeting PR's and at the PR is targeting the master branch itself
          whenVarExists: 'includes("${{CF_PULL_REQUEST_NUMBER}}", "{{CF_PULL_REQUEST_NUMBER}}") == false'
          whenTargetsMaster: '"${{CF_PULL_REQUEST_TARGET}}" == "master"'

  # For master branch builds
  scan_master:
    title: 'Scan master with Sonarqube docker image'
    image: 'sonarsource/sonar-scanner-cli:4.4'
    stage: 'scan_master'
    environment:
      - SONAR_HOST_URL= # Replace with the URL of your organization, ie. sonarqube.yourdomain.com
    volumes:
      - "${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}:/usr/src"
    cmd:
      # SONAR_LOGIN is the key used to authenticate the analysis request with the Sonarqube Server.
      # Create a encrypted variable SONAR_LOGIN as part of your pipeline in Codefresh and reference it here.
      - "-Dsonar.login=${{SONAR_LOGIN}}"
      - "-Dsonar.projectKey=${{CF_REPO_NAME}}"
      - "-X"
    when:
      branch:
        only:
          - master
	# This gist covers how to create a pipeline for running Sonarqube scanner as part of your Codefresh CI/CD process.
	version: "1.0"
	stages:
	- "clone"
	- "scan_pr"
	- "scan_master"

	steps:
	clone:
	title: "Cloning repository"
	type: "git-clone"
	repo: "${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}"
	revision: "${{CF_REVISION}}"
	stage: "clone"

	# For PR branches, run sonarqube and specify that this is a PR branch and what the target is.
	scan_pr:
	title: 'Scan PR with docker image'
	image: 'sonarsource/sonar-scanner-cli:4.4'
	stage: 'scan_pr'
	environment:
	- SONAR_HOST_URL= # Replace with the URL of your organization, ie. sonarqube.yourdomain.com
	volumes:
	- "${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}:/usr/src"
	cmd:
	# SONAR_LOGIN is the key used to authenticate the analysis request with the Sonarqube Server.
	# Create a encrypted variable SONAR_LOGIN as part of your pipeline in Codefresh and reference it here.
	- "-Dsonar.login=${{SONAR_LOGIN}}"
	# This is the Project Key that is defined when setting up a sonarqube project. By convention, it should be the Repo's name.
	- "-Dsonar.projectKey=${{CF_REPO_NAME}}"
	- "-Dsonar.pullrequest.key=${{CF_PULL_REQUEST_NUMBER}}"
	- "-Dsonar.pullrequest.branch=${{CF_BRANCH}}"
	- "-Dsonar.pullrequest.base=${{CF_PULL_REQUEST_TARGET}}"
	- "-Dsonar.pullrequest.provider=github"
	# This may be necessary depending on what git access the image has available to it
	- "-Dsonar.scm.revision=${{CF_REVISION}}"
	- "-Dsonar.pullrequset.github.repository=${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}"
	# For Sonarqube Developer addition, the API URL below should be appropriate. Change it to match your desired SCM integration.
	- "-Dsonar.pullrequest.github.endpoint=https://api.github.com"
	- "-X"
	when:
	branch:
	ignore:
	- master # Ignore PR scans for the Master Branch
	condition:
	all: # Ensure that we are only targeting PR's and at the PR is targeting the master branch itself
	whenVarExists: 'includes("${{CF_PULL_REQUEST_NUMBER}}", "{{CF_PULL_REQUEST_NUMBER}}") == false'
	whenTargetsMaster: '"${{CF_PULL_REQUEST_TARGET}}" == "master"'

	# For master branch builds
	scan_master:
	title: 'Scan master with Sonarqube docker image'
	image: 'sonarsource/sonar-scanner-cli:4.4'
	stage: 'scan_master'
	environment:
	- SONAR_HOST_URL= # Replace with the URL of your organization, ie. sonarqube.yourdomain.com
	volumes:
	- "${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}:/usr/src"
	cmd:
	# SONAR_LOGIN is the key used to authenticate the analysis request with the Sonarqube Server.
	# Create a encrypted variable SONAR_LOGIN as part of your pipeline in Codefresh and reference it here.
	- "-Dsonar.login=${{SONAR_LOGIN}}"
	- "-Dsonar.projectKey=${{CF_REPO_NAME}}"
	- "-X"
	when:
	branch:
	only:
	- master