Github action for sonar server?

GitHub - SonarSource/sonarcloud-github-action: Integrate SonarCloud code analysis to GitHub Actions works well for sonar-cloud, but we run on-prem server. It would be useful to have a similar action for server, either a new action, or addition through configuration on the existing one.
There’s a bunch of community actions GitHub Marketplace · Tools to improve your workflow · GitHub - but it would be more attractive/updated/secure to have one provided by sonar.

Hello David,

It’s actually a very timely question. We’ll are about to start working on the topic.
You can track the progress with MMF-2363.

2 Likes

I see that this capability will not be supported for Maven, Gradle and .Net. I assume this is because the build output is required for these types.

Should we go back to being able to run a “degraded” scan if the build output is not available? This is how these worked in earlier versions of SonarQube. Our developers would accept having a degraded scan (some rules to not apply) if it meant they could run quicker scans that didn’t require a build, including Github Actions.

Hi Richard,

Java and C# code analysis indeed requires to get the output from the build.
You’ll find dedicated scanners to integrate with the corresponding technologies (example for maven here). This is the recommended way to analyze your code.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.