How to do Sonarqube analysis on SQL scripts

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

Hi all,

We are using Sonarqube enterprise version 8.1 and trying to do the sonarqube analysis for .sql scripts.
Can anyone please help me how can we do the Sonarqube analysis for SQL and implement the same in a build and release pipeline in TFS or VSTS.

Thank you

1 Like

Hi there.

What have you tried so far? What hasn’t worked?

In my VSTS build definition, I have added the SQ tasks (prepare analysis on sonarqube and run code analysis), but when I go to the Sonarqube server url, I did not see any report.

i’m not sure is there any sonarqube document, that I can refer to do analysis for the SQL scripts.

if there , can you please provide the url and please suggest me how to do the SQL projects scan.

Thank you

Regards

Hi @ujwala,

To my understanding, SonarQube automatically detects used programming languages like SQL during the analysis. Nevertheless, I checked my Azure DevOps pipeline and noticed the following three steps:

  1. SonarQubePrepare
  2. SonarQubeAnalyse
  3. SonarQubePublish

For me it seems you miss the third step in your pipeline, whereby SonarQube does not show the analysis result.

In addition to SQL. SonarQube checks .sql files with PL/SQL rules per default. In case you want to check against TSQL rules, you have to remove the sql extension from PL/SQL and add it to TSQL in admin menu.