Is it possible to integrate Sonarqube with AWS codepipeline/codebuild

sonarqube

(Sridhar A) #1

Is it possible to integrate Sonarqube with AWS codepipeline/codebuild


(Brian Cipollone) #2

Hi Sridhar,

Yes, it is possible.

  1. Your SonarQube instance needs to be accessible from the pipeline environment.
  2. Minimally, your sonar.login and sonar.host.url need to be fed into your pipeline.

Here’s a dead simple buildspec.yaml that will run a Maven build and scan, then push results to a SQ instance:

version: 0.2

env:
  variables:
    SONAR_LOGIN: "MY_SONARQUBE_AUTHTOKEN"
    SONAR_HOST: "MY_SONARQUBE_URL"
    #You should use parameter-store here instead

phases:
  build:
    commands:
      - mvn test
  post_build:
    commands:
      - mvn sonar:sonar -Dsonar.login=$SONAR_LOGIN -Dsonar.host.url=$SONAR_HOST

Cheers.

Brian


Sonar scanner return exit code