PHP BitBucket Pipeline

SonarQube Cloud
,
1

I’m new to SonarCloud and i have been facing some challenges creating a PHP BitBucket pipeline.

image: "php:7.3.33" # Choose an image matching your project needs
clone:
  depth: full              # SonarCloud scanner needs the full history to assign issues properly

definitions:
  caches:
    sonar: ~/.sonar/cache  # Caching SonarCloud artifacts will speed up your build
  steps:
  - step: &build-test-sonarcloud
      name: Build, test and analyze on SonarCloud
      caches:
        - composer
        - sonar
      script:
        - pipe: sonarsource/sonarcloud-scan:1.4.0
  - step: &check-quality-gate-sonarcloud
      name: Check the Quality Gate on SonarCloud
      script:
        - pipe: sonarsource/sonarcloud-quality-gate:0.1.6

pipelines:                 # More info here: https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html
  branches:
    master:
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud
  pull-requests:
    '**':
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud

the pipeline above is not working and it returns “Container ‘docker’ exceeded memory limit.”.
Thank you for the help in advanced.

2

Hi,

How big is the project you’re trying to analyze?

 
Ann

3

i honestly don’t know how large it is.

4

the first issues has been resolved and this is the new error I’m getting:

Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
5

Hi,

What does that mean to you?

 
Ann

6

Hi.

thank you for the feedback, I’m quite new to sonarcloud but from the error message, i guess the sonarcloud account is not properly added to the organization to run the analysis.

I made complain to the administrator, and we are working on it.

Thanks

7

Hi,

What this error is telling you is that at least one piece of information was missing from your analysis:

  • the SonarCloud organization key
  • the project key
  • the user token that gives permission to analyze the project

You should double-check the data being passed in to analysis. Did you build your pipeline manually or based on the SonarCloud wizard / tutorial? Because the latter would certainly have those data points in place…

 
HTH,
Ann

8

Hi,

Yeah so i got the pipeline from BitBucket as a default pipeline for PHP project, here is the new pipeline in use.

image: composer:2.0

definitions:
  services:
    docker:
      memory: 7128
clone:
  depth: full    # SonarCloud scanner needs the full history to assign issues properly

pipelines:
  default:
    - parallel:
        - step:
            name: Test
            script:
              - composer install
              -  ./vendor/bin/phpunit test
            caches:
              - composer
        - step:
            name: Lint
            script:
              - composer install
              - ./vendor/bin/phplint . --exclude=vendor
            caches:
              - composer
        - step:
            size: 2x
            name: sonarcloud
            script:
              - pipe: sonarsource/sonarcloud-scan:1.4.0
              - pipe: sonarsource/sonarcloud-quality-gate:0.1.6 
            caches:
              - composer
9

Hi,

You should use the one from the onboarding wizard or the docs.

 
HTH,
Ann

10

I’ll try the on-boarding wizard and revert back.

Thank you,