Run SonarCloud via GitHub Actions

Hi there,

tl;dr: We want to run sonarcloud analyse for our java application with a github action.

we are building our application (https://github.com/synyx/urlaubsverwaltung/) with GitHub Actions as you can see in the .github directory. In the early days, before GitHub Actions, we build it with travis and the integration with sonarcloud was already there and easy to setup. But now we will migrate to GitHub Actions and I want to know how I can analyse my project with sonarcloud and not using travis.

There is already a Sonarcloud GitHub Action, but this one is not compatible with a java/maven based project.

There are two ways that would be ok for us.
First: Add a own sonarcloud github action
Second: Triggering sonarcloud via the maven build like mvn sonar:sonar

We would highly prefer the first, because it would fit the strategy and paradigm behind GitHub Actions.

1 Like

Hi Tobias,

What a pleasure to see the first thread about GitHub Actions!

Analysing Maven or Gradle projects on GitHub Actions is really simple: just run the standard Maven or Gradle tasks from your GitHub Action build. The mandatory parameters are:

  • sonar.host.url=https://sonarcloud.io
  • sonar.projectKey, displayed in the homepage of your SonarCloud project
  • sonar.organization, displayed in the homepage of your SonarCloud project too

Branches and pull requests will be automatically configured.
Here is an example on the “legacy” GitHub Actions v1. The concept is the same for v2.

I hope it helps.

EDIT: sample is now upgraded to GitHub Actions v2.

2 Likes

Hi Simon,

thanks for your response. Are there any chances to get a SonarCloud Action with predefined, but configurable, host url and configurable projectKey and organization like

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - name: Run SonarCloud
        uses: sonarcloud/analyse (or something like this)
        with:
          projectKey: $MyProjektKey
          orgnization: $MyOrganization
          hostUrl: <predefined sonarcloud host url>

Because I think this should be the way for a github action.

No need for hostUrl, there’s only one URL for SonarCloud :slight_smile:

The parameters projectKey and organization could make sense indeed, but how would you support all the other analyser properties? They are known only at runtime and can’t be manually listed in the GitHub Action metadata.

Contrary to what I said, the perfect solution would be to simply drop the parameters projectKey and organization. They could be guessed from the GitHub repository. This improvement will come soon, please stay tuned.

1 Like

Which other analyser properties do you mean? From my simple “user point of view” I just want to analyse the code and maybe configure it. :slight_smile:

Thanks for the quick example!

Hey,
we added sonarcloud analyses to our build process and on the pull request it worked, but now we merged it and the build is failing


here on the master.

On the PR everything was ok: https://github.com/synyx/urlaubsverwaltung/runs/213199341

The action is here: https://github.com/synyx/urlaubsverwaltung/blob/master/.github/workflows/maven.yml

Could you give a link to the failing build please?

That is the “big” link in the middle :slight_smile:

Another here https://github.com/synyx/urlaubsverwaltung/runs/214504572#step:4:3405

Thanks, the way it’s displayed was misleading, I thought it linked to the GitHub repository homepage.

1 Like

A fix is in progress. Sorry for the inconvenience.

1 Like

Now it looks better :slight_smile:

@derTobsch Could you please give a new try? If the bug still persists, then a better message should be displayed to understand the root cause.
Thanks

Hey @simon.brandhof thanks for your fix. Now it looks good! :slight_smile:

1 Like

Excellent news. Thanks for the follow-up.
:+1: