Must-share information:
- SonarQube version 8.9.3.48735
- Scanning of a python application using Gitlab CI
- Followed instructions to add the project to the server
We currently have a SonarQube deployed on a server via a docker container. The docker container is based on the sonarqube:lts-developer image, however a simple Dockerfile is used to to install some plugins. This is done in order to automate the process and make sure no plugins are missed if the server has to be recreated for whatever reason.
Dockerfile:
FROM sonarqube:lts-developer
# Install Plugins
WORKDIR /opt/sonarqube/extensions/plugins
COPY plugin-urls.txt .
RUN while read -r line; do wget "$line" || echo "Invalid plugin"; done < "plugin-urls.txt"
# Return to $HOME
WORKDIR /opt/sonarqube
Currently we only have one plugin installed
This setup has worked well so far and we have been able to analyse a java project we added without issue, however we are currently in the process of adding a python project and we are running into issues when trying to perform the scan.
A sonar-project.properties file has been created in the root of the project with appropriate values, CI/CD environment variables have been added, and the job has been added to the gitlab-ci.yaml file, however when the job runs it fails with the error sonar-scanner: command not found.
CI Job:
sonarqube-check:
stage: test
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script:
- sonar-scanner
allow_failure: true
only:
- merge_requests
- master
- develop
After some looking around it seems that there are ways to install sonar-scanner into the container, however since the sonarsource/sonar-scanner-cli:latest is used to run the job surely this should laready be present? Is there something I am missing?