I’m currently utilizing the sonarsource/sonarcloud-github-action@master GitHub Action for SonarQube scans in our CI/CD workflow. Our company holds a valid SonarQube license. My workflow triggers SonarQube scans on every push and pull request for every branch.
currently, my workflow is like this
name: unit_tests
on:
push:
pull_request:
workflow_dispatch:
I would like to clarify the licensing implications of this setup:
Will our company incur additional charges for utilizing SonarQube on every push and pull request, considering we have a valid license?
If there are potential additional charges, would it be advisable to limit the SonarQube scans to specific branches to manage costs?
I want to ensure that our usage aligns with our license agreement and cost considerations. Your insights on this matter would be greatly appreciated.
My company has an Enterprise Edition license for SonarQube. We also trigger GitHub Actions workflows with a SonarQube scan on every push and pull request event. This hasn’t impacted our license usage in any way, since the number of project analyses/scans isn’t a cost-determining factor.
SonarQube (self-hosted) pricing is based on number of instances and lines of code (LOC). The FAQ on this page has details about how LOC is calculated. As long as you’re below the maximum LOC for your license, there should be no licensing concerns with your setup.
If you have a SonarCloud license, it includes unlimited scans and you’ll see in the FAQ of this page that the LOC count is not related to how frequently the code is analyzed (this is true for SonarQube self-hosted as well).