I’m sorry if it has already been asked before, I tryed to check but I didn’t see any answer to my question.
I am trying to compile a Java code on Jenkins thanks to a pom.xml file. It does work and now I want to have a report of my code to check how it can be better. That is how I learned about SonarQube. I checked on the internet how to use SonarQube on Jenkins. I learned about SonarQube Scanner plugin, I learned how to generate a key on a Sonar server and then I learned that I had to fill this line on the Jenkins file :
mvn sonar:sonar -Dsonar.projectKey=MyProject -Dsonar.organization=MyOrganization-Dsonar.host.url=MyHostURL -Dsonar.login=MyLogin'
However, it sounds to me very unsafe especially if the Jenkinsfile is meant to be published in a Github.
Does anyone know if there is an other way to have a SonarQube report by using a JenkinsFile ?
Thank you all
Have a nice day