Gitlab integration with SonarQube

Question

I am pretty new to Development community and specifically to DevOps practices , as a part of project we are trying to integrate SonarQube with Gitlab , did some R& D on SonarQube and Git CI ( Continuous Integration ) and look like plugin is released for Github and SonarQube whereas not for Gitlab.

How realistic is it to configure GitLab with SonarQube for inspecting code quality for every pull request and what will be the best practice to integrate these two piece.

Thanks

Answer 1

you don't really need a plugin. make something like this in your .gitlab-ci.yml

stages:  - build  build_master:   image: maven   stage: build   artifacts:     paths:     - target/*.jar   script:   - mvn package sonar:sonar -Dsonar.host.url=https://sonar.yourdomain.tld/    only:   - master 

and every master push will be tested! (this is for a Java project...)

Answer 2

Currently there are (as far I am aware) two community driven plugins which aim to provide MR-analysis/integrate with GitLab.

Both of them are currently going through the Feedback phase for their next release and both aim to land into the Update Center with that release.

• (No longer supported due deprecations in SonarQube) https://git.johnnei.org/Johnnei/sonar-gitlab-plugin | RFF for 0.2.0
• https://gitlab.talanlabs.com/gabriel-allaigre/sonar-gitlab-plugin | RFF for 2.0.0

With both you're able to run a build which will provide comments in GitLab with the newly found violations. Both are highly inspired by SonarSource's GitHub plugin.

However I'm not in the position to advise you on which of the two to use as I'm the developer the first and thus biased.