I have GitLab CE (v8.5 at least) installed on my server. I would like to integrate it with sonarqube so that merge requests shows any issues in the comment section. Has anyone integrated these 2 systems successfully?
At the moment, only sonarqube plugin I found is the following but I'm not able to successfully integrate it with GitLab.
https://gitlab.talanlabs.com/gabriel-allaigre/sonar-gitlab-plugin
I used a docker container for sonarqube (v5.5) and copied the plugin into extensions directory. Configured gitlab user token and gitlab uri in the plugin's setting page in sonarqube.
I'm using GitLab CI for continuous integration and I have the following build job for sonarqube (using gradle)
sh gradlew sonarqube -Psonar.analysis.mode=preview -Psonar.issuesReport.console.enable=true \
-Psonar.gitlab.commit_sha=$CI_BUILD_REF -Psonar.gitlab.ref_name=$CI_BUILD_REF_NAME \
-Psonar.gitlab.project_id=$CI_PROJECT_ID
But, I'm not sure what to after this. Couple of questions:
What happens when a merge request does not exist yet? In my git workflow, users will submit a merge request after they're done working on their branch. So, how will this plugin know which merge request to update?
Right now I have the sonarqube valiation task set to be running only on master branch. I think this will need to be changed to user branches too, right?
I did try submitting a merge request, but I didn't see any comments being added. I think I'm missing some configuration or a process. Really appreciate if you can help point me to the right direction.
You can add the SonarQube plugin in your maven build to analyze your code. To show the results in your build server (hudson/jenkins/bamboo), you also need the SonarQube integration plugin for your build server.
I had the same problem than yours. Comments were not showing in the GitLab MR. I made it work with two fixes:
If this does not solve your problem, try cloning the plugin repo, adding traces to the code (CommitIssuePostJob.java is the place to look), package the jar with maven and deploy the patched jar to your Sonar installation. That is how I saw that I had no new issues to report.
@1: The comments will be added to your commits and will then show up in the discussion section of a merge request
@2: We are running a full analysis on master and a preview on any branches.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With