In order to integrate at best with GitLab, we want to allow GitLab users to trigger analysis of their projects from GitLab CI.
As a developer, I want to configure GitLab CI to analyze my repository. I expect to follow a tutorial (potentially with sample projects) to guide on what to do:
- I generate a user token which will be used to trigger the scan
- I make this token available as a SONAR_TOKEN env variable available for my pipeline
- I make the SONAR_HOST_URL available for my repos, with the value that points to SonarCloud
- Depending on which build technology I use, I copy-paste a command (available from the tutorial) into my GitLab CI file
- For Maven, it should be as simple as mvn clean verify sonar:sonar
- For Gradle: ./gradlew.sh sonarqube
- For other type of projects: sonar-scanner
- I expect the doc to tell me that I need to also push a sonar-project.properties file in this case
- Once I push this change, I expect a first analysis to be triggered and soon after to have the first results visible in SonarCloud
- Whenever I create a new branch which contains this updated GitLab CI file, I expect the branch to be automatically analyzed and to appear in SonarCloud
- Analysis will not fail when Quality Gate is red, this will come in next iteration
- Whenever I create a Merge Request (MR for later use) on a given branch, I expect this MR to appear in SonarCloud once analysis is done
- Note 1: I expect to see "Merge Request" in the SonarCloud UI instead of "Pull Request"
- Note 2: in this MMF, we won't go to the "decoration" stage of PR/MR (will be done in MMF-1754). I.e. users won't see anything in GitLab UI in this iteration.
See what was done on