SonarCloud Integration

Setup SonarCloud for your repository

1. Go to https://sonarcloud.io/

2. Log in / signup with your github account

3. Click on “Analyze new project”. You find this option when pressing the + on the upper left side of the menu bar:

Open

4. When prompted to select a repository, click on “Import another organization.”

Open

5. Then click on “Choose an organization on GitHub”

6. Choose your account and repository and click “Install”

7. Select the free plan

Configure GitHub Actions for SonarCloud integration

1. Go to your fork

2. Go to Settings → Secrets

3. Add the following repository secrets:

• SONAR_ORGANIZATION

• SONAR_PROJECT_KEY

• SONAR_TOKEN

How to find your token, organization and project key:

In the SonarCloud projects overview, click “Configure analysis” for the TASKANA project

Select “Manually”

Select “Maven”. For the value of the SONAR-TOKEN, copy the token which can be found in the blurred section of the following image below “Configure the SONAR_TOKEN environment variable”.

The value for SONAR_ORGANIZATION can be found within the <sonar.orginization> tag. The value for SONAR_PROJECT_KEY is in the arguments of the mvn command below.

Now GitHub Actions should be configured and you can push a branch to get your SonarQube analysis on sonarcloud

Where to find new analyzed branches

After GitHub Actions successfully ran for your newly pushed branch, you can find the analysis in SonarCloud. Select your project and afterwards click on “branches” in the menu on the right. There you will be able to select the desired branch analysis.