How to integrate Sonarqube with Atlassian Stash

Question

How to integrate Sonarqube with Atlassian Stash

Our infrastructure currently consists of Stash and Jenkins (also JIRA, but not related).
The workflow looks like this: I execute the code on my local machine, push it into my Stash managed repository, create a pull request to the main repository, view the code, merge, Jenkins does a new build. Our team wants to integrate some custom static code analysis tool into this chain and does not allow pull request to be merged if static analysis fails. We chose Sonarqube as our static analysis tool and decided to integrate it with Stash using a pre-merge. The problem is that we don't understand how to programmatically run Sonarqube's analysis and check the results.
Please let me know if we get it wrong.

+3

static-analysis code-review sonarqube atlassian bitbucket-server

mkrakhin 09 dec. 14 at 12:19

source to share

2 answers

You can take a look at the incremental / pre-modes used in conjunction with the built-in plugin. We posted a blog post about him , this should help you find your own path.

+1

Fabrice - SonarSource Team Dec 10. '14 at 9:37

source to share

FGI · Accepted Answer · 2015-03-26T23:09:29+0000

Try Sonar for Stash addon (evaluation license). I am currently testing it on the same workflow as yours:

Create transfer request
Jenkins build in progress
If the build succeeds and the static analysis thresholds are met, the shipping request is allowed

Need SonarQube 4.4+ to get all features

How to integrate Sonarqube with Atlassian Stash

More articles: