Configuration with bitbucket pipelines - environment variables

[Developer-sa]

Hi This is not an issue, it is more of a query. I want to configure Sonar for bitbucket cloud using bitbucket pipelines so that when i push my code, sonarqube analyses it. What I don't understand is the environment variables list provided for the configuration. May I know where can I find all these variables? Because, when i added the add-on, I couldn't find any of the below provided variables, OAUTH_CLIENT_KEY OAUTH_CLIENT_SECRET SONAR_HOST_URL SONAR_LOGIN SONAR_PASSWORD

Any help would be very much appreciated. Thanks

[ilyar]

sonar-project.properties

sonar.sourceEncoding=UTF-8
sonar.host.url=%URL%
sonar.projectKey=%KEY%

# sonar-bitbucket-plugin
sonar.bitbucket.minSeverity=INFO
sonar.bitbucket.approvalFeatureEnabled=true
sonar.bitbucket.buildStatusEnabled=true
sonar.bitbucket.maxSeverityApprovalLevel=MINOR

Environment variables

bitbucket-pipelines.yml

clone:
    depth: 20
pipelines:
    default:
    - step:
        caches:
            - sonar
        script:
            - apt-get update; apt-get install -y jq unzip
            - export BITBUCKET_ACCESS_TOKEN=$(curl -s -X POST -u "$OAUTH_CLIENT_KEY:$OAUTH_CLIENT_SECRET" https://bitbucket.org/site/oauth2/access_token -d grant_type=client_credentials | jq ".access_token")
            - export BITBUCKET_PULL_REQUEST_ID=$(curl -s -XGET "https://api.bitbucket.org/2.0/repositories/$BITBUCKET_REPO_OWNER/$BITBUCKET_REPO_SLUG/pullrequests?pagelen=5&state=OPEN&access_token=$BITBUCKET_ACCESS_TOKEN" | jq ".values[] | select(.source.branch.name==\"$BITBUCKET_BRANCH\") | .id")
            - curl --insecure -OL https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.1.0.1141-linux.zip
            - unzip sonar-scanner-cli-3.1.0.1141-linux.zip
            - export SONAR_SCANNER_OPTS="-Xmx1024m"
            - if [ -n $BITBUCKET_PULL_REQUEST_ID ]; then ./sonar-scanner-3.1.0.1141-linux/bin/sonar-scanner -Dproject.settings=sonar-project.properties -Dsonar.analysis.mode=issues -Dsonar.bitbucket.repoSlug=$BITBUCKET_REPO_SLUG -Dsonar.bitbucket.accountName=$BITBUCKET_REPO_OWNER -Dsonar.bitbucket.branchName=$BITBUCKET_BRANCH -Dsonar.bitbucket.oauthClientKey=$OAUTH_CLIENT_KEY -Dsonar.bitbucket.oauthClientSecret=$OAUTH_CLIENT_SECRET -Dsonar.login=$SONAR_LOGIN -Dsonar.bitbucket.pullRequestId=$BITBUCKET_PULL_REQUEST_ID; fi
definitions:
    caches:
        sonar: /root/.sonar/cache

[Developer-sa]

Thanks It is asking me to define the following mandatory properties for my project key, sonar.sources

Where do i define it and how do i define it?

Thanks in advance

[ilyar]

For example: sonar-project.properties

sonar.sourceEncoding=UTF-8
sonar.host.url=%URL%
sonar.projectKey=%KEY%

sonar.sources=src
sonar.exclusions=src/assets/**,src/vendor/**
sonar.test.exclusions=src/**/views/**,src/themes/**
sonar.cpd.exclusions=src/**/views/**,src/themes/**

# Disable some rules on some files
sonar.issue.ignore.multicriteria=e1
sonar.issue.ignore.multicriteria.e1.ruleKey=php:S1192
sonar.issue.ignore.multicriteria.e1.resourceKey=**/*.php

# sonar-bitbucket-plugin
sonar.bitbucket.minSeverity=INFO
sonar.bitbucket.approvalFeatureEnabled=true
sonar.bitbucket.buildStatusEnabled=false
sonar.bitbucket.maxSeverityApprovalLevel=MINOR

[Developer-sa]

Hi I added the above thing to my sonar-project.properties, but now its giving me this error ERROR: You're only authorized to execute a local (preview) SonarQube analysis wi thout pushing the results to the SonarQube server. Please contact your SonarQube administrator. Is it because my repository is private? Please help me with this Thanks in advance

[ilyar]

Maybe this will help you https://github.com/randombit/botan/issues/601

[bosofelipe]

@ilyar I configure step by step, i need changed the bintray url, because now this url need login/pass

My new URL : https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip

But when run pipeline, show me this error

if [ -n $BITBUCKET_PULL_REQUEST_ID ]; then ./sonar-scanner-cli-3.2.0.1227-linux/bin/sonar-scanner -Dproject.settings=sonar-project.properties -Dsonar.analysis.mode=issues -Dsonar.bitbucket.repoSlug=$BITBUCKET_REPO_SLUG -Dsonar.bitbucket.accountName=$BITBUCKET_REPO_OWNER -Dsonar.bitbucket.branchName=$BITBUCKET_BRANCH -Dsonar.bitbucket.oauthClientKey=$OAUTH_CLIENT_KEY -Dsonar.bitbucket.oauthClientSecret=$OAUTH_CLIENT_SECRET -Dsonar.login=$SONAR_LOGIN -Dsonar.bitbucket.pullRequestId=$BITBUCKET_PULL_REQUEST_ID; fi
bash: ./sonar-scanner-cli-3.2.0.1227-linux/bin/sonar-scanner: No such file or directory

How i fixed it ?

[ilyar]

@bosofelipe for debug:

- curl --insecure -OL https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip
- unzip sonar-scanner-cli-3.2.0.1227-linux.zip
- ls -la sonar-scanner-cli-3.2.0.1227-linux

You need to make sure that the executable file exists and can be executed.

[AlSayedGamal]

Tl;DR pipeline works but no actual analysis. Does require sonar developer edition ?

@ilyar I followed your steps but I don't think it's doing actual analysis. First it required the following config value sonar.projectKey then when I set the value, I always get the following comment to PR And when I click on the project link it appears in the following format:

/dashboard?id=: It seems like it does require Sonar Developer Edition plan. no ?

[AlSayedGamal]

This is the pipeline I'm using

clone:
    depth: 20
pipelines:
    default:
    - step:
        caches:
            - sonar
        script:
            - apt-get install -y jq unzip
            - export BITBUCKET_ACCESS_TOKEN=$(curl -s -X POST -u "$OAUTH_CLIENT_KEY:$OAUTH_CLIENT_SECRET" https://bitbucket.org/site/oauth2/access_token -d grant_type=client_credentials | jq ".access_token")
            - export BITBUCKET_PULL_REQUEST_ID=$(curl -s -XGET "https://api.bitbucket.org/2.0/repositories/$BITBUCKET_REPO_OWNER/$BITBUCKET_REPO_SLUG/pullrequests?pagelen=5&state=OPEN&access_token=$BITBUCKET_ACCESS_TOKEN" | jq ".values[] | select(.source.branch.name==\"$BITBUCKET_BRANCH\") | .id")
            - curl --insecure -OL https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip
            - unzip sonar-scanner-cli-3.2.0.1227-linux.zip
            - export SONAR_SCANNER_OPTS="-Xmx1024m"
            - if [ -n $BITBUCKET_PULL_REQUEST_ID ]; then ./sonar-scanner-3.2.0.1227-linux/bin/sonar-scanner -Dproject.settings=sonar-project.properties -Dsonar.analysis.mode=issues -Dsonar.projectKey=$BITBUCKET_REPO_SLUG -Dsonar.bitbucket.repoSlug=$BITBUCKET_REPO_SLUG -Dsonar.bitbucket.accountName=$BITBUCKET_REPO_OWNER -Dsonar.bitbucket.branchName=$BITBUCKET_BRANCH -Dsonar.bitbucket.oauthClientKey=$OAUTH_CLIENT_KEY -Dsonar.bitbucket.oauthClientSecret=$OAUTH_CLIENT_SECRET -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.password=$SONAR_PASSWORD -Dsonar.bitbucket.pullRequestId=$BITBUCKET_PULL_REQUEST_ID; fi
definitions:
    caches:
        sonar: /root/.sonar/cache

[ilyar]

@AlSayedGamal Community Edition + Bitbucket for SonarSonarQube plug-in to create pull request comments for found issues in Bitbucket Cloud. 1.2.3 (https://github.com/mibexsoftware/sonar-bitbucket-plugin/issues/69#issuecomment-389908364)

the sonar report will be in the form of comments in the pull request

https://www.awesomescreenshot.com/image/3824842/ca9e77ff438d2970a3f03d4d87669a4e

[ilyar]

@AlSayedGamal also see https://github.com/ilyar/sandbox/tree/master/bitbucket

[AlSayedGamal]

:clap: Thanks @ilyar Now, It comment on the PR files but I noticed that the analysis link still doesn't work. When I click on this link: I get the following: on my hosted sonar. Is this normal ? Note: link is in the format /dashboard?project-key:branch-name

[ilyar]

@AlSayedGamal link will not work for branch, branch analysis has in Developer Edition

[ilyar]

@AlSayedGamal in Community Edition only one branch analysis. I have enough comments. It helps a lot when reviewing the code.

[sivakumarsakkarai]

Hi @ilyar even am also using this below pipeline file.

clone: depth: 20 pipelines: default:

• step: caches:
  • sonar script:
  • apt-get update; apt-get install -y jq unzip
  • export BITBUCKET_ACCESS_TOKEN=$(curl -s -X POST -u "$OAUTH_CLIENT_KEY:$OAUTH_CLIENT_SECRET" https://bitbucket.org/site/oauth2/access_token -d grant_type=client_credentials | jq ".access_token")
  • export BITBUCKET_PULL_REQUEST_ID=$(curl -s -XGET "https://api.bitbucket.org/2.0/repositories/$BITBUCKET_REPO_OWNER/$BITBUCKET_REPO_SLUG/pullrequests?pagelen=5&state=OPEN&access_token=$BITBUCKET_ACCESS_TOKEN" | jq ".values[] | select(.source.branch.name==\"$BITBUCKET_BRANCH\") | .id")
  • curl --insecure -OL https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.1.0.1141-linux.zip
  • unzip sonar-scanner-cli-3.1.0.1141-linux.zip
  • export SONAR_SCANNER_OPTS="-Xmx1024m"
  • if [ -n $BITBUCKET_PULL_REQUEST_ID ]; then ./sonar-scanner-3.1.0.1141-linux/bin/sonar-scanner -Dproject.settings=sonar-project.properties -Dsonar.analysis.mode=issues -Dsonar.bitbucket.repoSlug=$BITBUCKET_REPO_SLUG -Dsonar.bitbucket.accountName=$BITBUCKET_REPO_OWNER -Dsonar.bitbucket.branchName=$BITBUCKET_BRANCH -Dsonar.bitbucket.oauthClientKey=$OAUTH_CLIENT_KEY -Dsonar.bitbucket.oauthClientSecret=$OAUTH_CLIENT_SECRET -Dsonar.login=$SONAR_LOGIN -Dsonar.bitbucket.pullRequestId=$BITBUCKET_PULL_REQUEST_ID; fi definitions: caches: sonar: /root/.sonar/cache

and I am getting this error:

• export BITBUCKET_PULL_REQUEST_ID=$(curl -s -XGET "https://api.bitbucket.org/2.0/repositories/$BITBUCKET_REPO_OWNER/$BITBUCKET_REPO_SLUG/pullrequests?pagelen=5&state=OPEN&access_token=$BITBUCKET_ACCESS_TOKEN" | jq ".values[] | select(.source.branch.name==\"$BITBUCKET_BRANCH\") | .id") jq: error: Cannot iterate over null

can you please help me.

[ilyar]

@sivakumarsakkarai try see https://github.com/ilyar/sandbox/tree/master/bitbucket