From e89a888d560520c69f01e45fc5c9649e76fba30d Mon Sep 17 00:00:00 2001 From: Julien HENRY Date: Fri, 8 Feb 2019 16:54:09 +0100 Subject: [PATCH] SONARCLOUD-407 Update Bitbucket Pipelines documentation --- .../sonarcloud/integrations/bitbucketcloud.md | 38 +++++++------------ .../components/commands/JavaGradle.tsx | 2 +- .../__snapshots__/JavaGradle-test.tsx.snap | 6 +-- 3 files changed, 17 insertions(+), 29 deletions(-) diff --git a/server/sonar-docs/src/pages/sonarcloud/integrations/bitbucketcloud.md b/server/sonar-docs/src/pages/sonarcloud/integrations/bitbucketcloud.md index 5ed96887e74..d723cd11c4d 100644 --- a/server/sonar-docs/src/pages/sonarcloud/integrations/bitbucketcloud.md +++ b/server/sonar-docs/src/pages/sonarcloud/integrations/bitbucketcloud.md @@ -13,24 +13,17 @@ In Bitbucket Cloud, go to your team's "Settings > Find integrations" page, searc ## Analyzing with Pipelines -SonarCloud integrates with Bitbucket Pipelines to make it easier to trigger analyses. Follow these steps: +1. On SonarCloud, once your project is created, generate a token to allow to publish analysis from Bitbucket Pipelines. To generate a token, follow the first step of the tutorial on the dashboard of the project, or go to your user security page. -1. On SonarCloud, once your project is created, follow the tutorial on the dashboard of the project. Copy-paste the command line displayed at the end but without the `sonar.login` setting. +2. On Bitbucket Cloud, go to the "Settings > Pipelines > Account variables" page of your team, and add a new SONAR_TOKEN variable that contains the value of the SonarCloud token (something like `9ad01c85336b265406fa6554a9a681a4b281135f`). **Make sure that you click on the "Lock" icon to encrypt and hide this token.** -2. On Bitbucket Cloud, go to the "Settings > Pipelines > Account variables" page of your team, and add a new SONAR_TOKEN variable that contains the value of the SonarCloud token which you created during the tutorial (something like `9ad01c85336b265406fa6554a9a681a4b281135f`). **Make sure that you click on the "Lock" icon to encrypt and hide this token.** +3. Edit the `bitbucket-pipelines.yml` file of your repository to trigger the SonarCloud analysis. If you have a Maven or Gradle project, the simplest way is to use our dedicated plugins. For most other projects, you need our command line scanner to trigger analyses. See [various example projects](https://bitbucket.org/account/user/sonarsource/projects/SAMPLES). -3. Inside the `bitbucket-pipelines.yml` file of your repository paste the command you copied in step 1. For example, for a Java Maven-based project, you should have something like: - -``` -script: - -mvn sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectKey=my-project -Dsonar.organization=my-team-org -``` - -When this change on `bitbucket-pipelines.yml` is committed and pushed, Pipelines should automatically run a new build and therefore trigger the analysis of the repository. Shortly after, your project will appear on SonarCloud in your organization. +When a change on `bitbucket-pipelines.yml` is committed and pushed, Pipelines should automatically run a new build and therefore trigger the analysis of the repository. Shortly after, your project will appear on SonarCloud in your organization. ## Analyzing pull requests with Pipelines -In order to trigger SonarCloud analysis on each pull request update, you have to supply the copied command in `pull-requests` section of `bitbucket-pipelines.yml` (check [Configure bitbucket-pipelines.yml](https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html#Configurebitbucket-pipelines.yml-ci_pull-requests) for more details about that section). Here is a sample configuration: +In order to trigger SonarCloud analysis on each pull request update, you have to supply the same command in the `pull-requests` section of `bitbucket-pipelines.yml` (check [Configure bitbucket-pipelines.yml](https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html#Configurebitbucket-pipelines.yml-ci_pull-requests) for more details about that section). Here is a sample configuration: ``` pipelines: ... @@ -38,35 +31,30 @@ pipelines: feature/*: - step: script: - - mvn -B verify sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectKey=... -Dsonar.organization=... + - mvn sonar:sonar ... ``` +In order to avoid duplication between the different sections of your `bitbucket-pipelines.yml`, you can use [yaml anchors and aliases](https://confluence.atlassian.com/bitbucket/yaml-anchors-960154027.html). + ## Quality widget -SonarCloud provides a widget that shows the current quality metrics of your project directly on the repository's Overview page on Bitbucket Cloud. +SonarCloud can provide a widget that shows the current quality metrics of your project directly on the repository's Overview page on Bitbucket Cloud. -If you want to hide this widget (e.g. because your repository is not analyzed on SonarCloud), you can go to the "Settings > SonarCloud" page of your repository and check "Hide repository overview widget". +If you want to see this widget, you can go to the "Settings > SonarCloud" page of your repository and check "Show repository overview widget". ## FAQ -**Do you have a sample project on Bitbucket Cloud?** -For the time being, you can take a look at this very simple JS project: [Sample project analysed on SonarCloud](https://bitbucket.org/bellingard/fab) - -**Pipelines can't find sonar-scanner** -If you want to analyze a non-Java project (JS, TS, PHP, Python, Go, ...), you will need to download and install the [Scanner CLI](https://redirect.sonarsource.com/doc/install-configure-scanner.html) during the execution of your build prior to the actual code scan. You have two options: - -* You can download it (with curl for instance) from the links available on the documentation page and unpack it (preferably in a cached folder for later reuse). -* On Node environments, you can rely on a [community NPM module](https://www.npmjs.com/package/sonarqube-scanner) to install it globally and therefore make it available in the PATH. +**Do you have sample projects on Bitbucket Cloud?** +You can take a look at these various projects: [Sample projects analysed on SonarCloud](https://bitbucket.org/account/user/sonarsource/projects/SAMPLES) -**I don't see the any quality information whereas I configured everything** +**I don't see the widget with quality information whereas I configured everything** Make sure that your browser is not using some extensions like AdBlocks. They tend to break the integration of third-party applications in BitBucket Cloud. ## Upcoming features and improvements There are various areas in which you can expect new features and improvements: -* Tighter integration with Pipelines (less parameters to pass on the CLI, availability of the scanner, ...) * Pull request decoration with inline comments to show the issues within the PR * Better and easier team onboarding * Automatic analysis (i.e. no need to configure anything from Pipelines) diff --git a/server/sonar-web/src/main/js/apps/tutorials/components/commands/JavaGradle.tsx b/server/sonar-web/src/main/js/apps/tutorials/components/commands/JavaGradle.tsx index 26101c1c4e9..d33568362bb 100644 --- a/server/sonar-web/src/main/js/apps/tutorials/components/commands/JavaGradle.tsx +++ b/server/sonar-web/src/main/js/apps/tutorials/components/commands/JavaGradle.tsx @@ -30,7 +30,7 @@ interface Props { } export default function JavaGradle(props: Props) { - const config = 'plugins {\n id "org.sonarqube" version "2.6"\n}'; + const config = 'plugins {\n id "org.sonarqube" version "2.7"\n}'; const command = [ './gradlew sonarqube', diff --git a/server/sonar-web/src/main/js/apps/tutorials/components/commands/__tests__/__snapshots__/JavaGradle-test.tsx.snap b/server/sonar-web/src/main/js/apps/tutorials/components/commands/__tests__/__snapshots__/JavaGradle-test.tsx.snap index b4be1a689e6..55ca37b75f9 100644 --- a/server/sonar-web/src/main/js/apps/tutorials/components/commands/__tests__/__snapshots__/JavaGradle-test.tsx.snap +++ b/server/sonar-web/src/main/js/apps/tutorials/components/commands/__tests__/__snapshots__/JavaGradle-test.tsx.snap @@ -14,7 +14,7 @@ exports[`renders correctly 1`] = `