This folder is just a "minor" example of a little repository that can check the SonarQube expected behavior on scans based on some sample ./src and ./tests folders.
Note: these folders do NOT represent the SonarQube Scanner setup, they are only for illustrating some sample code structure simulating another real repo.
First of all, make sure that the Unit Tests and Coverage Reports are generated. In this case, you can see the test-unit-scanner poetry task for the PyTest command and the Coverage commands.
This should generate a coverage.xml file that will be used as input to SonarQube reports paths.
In the sonar-project.properties, make sure that the following line is added:
sonar.python.coverage.reportPaths=coverage.xmlAfter the unit-tests and coverage report is run, update the local-scanner-command.sh with these variables as needed:
PROJECT_KEY=REPLACE_ME # Usually same as repo name
SONARQUBE_URL=REPLACE_ME # Endpoint for SonarQube (in this case the Docker SonarQube Service)
SONAR_TOKEN=REPLACE_ME # Generated and obtained from SonarQube ServerThen proceed to execute the SonarQube Scanner CLI bash command as follows:
# Make sure to be inside the "scanner-setup" folder
cd docker/scanner-setup
# Run the SonarScanner CLI command
bash local-scanner-command.shAfter the previous command, we should expect the SonarScanner CLI connecting to the SonarQube Server, and scanning the files, considering as well the code coverage for the unit tests. The terminal results should look similar to these:
And if we access the SonarQube Server, we should see our new project, with the Quality Gates passing because of a Code Coverage higher than 80% on new code (which is the default "Sonar Way" Quality Gate):
After these initial validations are in place, we can proceed to explore more CI/CD SonarScanner configurations, so that we can use them at any DevOps Pipeline Setup (GitLab, GitHub Actions, Azure DevOps, Jenkins, CodeBuild, CircleCI, etc...)