How to configure Scan of git Repository created by Stash in SonarQube Runner?

Question

I am doing sample Stash and SonarQube Integartion. How I can make sonar runner to scan and analyze the Git repository that I have created via stash instead of analyzing code placed locally at absolute path like C:/javaCode.

Steps that I have already followed, but I could not find the answer for the above query:

1. I have installed the SonarQube, Sonar-Runner, Stash.All three are running fine.
2. I have installed the SonarQube Plugin and configured it in Stash as well.
3. In sonar-runner.bat file, we need to give project home.So I gave : set PROJECT_HOME=C:/javaCode

Under this directory C:/javaCode, I have below files:

• sonar-project.properties
• Three Some java files.

Now, since sonar-project.properties contains key-value pairs like:

    sonar.sources=C:/JavaCode
    project.home=C:/JavaCode

So, I am looking for the way by which I can make this Sonar-Runner to scan and analyze code placed on remote Git Repository created via Stash instead of above given locally placed code i.e. at location C:/JavaCode

Answer 1

What you seem to be asking for is running a sonar analysis directly into your Stash server. This is not possible.

Stash is a git "server". At the end of the day, to run an analysis on any piece of code stored in a repo hosted in Stash, you will have to clone it to some machine where you have Java installed and run sonar-runner. This machine can be any computer with access to your SonarQube instance.

Many companies delegate the responsibility to run SonarQube analysis to their Continuous Integration solution (being Jenkins, Bamboo or whatever) for which integration solution exist.

Answer 2

You might try this add-on, it purports to closely integrate Bitbucket Server (formerly Stash) and Sonar.