We are trying to integrate Bitbucket Pipelines (Cloud) with SonarQube (6.4).
In particular, we want that the Pipelines build fails if the SonarQube analysis detects some quality gate violations in our Java code.
Currently, we are using Jenkins (Multi-branch project), and we managed to achieve this behaviour thanks the command waitForQualityGate() included in the Jenkinsfile file (where I defined the pipeline to be executed).
Now, we want to give a try to the Bitbucket Pipelines feature, since our Git Repository is hosted in Bitbucket Cloud, and keep using our current server instance of SonarQube.
For completeness, our projects are written in Java and managed by maven; we also use sonar-scanner plugin in the build process.
Can anyone give me an hint? Or Does anyone have a clue how to achieve this behaviour?
I am aware of the sonar plugin that creates reports as comments of a Pull Requests in BitBucket, but that is not what we need.
Thanks in advance for your help.
I think this is now possible out-of-the box with SonarSource pipes. It boils down to something like
pipelines:
default:
- step:
clone:
depth: full
script:
- pipe: sonarsource/sonarqube-scan:1.2.0
variables:
SONAR_HOST_URL: ${SONAR_HOST_URL}
SONAR_TOKEN: ${SONAR_TOKEN}
- pipe: sonarsource/sonarqube-quality-gate:1.0.0
variables:
SONAR_TOKEN: ${SONAR_TOKEN}
But better look into the pipes documentation https://bitbucket.org/product/features/pipelines/integrations?&search=sonar