This plugin enable code analysis with different versions of NodeJS (via nvm) and post the analysis report to your SonarQube server. SonarQube is an open source code quality management platform.
Example
kind: pipeline
name: default
steps:
- name: perform code-analysis
image: kytay/sonar-node-plugin
settings:
sonar_host:
from_secret: sonar_host
sonar_token:
from_secret: sonar_token
use_node_version: 16.18.1
Properties
sonar_host
stringrequiredHostname of the sonar server.
Default: none
sonar_token
stringoptionalThe authentication token with either Execute Analysis permission on the project or Global Execute Analysis permission. sonar_login and sonar_password are ignored, when authentication token is provided.
Secret recommendedDefault: none
sonar_login
stringoptionalThis is the login of a SonarQube user with either Execute Analysis permission on the project or Global Execute Analysis permission. Using authentication token is encouraged for security reasons. Refer to https://docs.sonarqube.org/latest/user-guide/user-token/
Secret recommendedDefault: none
sonar_password
stringoptionalThis is the password that goes with your sonar_login username. Using authentication token is encouraged for security reasons. Refer to https://docs.sonarqube.org/latest/user-guide/user-token/
Secret recommendedDefault: none
sonar_loglevel
stringoptionalControl the quantity / level of logs produced during an analysis.
Default: INFO
sonar_project_settings
stringoptionalSpecify the path to the project configuration file.
Default: none
sonar_debug
booleanoptionalEnable debug flag for additional information logging
Default: false
use_node_version
stringoptionalSpecify the node version to use for sonar-scanner, the most recent node LTS version will be selected if this variable is not specified. Example Values: 16, 16.18.1, v16, v16.18.1
Default: none