{"id":15055493,"url":"https://github.com/gabrie-allaigre/sonar-gitlab-plugin","last_synced_at":"2025-04-12T18:48:33.501Z","repository":{"id":40643575,"uuid":"58255049","full_name":"gabrie-allaigre/sonar-gitlab-plugin","owner":"gabrie-allaigre","description":"Add to each commit GitLab in a global commentary on the new anomalies added by this commit and add comment lines of modified files","archived":false,"fork":false,"pushed_at":"2022-06-28T23:26:45.000Z","size":981,"stargazers_count":717,"open_issues_count":142,"forks_count":209,"subscribers_count":33,"default_branch":"master","last_synced_at":"2025-04-03T21:13:03.696Z","etag":null,"topics":["gitlab","sonar-gitlab-plugin","sonarqube"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gabrie-allaigre.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-05-07T07:34:34.000Z","updated_at":"2025-03-25T13:04:04.000Z","dependencies_parsed_at":"2022-08-09T23:50:50.387Z","dependency_job_id":null,"html_url":"https://github.com/gabrie-allaigre/sonar-gitlab-plugin","commit_stats":null,"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gabrie-allaigre%2Fsonar-gitlab-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gabrie-allaigre%2Fsonar-gitlab-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gabrie-allaigre%2Fsonar-gitlab-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gabrie-allaigre%2Fsonar-gitlab-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gabrie-allaigre","download_url":"https://codeload.github.com/gabrie-allaigre/sonar-gitlab-plugin/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248618074,"owners_count":21134197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gitlab","sonar-gitlab-plugin","sonarqube"],"created_at":"2024-09-24T21:43:01.125Z","updated_at":"2025-04-12T18:48:33.479Z","avatar_url":"https://github.com/gabrie-allaigre.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"Sonar GitLab Plugin\n===================\n\n[![Build Status](https://travis-ci.org/gabrie-allaigre/sonar-gitlab-plugin.svg?branch=master)](https://travis-ci.org/gabrie-allaigre/sonar-gitlab-plugin)\n\nInspired by https://github.com/SonarCommunity/sonar-github\n\n# Current version\n\n## Version 4.1.0-SNAPSHOT\n\n**Only SonarQube \u003c 7.7, because preview mode is removed**\n\n### Fixed\n- Fix new line in json [#181](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/181)\n- Fix new rule type [#183](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/183)\n- Adding support for NONE in QualityGateFailMode [#206](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/206)\n- Code Quality Descriptions [#208](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/208)\n- Make sure that ReporterBuilder is available during batch [#214](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/214)\n- Fix issues retrieval for SonarQube Community Edition [#227](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/227)\n\n**[Download 4.1.0-SNAPSHOT](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/4.1.0-SNAPSHOT/sonar-gitlab-plugin-4.1.0-SNAPSHOT.jar)**\n\n\u003e Others versions, go to ChangeLog section\n\n# Goal\n\nAdd to each **commit** GitLab in a global commentary on the new anomalies added by this **commit** and add comment lines of modified files.\n\n**Comment commits:**\n\n![Comment commits](doc/sonar_global.jpg)\n\n**Comment line:**\n\n![Comment line](doc/sonar_inline.jpg)\n\n**Add build line:**\n\n![Add buids](doc/builds.jpg)\n\n**With quality gate global comment**\n\n![qualitygate](doc/quality_gate.png)\n\n**With generate code quality json file**\n\n![qualitygate](doc/codequality.png)\n\n**With generate SAST json file**\n\n![qualitygate](doc/sast.png)\n\nWorks with Java, Php, Android, JavaScript, C#, etc..\n\n# Usage\n\nFor SonarQube \u003c 5.4:\n\n- Download last version https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/1.6.6/sonar-gitlab-plugin-1.6.6.jar\n- Copy file in extensions directory `SONARQUBE_HOME/extensions/plugins`\n- Restart SonarQube\n\nFor SonarQube \u003e= 5.4 and \u003c 5.6:\n\n- Download last version https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/1.7.0/sonar-gitlab-plugin-1.7.0.jar\n- Copy file in extensions directory `SONARQUBE_HOME/extensions/plugins`\n- Restart SonarQube\n\nFor SonarQube \u003e= 5.6 and \u003c 6.7:\n\n- Download last version https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.1/sonar-gitlab-plugin-3.0.1.jar\n- Copy file in extensions directory `SONARQUBE_HOME/extensions/plugins`\n- Restart SonarQube\n\nFor SonarQube \u003e= 6.7 and \u003c 7.0:\n\n- Download last version https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.2/sonar-gitlab-plugin-3.0.2.jar\n- Copy file in extensions directory `SONARQUBE_HOME/extensions/plugins`\n- Restart SonarQube\n\nFor SonarQube \u003e= 7.0:\n\n- Download last version https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/4.0.0/sonar-gitlab-plugin-4.0.0.jar\n- Copy file in extensions directory `SONARQUBE_HOME/extensions/plugins`\n- Restart SonarQube\n\n**Optional Plugin: [Add Single Sign-On with GitLab in SonarQube](https://github.com/gabrie-allaigre/sonar-auth-gitlab-plugin)**\n\n## Command line\n\nExample:\n\n### Issues mode (Preview)\n\nWith Maven\n\n```shell\nmvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID\n```\n\nor for comment inline in all commits of branch:\n\n```shell\nmvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$(git log --pretty=format:%H origin/master..$CI_COMMIT_SHA | tr '\\n' ',') -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.unique_issue_per_inline=true\n```\n\nWith SonarScanner\n\n```shell\nsonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID\n```\n\nWith SonarScanner and node\n\n```shell\nnpm run sonar-scanner -- -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID\n```\n\nWith Gradle\n\n```shell\n./gradlew sonarqube -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID\n```\n\n### Publish mode (Analyse)\n\nWith Maven\n\n```shell\nmvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.branch.name=$CI_COMMIT_REF_NAME\n```\n\nWorks with `sonar-scanner` and `gradle`\n\n## GitLab CI\n\n\u003e Set secret variable `SONAR_URL` and `SONAR_LOGIN`\n\n.gitlab-ci.yml sample for Maven project, comment last commit:\n\n```yml\nsonarqube_master_job:\n  stage: test\n  only:\n    - master\n  script:\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN\n\nsonarqube_preview_feature_job:\n  stage: test\n  only:\n    - /^feature\\/*/\n  script:\n    - git checkout origin/master\n    - git merge $CI_COMMIT_SHA --no-commit --no-ff\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME\n```\n\nWith quality gate\n\n```yml\nsonarqube_master_job:\n  stage: test\n  only:\n    - master\n  script:\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME\n\nsonarqube_preview_feature_job:\n  stage: test\n  only:\n    - /^feature\\/*/\n  script:\n    - git checkout origin/master\n    - git merge $CI_COMMIT_SHA --no-commit --no-ff\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME\n```\n\nIf use SonarQube with `BranchPlugin`\n\n```yml\nsonarqube_master_job:\n  stage: test\n  only:\n    - master\n  script:\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME\n\nsonarqube_preview_feature_job:\n  stage: test\n  only:\n    - /^feature\\/*/\n  script:\n    - git checkout origin/master\n    - git merge $CI_COMMIT_SHA --no-commit --no-ff\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.branch.name=$CI_COMMIT_REF_NAME\n```\n\nFor get code quality (`codeclimate.json`) in merge request (only GitLab EE https://docs.gitlab.com/ee/user/project/merge_requests/code_quality_diff.html)\n\n\u003e Warning, master must have a `codequality.json`, use `commit-status` for notification mode (not mandatory)\n\n```yml\nstages:\n  ...\n  - test\n  - quality\n  ...\nsonarqube_master_job:\n  stage: test\n  only:\n    - master\n  script:\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.json_mode=CODECLIMATE -Dsonar.gitlab.failure_notification_mode=commit-status\n  artifacts:\n    expire_in: 1 day\n    paths:\n      - codeclimate.json\n\nsonarqube_preview_feature_job:\n  stage: test\n  only:\n    - /^feature\\/*/\n  script:\n    - git checkout origin/master\n    - git merge $CI_COMMIT_SHA --no-commit --no-ff\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.json_mode=CODECLIMATE -Dsonar.gitlab.failure_notification_mode=commit-status\n  artifacts:\n    expire_in: 1 day\n    paths:\n      - codeclimate.json\n\ncodequality:\n  stage: quality\n  variables:\n    GIT_STRATEGY: none\n  script:\n    - echo ok\n  artifacts:\n    paths:\n      - codeclimate.json\n```\n\nFor get SAST (`gl-sast-report.json`) information in merge request (only GitLab EE https://docs.gitlab.com/ee/user/project/merge_requests/sast.html)\n\n```yml\nstages:\n  ...\n  - test\n  - quality\n  ...\nsonarqube_preview_feature_job:\n  stage: test\n  only:\n    - /^feature\\/*/\n  script:\n    - git checkout origin/master\n    - git merge $CI_COMMIT_SHA --no-commit --no-ff\n    - mvn --batch-mode verify sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.analysis.mode=preview -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.json_mode=SAST -Dsonar.gitlab.failure_notification_mode=commit-status\n  artifacts:\n    expire_in: 1 day\n    paths:\n      - gl-sast-report.json\n\nsast:\n  stage: quality\n  only:\n    - /^feature\\/*/\n  variables:\n    GIT_STRATEGY: none\n  artifacts:\n    paths:\n      - gl-sast-report.json\n```\n\nTo enable discussions instead of comments\n\nNOTE: This CI variable `CI_MERGE_REQUEST_IID` is available from version 11.6 on.\n\n```yml\nmvn --batch-mode verify sonar:sonar \\\n    -Dsonar.host.url=$SONAR_URL\n    -Dsonar.login=$SONAR_LOGIN \\\n    -Dsonar.analysis.mode=preview \\\n    -Dsonar.gitlab.api_version=v4 \\\n    -Dsonar.gitlab.project_id=$CI_PROJECT_PATH \\\n    -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA \\\n    -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME \\\n    -Dsonar.gitlab.user_token=\u003cyour_user_token\u003e \\\n    -Dsonar.gitlab.url=http://\u003cyour_gitlab_url\u003e \\\n    -Dsonar.gitlab.ci_merge_request_iid=$CI_MERGE_REQUEST_IID \\\n    -Dsonar.gitlab.merge_request_discussion=true\n```\n\n| GitLab 8.x name | GitLab 9.x name |\n| -------- | ----------- |\n| CI_BUILD_REF | CI_COMMIT_SHA |\n| CI_BUILD_REF_NAME | CI_COMMIT_REF_NAME |\n\nhttps://docs.gitlab.com/ce/ci/variables/#9-0-renaming\n\n## Plugins properties\n\n| Variable | Comment | Type | Version |\n| -------- | ----------- | ---- | --- |\n| sonar.gitlab.url | GitLab url | Administration, Variable | \u003e= 1.6.6 |\n| sonar.gitlab.max_global_issues | Maximum number of anomalies to be displayed in the global comment |  Administration, Variable | \u003e= 1.6.6 |\n| sonar.gitlab.user_token | Token of the user who can make reports on the project, either global or per project |  Administration, Project, Variable | \u003e= 1.6.6 |\n| sonar.gitlab.project_id | Project ID in GitLab or internal id or namespace + name or namespace + path or url http or ssh url or url or web | Project, Variable | \u003e= 1.6.6 |\n| sonar.gitlab.commit_sha | SHA of the commit comment | Variable | \u003e= 1.6.6 |\n| sonar.gitlab.ref | Branch name or reference of the commit | Variable | \u003c 3.0.0 |\n| sonar.gitlab.ref_name | Branch name or reference of the commit | Variable | \u003e= 1.6.6 |\n| sonar.gitlab.max_blocker_issues_gate | Max blocker issue for build failed (default 0). Note: only for preview mode | Project, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.max_critical_issues_gate | Max critical issues for build failed (default 0). Note: only for preview mode | Project, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.max_major_issues_gate | Max major issues for build failed (default -1 no fail). Note: only for preview mode | Project, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.max_minor_issues_gate | Max minor issues for build failed (default -1 no fail). Note: only for preview mode | Project, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.max_info_issues_gate | Max info issues for build failed (default -1 no fail). Note: only for preview mode | Project, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.ignore_certificate | Ignore Certificate for access GitLab, use for auto-signing cert (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.comment_no_issue | Add a comment even when there is no new issue (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.disable_inline_comments | Disable issue reporting as inline comments (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.only_issue_from_commit_file | Show issue for commit file only (default false) | Variable | \u003e= 2.0.0 |\n| sonar.gitlab.only_issue_from_commit_line | Show issue for commit line only (default false) | Variable | \u003e= 2.1.0 |\n| sonar.gitlab.build_init_state | State that should be the first when build commit status update is called (default pending) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.disable_global_comment | Disable global comment, report only inline (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.failure_notification_mode | Notification is in current build (exit-code) or in commit status (commit-status) (default commit-status) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.global_template | Template for global comment in commit | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.ping_user | Ping the user who made an issue by @ mentioning. Only for default comment (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.unique_issue_per_inline | Unique issue per inline comment (default false) | Administration, Variable | \u003e= 2.0.0 |\n| sonar.gitlab.prefix_directory | Add prefix when create link for GitLab | Variable | \u003e= 2.1.0 |\n| sonar.gitlab.api_version | GitLab API version (default `v4` or `v3`) | Administration, Variable | \u003e= 2.1.0 |\n| sonar.gitlab.all_issues | All issues new and old (default false, only new) | Administration, Variable | \u003e= 2.1.0 |\n| sonar.gitlab.json_mode | Create a json report in root for GitLab EE (codeclimate.json or gl-sast-report.json) | Project, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.query_max_retry | Max retry for wait finish analyse for publish mode | Administration, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.query_wait | Max retry for wait finish analyse for publish mode | Administration, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.quality_gate_fail_mode | Quality gate fail mode: error, warn or none (default error) | Administration, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.issue_filter | Filter on issue, if MAJOR then show only MAJOR, CRITICAL and BLOCKER (default INFO) | Administration, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.load_rules | Load rules for all issues (default false) | Administration, Variable | \u003e= 3.0.0 |\n| sonar.gitlab.disable_proxy | Disable proxy if system contains proxy config (default false) | Administration, Variable | \u003e= 4.0.0 |\n| sonar.gitlab.merge_request_discussion | Allows to post the comments as discussions (default false) | Project, Variable | \u003e= 4.0.0 |\n| sonar.gitlab.ci_merge_request_iid | The IID of the merge request if it’s pipelines for merge requests | Project, Variable | \u003e= 4.0.0 |\n\n- Administration : **Settings** globals in SonarQube\n- Project : **Settings** of project in SonarQube\n- Variable : In an environment variable or in the `pom.xml` either from the command line with` -D`\n\n# Configuration\n\n- In SonarQube: Administration -\u003e General Settings -\u003e GitLab -\u003e **Reporting**. Set GitLab Url and Token\n\n\u003e If sonar.gitlab.failure_notification_mode is commit-status then role is Developer else Reporter.\n\n![Sonar settings](doc/sonar_admin_settings.jpg)\n\n- In SonarQube: Project Administration -\u003e General Settings -\u003e GitLab -\u003e **Reporting**. Set project identifier in GitLab\n\n![Sonar settings](doc/sonar_project_settings.jpg)\n\n# Templates\n\nCustom global/inline comment : Change language, change image, change order, print all issues, etc\n\n**Use FreeMarker syntax [http://freemarker.org/](http://freemarker.org/)**\n\n## Variables\n\nUsage : `${name}`\n\n| name | type | description |\n| --- | --- | --- |\n| url | String | GitLab url |\n| projectId | String | Project ID in GitLab or internal id or namespace + name or namespace + path or url http or ssh url or url or web |\n| commitSHA | String[] | SHA of the commit comment. Get first `commitSHA[0]` |\n| refName | String | Branch name or reference of the commit |\n| maxGlobalIssues | Integer | Maximum number of anomalies to be displayed in the global comment |\n| maxBlockerIssuesGate | Integer | Max blocker issue for build failed |\n| maxCriticalIssuesGate | Integer | Max critical issue for build failed |\n| maxMajorIssuesGate | Integer | Max major issue for build failed |\n| maxMinorIssuesGate | Integer | Max minor issue for build failed |\n| maxInfoIssuesGate | Integer | Max info issue for build failed |\n| disableIssuesInline | Boolean | Disable issue reporting as inline comments |\n| disableGlobalComment | Boolean | Disable global comment, report only inline |\n| onlyIssueFromCommitFile | Boolean | Show issue for commit file only |\n| commentNoIssue | Boolean | Add a comment even when there is no new issue |\n| revision | String | Current revision |\n| author | String | Commit's author for inline |\n| lineNumber | Integer | Current line number for inline issues only |\n| BLOCKER | Severity | Blocker |\n| CRITICAL | Severity | Critical |\n| MAJOR | Severity | Major |\n| MINOR | Severity | Minor |\n| INFO | Severity | Info |\n| sonarUrl | String | Url of SonarQube |\n| publishMode | Boolean | true if publish mode |\n| qualityGate | QualityGate | QualityGate |\n| OK | Status | Passed QualityGate \u0026 Condition status only Global Comment |\n| WARN | Status | Warning QualityGate \u0026 Condition status only Global Comment |\n| ERROR | Status | Failed QualityGate \u0026 Condition status only Global Comment |\n\n## Functions\n\nUsage : `${name(arg1,arg2,...)}`\n\n| name | arguments | type | description |\n| --- | --- | --- | --- |\n| issueCount | none | Integer | Get new issue count |\n| issueCount | Boolean | Integer | Get new issue count if true only reported else false only not reported |\n| issueCount | Severity | Integer | Get new issue count by Severity |\n| issueCount | Boolean, Severity | Integer | Get new issue count by Severity if true only reported else false only not reported |\n| issues | none | List\u003cIssue\u003e | Get new issues |\n| issues | Boolean | List\u003cIssue\u003e | Get new issues if true only reported else false only not reported |\n| issues | Severity | List\u003cIssue\u003e | Get new issues by Severity |\n| issues | Boolean, Severity | List\u003cIssue\u003e | Get new issues by Severity if true only reported else false only not reported |\n| print | Issue | String | Print a issue line (same default template) |\n| emojiSeverity | Severity | String | Print a emoji by severity |\n| imageSeverity | Severity | String | Print a image by severity |\n| ruleLink | String | String | Get URL for rule in SonarQube |\n\nUsage : `${qualityGate.name(arg1,arg2,...)}`\n\n| name | arguments | type | description |\n| --- | --- | --- | --- |\n| conditions | Function none argument | List\u003cCondition\u003e | Get all conditions |\n| conditions | Function Status argument | List\u003cCondition\u003e | Get all conditions with Status|\n| conditionCount | Function none argument | Integer | Get size of all conditions |\n| conditionCount | Function Status argument | Integer | Get size conditions with Status|\n\n### Types\n\nUsage : `${Issue.name}`\n\n| name | type | description |\n| --- | --- | --- |\n| reportedOnDiff | Boolean | Reported inline |\n| url | String | URL of file/line in GitLab |\n| componentKey | String | Component key |\n| severity | Severity | Severity of issue |\n| line | Integer | Line (maybe null) |\n| key | String | Key |\n| message | String | Message (maybe null) |\n| ruleKey | String | Rule key on SonarQube |\n| new | Boolean | New issue |\n| ruleLink | String | URL of rule in SonarQube |\n| src | String | File source |\n| rule | Rule | Rule information |\n\nUsage : `${Issue.rule.name}`\n\n| name | type | description |\n| --- | --- | --- |\n| key | String | Rule key |\n| repo | String | Rule repository |\n| name | String | Name of rule |\n| description | String | Description of rule |\n| type | String | CODE_SMELL, BUG, VULNERABILITY, SECURITY_HOTSPOT |\n| debtRemFnType | String | Debt type |\n| debtRemFnBaseEffort | String | Debt effort |\n\nUsage : `${qualityGate.name}`\n\n| name | type | description |\n| --- | --- | --- |\n| status | Status | Status of quality gate |\n\nUsage : `${Condition.name}`\n\n| name | type | description |\n| --- | --- | --- |\n| status | Status | Status of condition |\n| actual | String | Actual value for metric |\n| warning | String | Warning value |\n| error | String | Error value |\n| metricKey | String | Metric key |\n| metricName | String | Metric name |\n| symbol | String | Symbol of condition \u003c,\u003e,=,!= |\n\n## Examples\n\n### Global\n\n```injectedfreemarker\n\u003c#if qualityGate??\u003e\nSonarQube analysis indicates that quality gate is \u003c@s status=qualityGate.status/\u003e.\n\u003c#list qualityGate.conditions() as condition\u003e\n\u003c@c condition=condition/\u003e\n\n\u003c/#list\u003e\n\u003c/#if\u003e\n\u003c#macro c condition\u003e* ${condition.metricName} is \u003c@s status=condition.status/\u003e: Actual value ${condition.actual} is ${condition.symbol}\u003c#if condition.status != OK \u0026\u0026 condition.message?? \u0026\u0026 condition.message?trim?has_content\u003e (${condition.message})\u003c/#if\u003e\u003c/#macro\u003e\n\u003c#macro s status\u003e\u003c#if status == OK\u003epassed\u003c#elseif status == WARN\u003ewarning\u003c#elseif status == ERROR\u003efailed\u003c#else\u003eunknown\u003c/#if\u003e\u003c/#macro\u003e\n\u003c#assign newIssueCount = issueCount() notReportedIssueCount = issueCount(false)\u003e\n\u003c#assign hasInlineIssues = newIssueCount gt notReportedIssueCount extraIssuesTruncated = notReportedIssueCount gt maxGlobalIssues\u003e\n\u003c#if newIssueCount == 0\u003e\nSonarQube analysis reported no issues.\n\u003c#else\u003e\nSonarQube analysis reported ${newIssueCount} issue\u003c#if newIssueCount gt 1\u003es\u003c/#if\u003e\n    \u003c#assign newIssuesBlocker = issueCount(BLOCKER) newIssuesCritical = issueCount(CRITICAL) newIssuesMajor = issueCount(MAJOR) newIssuesMinor = issueCount(MINOR) newIssuesInfo = issueCount(INFO)\u003e\n    \u003c#if newIssuesBlocker gt 0\u003e\n* ${emojiSeverity(BLOCKER)} ${newIssuesBlocker} blocker\n    \u003c/#if\u003e\n    \u003c#if newIssuesCritical gt 0\u003e\n* ${emojiSeverity(CRITICAL)} ${newIssuesCritical} critical\n    \u003c/#if\u003e\n    \u003c#if newIssuesMajor gt 0\u003e\n* ${emojiSeverity(MAJOR)} ${newIssuesMajor} major\n    \u003c/#if\u003e\n    \u003c#if newIssuesMinor gt 0\u003e\n* ${emojiSeverity(MINOR)} ${newIssuesMinor} minor\n    \u003c/#if\u003e\n    \u003c#if newIssuesInfo gt 0\u003e\n* ${emojiSeverity(INFO)} ${newIssuesInfo} info\n    \u003c/#if\u003e\n    \u003c#if !disableIssuesInline \u0026\u0026 hasInlineIssues\u003e\n\nWatch the comments in this conversation to review them.\n    \u003c/#if\u003e\n    \u003c#if notReportedIssueCount gt 0\u003e\n        \u003c#if !disableIssuesInline\u003e\n            \u003c#if hasInlineIssues || extraIssuesTruncated\u003e\n                \u003c#if notReportedIssueCount \u003c= maxGlobalIssues\u003e\n\n#### ${notReportedIssueCount} extra issue\u003c#if notReportedIssueCount gt 1\u003es\u003c/#if\u003e\n                \u003c#else\u003e\n\n#### Top ${maxGlobalIssues} extra issue\u003c#if maxGlobalIssues gt 1\u003es\u003c/#if\u003e\n                \u003c/#if\u003e\n            \u003c/#if\u003e\n\nNote: The following issues were found on lines that were not modified in the commit. Because these issues can't be reported as line comments, they are summarized here:\n        \u003c#elseif extraIssuesTruncated\u003e\n\n#### Top ${maxGlobalIssues} issue\u003c#if maxGlobalIssues gt 1\u003es\u003c/#if\u003e\n        \u003c/#if\u003e\n\n        \u003c#assign reportedIssueCount = 0\u003e\n        \u003c#list issues(false) as issue\u003e\n            \u003c#if reportedIssueCount \u003c maxGlobalIssues\u003e\n1. ${print(issue)}\n            \u003c/#if\u003e\n            \u003c#assign reportedIssueCount++\u003e\n        \u003c/#list\u003e\n        \u003c#if notReportedIssueCount gt maxGlobalIssues\u003e\n* ... ${notReportedIssueCount-maxGlobalIssues} more\n        \u003c/#if\u003e\n    \u003c/#if\u003e\n\u003c/#if\u003e\n```\n\n**Others examples for global :**\n- [Template Default](templates/global/default.md) Current template\n- [Template Default with Images](templates/global/default-image.md) Same template as default but with images\n- [Template All Issues](templates/global/all-issues.md) Print all issues\n\n### Inline\n\n```injectedfreemarker\n\u003c#list issues() as issue\u003e\n\u003c@p issue=issue/\u003e\n\u003c/#list\u003e\n\u003c#macro p issue\u003e\n${emojiSeverity(issue.severity)} ${issue.message} [:blue_book:](${issue.ruleLink})\n\u003c/#macro\u003e\n```\n\n**Others examples for inline :**\n- [Template Default](templates/inline/default.md) Current template\n- [Template Default with Images](templates/inline/default-image.md) Same template as default but with images\n\n\n# Tips\n\n\n## Import GitLab SSL certifcate\n\n- **On your server** import Gitlab SSL certificate into the JRE used by SonarQube\n\nIf you don't already have you certificate on the SonarQube server, run `openssl s_client -connect mygitlab.com:443 -showcerts \u003e /home/${USER}/mygitlab.crt`\n\nImport it into your JRE cacerts (you can check from the \"System Info\" page in the Administration section of your sonarqube instance), running `sudo $JDK8/bin/keytool -import -file ~/mygitlab.crt -keystore $JDK8/jre/lib/security/cacerts -alias mygitlab`.\n\nRestart your SonarQube instance.\n\n## Make it works with a private project\n- On a private project, with the provided command line upper in this document, you'll got an \"IllegalStateException: Unable to find project ID\" Exception.\n- It's necessary to create a \"Personal Access Tokens\". It needs a user with the \"developer\" right in the project. The token can be created in the profile menu, check the api checkbox.\n- Then, use the following command line to run sonar thought gitlab-ci\n\n``` batch\nmvn --batch-mode verify sonar:sonar\n      -Dsonar.gitlab.api_version=v4\n      -Dsonar.host.url=http://\u003cyour_sonar_url\u003e:9000\n      -Dsonar.login=\u003cyour_sonar_login\u003e\n      -Dsonar.analysis.mode=preview\n      -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA\n      -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME\n      -Dsonar.gitlab.project_id=$CI_PROJECT_ID\n      -Dsonar.gitlab.url=http://\u003cyour_gitlab_url\u003e\n      -Dsonar.gitlab.user_token=\u003cyour_user_token\u003e\n```\n\n\n# Changelog\n\n## Version 4.1.0-SNAPSHOT\n\n**Only SonarQube \u003c 7.7, because preview mode is removed**\n\n### Fixed\n- Fix new line in json [#181](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/181)\n- Fix new rule type [#183](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/183)\n- Adding support for NONE in QualityGateFailMode [#206](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/206)\n- Code Quality Descriptions [#208](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/208)\n- Make sure that ReporterBuilder is available during batch [#214](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/214)\n- Fix issues retrieval for SonarQube Community Edition [#227](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/227)\n\n**[Download 4.1.0-SNAPSHOT](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/4.1.0-SNAPSHOT/sonar-gitlab-plugin-4.1.0-SNAPSHOT.jar)**\n\n## Version 4.0.0\n\n**This version is directly in the SonarQube update center, only SonarQube \u003e= 7.0**\n\n### Changed\n- Update to sonarqube 7.0 plugin version\n\n### Fixed\n- Using properties instead of depending on the deprecated, work with SonarQube 7.2 [#164](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/164) (Thanks dmarin)\n- Fix others deprecated\n- Fix sonar issues limit 10000 [#140](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/issues/140)\n- Fix disable proxy if proxy is enable in system [#168](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/issues/168)\n\n**[Download 4.0.0](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/4.0.0/sonar-gitlab-plugin-4.0.0.jar)**\n\n## Version 3.0.2\n\n**This version is directly in the SonarQube update center, only SonarQube 6.7**\n\n### Changed\n- Only for SonarQube 6.7\n\n### Fixed\n- Fix sonar issues limit 10000 [#140](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/issues/140)\n- Add test for covorage\n\n**[Download 3.0.2](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.2/sonar-gitlab-plugin-3.0.2.jar)**\n\n## Version 3.0.1\n\n### Changed\n- Support unit test sources #104\n- Show user token in project config #89\n\n### Fixed\n- Fix bug with QualityGate status NONE #107\n\n**[Download 3.0.1](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.1/sonar-gitlab-plugin-3.0.1.jar)**\n\n## Version 3.0.0\n\n**This version is directly in the SonarQube update center, only SonarQube \u003c 6.7**\n\n### Changed\n- Api v4 is now default value\n- For publish mode, get quality gate and print in global comment\n- For publish mode, get all new issues and print in inline and global comment\n- For publish mode, build breaker (status or exit) if quality gate is error or warn (option)\n- Add json report for GitLab EE, codeclimate or sast\n- Add filter for issues\n- Add information rule by issue\n\n### Removed\n- Plugin property sonar.gitlab.ref. The property is replaced by sonar.gitlab.ref_name\n\n**[Download 3.0.0](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.0/sonar-gitlab-plugin-3.0.0.jar)**\n\n## Version 2.1.0\n\n### Changed\n- Add commit only line\n- Add prefix workspace (not found .git folder)\n- Support v3 \u0026 v4 api for GitLab\n- Add all issues options\n\n**[Download 2.1.0](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/2.1.0/sonar-gitlab-plugin-2.1.0.jar)**\n\n## Version 2.0.1\n\n### Fixed\n- Fixbug : NoClassDefFoundError with internal sonar class #26\n\n**[Download 2.0.1](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/2.0.1/sonar-gitlab-plugin-2.0.1.jar)**\n\n## Version 2.0.0\n\n### Changed\n- Use emoticon (Thanks Artpej)\n- Change fail rule (Thanks Artpej)\n- Add comment for no issue (Thanks frol2103)\n- Refactored code (Thanks johnou)\n- Disable reporting in global comments\n- Disable reporting in inline comments\n- Add support Proxy\n- Ignore certficate if auto-signed\n- Custom global comment (Template)\n- Custom inline comment (Template)\n- Get multi SHA for comment inline all commits\n- Custom comment maybe empty then no comment added\n- Add test unit\n- Add quality project https://sonarqube.com/dashboard?id=com.talanlabs%3Asonar-gitlab-plugin\n- GitLab API is in maven central\n- Java 8\n- Sonarqube \u003e= 5.6\n- Remove personal repository\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgabrie-allaigre%2Fsonar-gitlab-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgabrie-allaigre%2Fsonar-gitlab-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgabrie-allaigre%2Fsonar-gitlab-plugin/lists"}