{"id":21835761,"url":"https://github.com/vtex/action-sonarqube","last_synced_at":"2026-02-26T12:02:03.146Z","repository":{"id":47047231,"uuid":"325370334","full_name":"vtex/action-sonarqube","owner":"vtex","description":"A Github action that runs the SonarScanner and adds SonarQube Issues as annotations in your pull requests.","archived":false,"fork":false,"pushed_at":"2021-09-15T19:50:33.000Z","size":534,"stargazers_count":8,"open_issues_count":1,"forks_count":5,"subscribers_count":79,"default_branch":"main","last_synced_at":"2026-02-11T04:03:16.212Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vtex.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-12-29T19:28:58.000Z","updated_at":"2025-03-10T22:03:17.000Z","dependencies_parsed_at":"2023-01-04T12:39:13.991Z","dependency_job_id":null,"html_url":"https://github.com/vtex/action-sonarqube","commit_stats":{"total_commits":19,"total_committers":3,"mean_commits":6.333333333333333,"dds":"0.26315789473684215","last_synced_commit":"3541d939f0d56b977d75885a22ccde335be8c3cf"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/vtex/action-sonarqube","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vtex%2Faction-sonarqube","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vtex%2Faction-sonarqube/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vtex%2Faction-sonarqube/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vtex%2Faction-sonarqube/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vtex","download_url":"https://codeload.github.com/vtex/action-sonarqube/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vtex%2Faction-sonarqube/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29858461,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-26T08:51:08.701Z","status":"ssl_error","status_checked_at":"2026-02-26T08:50:19.607Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-27T20:24:25.961Z","updated_at":"2026-02-26T12:02:03.114Z","avatar_url":"https://github.com/vtex.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SonarQube Action\n\nThis is a Github action that runs the [SonarScanner](https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/) and add SonarQube Issues as annotations in your pull requests.\n\n## Usage\n\nBefore creating your workflow, you need set two secret variables in your repository: The SonarQube server URL and your [SonarQube token](https://docs.sonarqube.org/latest/user-guide/user-token/). The github token secret is automatically created by Github, you just need to reference on your workflow.\n\n```yml\nname: Some workflow\non:\n    pull_request:\n        branches: [master, main]\njobs:\n  SonarScanner:\n    runs-on: ubuntu-latest\n    name: Sonar Scanner\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v2\n        with:\n          fetch-depth: 0\n      - name: Install dependencies\n        run: yarn install --production=false\n      - name: Scan code\n        uses: vtex/action-sonarqube@main\n        with:\n          githubToken: ${{ secrets.GITHUB_TOKEN }} # https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret\n          host: ${{ secrets.SQHost }} # Variable set in the Github Secrets\n          token: ${{ secrets.SQToken }} # Variable set in the Github Secrets\n```\n\n\u003e If your project uses `typescript`, you need to install the dependencies. If not, you can remove the installation step.\n\n## Variables\n\nThe key and name of the SonarQube project will follow the format `github-owner/github-repository` and project base dir will be the project root folder. But if you wish, you can customize the variables as in the example below:\n\n```yml\nwith:\n    githubToken: ${{ secrets.GITHUB_TOKEN }} #required\n    host: ${{ secrets.SQHost }} # required\n    token: ${{ secrets.SQToken }} # required\n    projectKey: \"my-custom-project\"\n    projectName: \"my-custom-project-name\"\n    projectBaseDir: \"/path/to/my-custom-project\"\n    lintReport:  \"/path/to/lint-report-json\" # https://docs.sonarqube.org/pages/viewpage.action?pageId=11639183\n```\n\n## Roadmap\n\nRoadmap of the project\n\n- [x] Run SonarScanner\n- [x] Add annotations on pull requests with SonarQube issues\n- [x] Genereate summary report with SonarQube analysis\n- [x] Use lint report in the Sonar Scanner\n\n## Developing\n\nAfter cloning the repository, install the dependencies with [`yarn`](https://yarnpkg.com):\n\n```sh\nyarn\n```\n\nWhen you are ready to submit your code, you just need to commit and the husky pre-commit script will do the build for you. Make sure the build works correctly.\n\nIf for some reason you don't want to use husky and want to do the build by yourself, just use the following commands:\n\n```sh\nyarn build\ngit add .\ngit commit --no-verify\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvtex%2Faction-sonarqube","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvtex%2Faction-sonarqube","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvtex%2Faction-sonarqube/lists"}