Automatic Analysis

SonarCloud can automatically analyze your code simply by reading it from your repository, without the need to configure a CI-based analysis.

When you first import a project that is compatible with automatic analysis, SonarCloud will analyze your default branch. Once activated, automatic analysis will trigger a new analysis after each new push on the default branch and after any pull request activity.

Prerequisites

Currently, automatic analysis has the following limitations:

  • It is only available for GitHub repositories.
  • Branch analysis (analysis of non-pull request branches other than the main branch) is not supported.
  • Multiple projects bound to a single repository (the monorepo strategy) are not supported.
  • Compiled languages (Java, C#, VB.NET, C/C++, and Objective-C) cannot be analyzed.
  • T-SQL and PL/SQL cannot be analyzed automatically because they share the same file extension, so this requires manual configuration in the CI-based mode.
  • Code coverage information is not supported.
  • Import of external rule engine reports is not supported.

Supported languages

Due to the limitations mentioned above, automatic analysis is only supported for the following languages:

  • ABAP
  • Apex
  • CloudFormation
  • CSS
  • Flex
  • Go
  • HTML
  • JS
  • Kotlin
  • PHP
  • Python
  • Ruby
  • Scala
  • Swift
  • Terraform
  • TypeScript
  • XML

Activating automatic analysis

For new projects:

  • After importing a project from GitHub, SonarCloud will automatically check whether your project is eligible for automatic analysis. This should take a few seconds.
    • SonarCloud will deem a project eligible for automatic analysis only if fewer than 20% of the lines of code in the project are in a non-compatible language.
    • SonarCloud will reject a project for automatic analysis if it contains a sonar-project.properties file (see Presence of a properties file).
  • If your project is eligible, SonarCloud will automatically trigger the first analysis. On this first analysis, the system will analyze the main branch of the project and the five most recently active pull requests. All you have to do is wait for the analysis to finish.
  • If your project is not compatible, SonarCloud will suggest other analysis methods such as using a CI tool.
  • You can force automatic analysis on an initially non-eligible project. However, doing this is not recommended as it will typically not provide useful information. To force automatic analysis, do one of the following:
    • From your project’s homepage, click the Force Automatic Analysis button.
    • From your project’s Administration > Analysis Method page, turn automatic analysis on.

For existing projects:

  • Go to your project’s Administration > Analysis Method page and turn automatic analysis on.
  • The Analysis Method page will display a compatibility check, so you are aware of our recommendations for your specific project.

Presence of a properties file

If you import a project that already contains a sonar-project.properties file, SonarCloud will deem the project ineligible for automatic analysis. You can still force automatic analysis if you choose. The reason for this limitation is that the presence of a sonar-project.properties in a newly imported project usually means that the customer is migrating from SonarQube and probably wishes to continue with the same CI-based configuration as they were using on that platform, particularly since automatic analysis does not offer all of the same features as CI-based analysis.

Analysis Method Indicator

If a project uses automatic analysis, then in the Project Overview under Analysis Method the system will display Analyzed by SonarCloud:

Conflict with CI-based Analysis

Automatic analysis is not intended to be used in conjunction with CI-based analysis.

If you do enable automatic analysis you must ensure that you do not have any CI-based analyses configured. If you do then these CI-based analyses will fail and cause a failure in your build process.

Similarly, if you wish to use a CI-based analysis on a project, you must ensure that automatic analysis is disabled for that project.

This is done to prevent duplicate analyses from being sent to SonarCloud that would cause problems in your project activity reports.

Deactivating automatic analysis

Go to your project’s Administration > Analysis Method page and turn automatic analysis off.

From the same page, you can then follow one of our tutorials for configuring SonarCloud analyses with another method.

Additional analysis configuration

You can add more configuration to your analyses by adding a .sonarcloud.properties file to your repository’s default branch. Note that this is different from the sonar-project.properties file used for CI-based analysis.

Here are the supported optional settings for the .sonarcloud.properties file:

# Path to sources
#sonar.sources=.
#sonar.exclusions=
#sonar.inclusions=

# Path to tests
#sonar.tests=
#sonar.test.exclusions=
#sonar.test.inclusions=

# Source encoding
#sonar.sourceEncoding=UTF-8

# Exclusions for copy-paste detection
#sonar.cpd.exclusions=

Note that some of these settings can also be configured from the SonarCloud UI. In your project’s Administration > General Settings > Analysis Scope, you can define file exclusions and inclusions. If you have different options set on the UI and the .sonarcloud.properties file, SonarCloud will only take into account the one from the .sonarcloud.properties file.

  • This feature works for any project - public or private.
  • It can be activated at no extra cost.
  • If you were previously using the Automatic Analysis Beta, removing the .sonarcloud.properties file will no longer disable automatic analysis. It will only disable the additional configuration settings you might have defined in it. You will still have to disable automatic analysis from the SonarCloud UI, in the Administration > Analysis Method page.

© 2008-2021, SonarCloud by SonarSource SA. All rights reserved.