Was this page helpful?
Analyze your repository with Bitbucket Pipelines for SonarCloud
Once your project is created and initiated from the repository you selected, you can follow the tutorial to configure your analysis with Bitbucket Pipelines.
Launch your analysis and check your Quality Gate
Launch analyses with the SonarCloud Scan pipe and check the quality gate with the SonarCloud Quality Gate check pipe.
Unsupported build technologies:
These pipes cannot be used for projects built with Maven, Gradle, .NET, and C/C++.
More information:
Analyzing branches
In order to trigger a SonarCloud analysis on each push on a branch, you have to supply the same command in the pull-requests section of bitbucket-pipelines.yml (check the bitbucket-pipelines.yml configuration reference for more details about that section). Here is a sample configuration:
pipelines:
...
branches:
master:
- step:
script:
- mvn sonar:sonar
...Make sure that your bitbucket-pipelines.yml is up to date in the branch you want to analyze.
Analyzing pull requests
In order to trigger a SonarCloud analysis on each pull request update, you have to supply the same command in the pull-requests section of bitbucket-pipelines.yml (check the bitbucket-pipelines.yml configuration reference for more details about that section). Here is a sample configuration:
pipelines:
...
pull-requests:
feature/*:
- step:
script:
- mvn sonar:sonar
...Make sure that your bitbucket-pipelines.yml is up to date in the pull request you want to analyze.
Analyzing Monorepo Projects with Bitbucket Cloud: Pipeline Configuration
If you want to analyze a monorepo that contains more than one project, you need to ensure that you specify the paths to each project for analysis in your bitbucket-pipelines.yml file.
A typical yml file for a monorepo analysis should look something like this.
definitions:
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
steps:
- step: &build-test-sonarcloud
name: Build, test and analyze on SonarCloud
caches:
- sonar
script:
- pipe: sonarsource/sonarcloud-scan:2.0.0
variables:
SONAR_TOKEN: ${SONAR_TOKEN}
EXTRA_ARGS: '-Dsonar.projectKey=neil.hannonbbc4_monorepotest_proj1 -Dsonar.organization=neil.hannonbbc4 -Dsonar.projectBaseDir=proj1'
- pipe: sonarsource/sonarcloud-scan:2.0.0
variables:
SONAR_TOKEN: ${SONAR_TOKEN}
EXTRA_ARGS: '-Dsonar.projectKey=neil.hannonbbc4_monorepotest_proj2 -Dsonar.organization=neil.hannonbbc4 -Dsonar.projectBaseDir=proj2'We recommend checking that you're using the sonarcloud-scan pipe version mentioned on this page.
Note that you need to build each project in the monorepo separately with a unique project key for each one.
Sample projects
You can see our multiple sample projects to see how it works :
If you target a .NET application, see a sample .NET project built with Azure Pipelines.
Troubleshooting
Docker memory limit:
If your Pipelines fail with the error Container ‘docker' exceeded memory limit, you'll need to increase the memory limit for the docker process in your bitbucket-pipelines.yml file:
...
definitions:
services:
docker:
memory: 2048
pipelines:
...© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
