# Integrating SonarQube into GitLab CI


How to use SonarScanner CLI.

This is an example of how you can use the SonarScanner CLI. For example, if you want to scan a PHP application. There are also alternatives: Gradle & Maven.

Create a file called `sonar-project.properties` inside of your repository root. As stated in the [SonarQube GitLab CI documentation](https://docs.sonarqube.org/latest/analysis/gitlab-cicd/).

```
# SonarQube server
# sonar.host.url & sonar.login are set by the Scanner CLI.
# See https://docs.sonarqube.org/latest/analysis/gitlab-cicd/.

# Project settings.
sonar.projectKey=my-project
sonar.projectName=My project
sonar.projectDescription=My new interesting project.
sonar.links.ci=https://gitlab.com/my-account/my-project/pipelines
sonar.links.issue=https://jira.example.com/projects/MYPROJECT

# Scan settings.
sonar.projectBaseDir=.
# Define the directories that should be scanned. Comma separated.
sonar.sources=./src,./resources,./web

sonar.test.inclusions=**/*Test.php
sonar.php.coverage.reportPaths=./coverage/lcov.info
sonar.php.file.suffixes=php
sonar.sourceEncoding=UTF-8

sonar.exclusions=,**/coverage/**

# Fail CI pipeline if Sonar fails.
sonar.qualitygate.wait=true
```


Add a SonarQube stage to your`*gitlab-ci.yml` file. I configured it to only run on the Git `master` branch. Because I’m using the SonarQube CommunityEdition — which only supports analyzing one branch per repository.*

```
stages:
  - analyze

analyze:sonar:
  stage: analyze
  image:
    name: sonarsource/sonar-scanner-cli:4.5
    entrypoint: [""]
  variables:
    # Defines the location of the analysis task cache
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
    # Shallow cloning needs to be disabled.
    # See https://docs.sonarqube.org/latest/analysis/gitlab-cicd/.
    GIT_DEPTH: 0
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - sonar-scanner
  rules:
    # SonarQube CommunityEdition only supports analyzing a single branch.
    # So only run on master.
    - if: '$CI_COMMIT_BRANCH == "master"'
      when: on_success
    - when: never
```


Add the following variables via the GitLab CI UI. *Keep in mind not to commit any credentials to your Git repository.*

1. Go to *Settings > CI / CD*

1. Expand *Variables*

![Setting GitLab CI variables](https://cdn.hashnode.com/res/hashnode/image/upload/v1619800927533/Zmg2WBBVE.png)*Setting GitLab CI variables*

### Add the required Sonar variables:

`SONAR_HOST_URL` :

![`SONAR_HOST_URL configuration`](https://cdn.hashnode.com/res/hashnode/image/upload/v1619800930069/KB7XAtars.png)*`SONAR_HOST_URL configuration`*

`SONAR_TOKEN` :

First off, we need a token. To get one, log into you Sonar instance and create a new one:

1. Go to *My Account*

1. Click the *Security* tab

1. Enter a token name, and click *Generate*

1. Copy the generated token

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1619800932420/u09_XG6B6.png)

![`SONAR_TOKEN configuration`](https://cdn.hashnode.com/res/hashnode/image/upload/v1619800934557/8vGGvqSem.png)*`SONAR_TOKEN configuration`*

Now your project will show up in SonarQube after the first GitLab CI pipeline run.
