Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to make Pull Request trigger Sonarqube scan

enduser6
enduser6 September 26, 2017

Hello,

 New to BitBucket... inherited a project, now trying to get up to speed and code-complete ASAP. We have a DevSecOps pipeline using BitBucket as SCM, SonarQube as our static analysis engine. Java is the development language. My Tech Lead would like to prevent a Merge of a Pull request if there are Critical or High issues found in the SonarQube analysis of code in the Pull request. So, I am looking for a way to trigger SonarQube scan on a Pull request and if it fails (Critical issue found) the Merge is not allowed to go through or some notification is sent. There is hope also that issue that pre-existed on the branch would not trigger the notification (legacy issues don't break Merge requests); 

I see plugins for BitBucket that are "pull-request decorators" but they lack documentation (open source ones do, anyway...); any assistance is appreciated. 

Answer
Watch
Like # people like this
4390 views

1 answer

1 accepted

1 vote
Answer accepted
Aron Gombas _Midori_
Aron Gombas _Midori_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 27, 2017

Check out this Bitbucket add-on: https://marketplace.atlassian.com/plugins/ch.mibex.stash.sonar4stash/server/overview

View More Comments
enduser6
enduser6 September 27, 2017

thanks, Aron. That seems to be the most often recommended plugin to accomplish this. I will pursue it as a solution. 

Like
Aron Gombas _Midori_
Aron Gombas _Midori_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 28, 2017

Glad that it was helpful. Please remember to click the checkmark at the answer so that future viewers see that as the "correct" answer.

Like
Jose Ramon Mañes
Jose Ramon Mañes November 22, 2018

Hi guys, how´s going on?

I´m having the same needed but in my case I have a SonarQube server and I´m using BB Cloud, do you know if there is any similar plugin or something similar to get the results when someone does a pull request?

 

Regards,

 

Jose Ramon Mañes

Like
amathur11
amathur11 June 7, 2019

I am also having the same scenario but we dont have bitbucket server, so can we still integrate bitbucket with sonarqube

Like
Aron Gombas _Midori_
Aron Gombas _Midori_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 14, 2021

Update: we have recently released a new app called Better DevOps Automation. It allows executing automations with Git, Subversion, Bitbucket, GitLab, GitHub and other Version Control System implementations.

The automations can be started by multiple types of triggers. The automations can do a bazillion of different things, also including SonarQube and other type of code quality checks.

You may find something useful here, make sure you check this out.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events