Start FreeLog in
SonarCloud | Advanced setup | CI-based analysis | Bitbucket Pipelines for SonarCloud

Analyze your repository with Bitbucket Pipelines for SonarCloud

On this page

Once your project is created and initiated from the repository you selected, you can follow the tutorial to configure your analysis with Bitbucket Pipelines.

Launch your analysis and check your Quality Gate

Launch analyses with the SonarCloud Scan pipe and check the quality gate with the SonarCloud Quality Gate check pipe.

More information:

Analyzing branches

In order to trigger a SonarCloud analysis on each push on a branch, you have to supply the same command in the pull-requests section of bitbucket-pipelines.yml (check the bitbucket-pipelines.yml configuration reference for more details about that section). Here is a sample configuration:

pipelines:
  ...
  branches:
    master:
      - step:
          script:
            - mvn sonar:sonar
  ...

Make sure that your bitbucket-pipelines.yml is up to date in the branch you want to analyze.

Analyzing pull requests

In order to trigger a SonarCloud analysis on each pull request update, you have to supply the same command in the pull-requests section of bitbucket-pipelines.yml (check the bitbucket-pipelines.yml configuration reference for more details about that section). Here is a sample configuration:

pipelines:
  ...
  pull-requests:
    feature/*:
      - step:
          script:
            - mvn sonar:sonar
  ...

Make sure that your bitbucket-pipelines.yml is up to date in the pull request you want to analyze.

Analyzing Monorepo Projects with Bitbucket Cloud: Pipeline Configuration

If you want to analyze a monorepo that contains more than one project, you need to ensure that you specify the paths to each project for analysis in your bitbucket-pipelines.yml file.

A typical yml file for a monorepo analysis should look something like this. 

definitions:
  caches:
    sonar: ~/.sonar/cache  # Caching SonarCloud artifacts will speed up your build
  steps:
    - step: &build-test-sonarcloud
        name: Build, test and analyze on SonarCloud
        caches:
          - sonar
        script:
          - pipe: sonarsource/sonarcloud-scan:2.0.0
            variables:
              SONAR_TOKEN: ${SONAR_TOKEN}
              EXTRA_ARGS: '-Dsonar.projectKey=neil.hannonbbc4_monorepotest_proj1 -Dsonar.organization=neil.hannonbbc4 -Dsonar.projectBaseDir=proj1'
          - pipe: sonarsource/sonarcloud-scan:2.0.0
            variables:
              SONAR_TOKEN: ${SONAR_TOKEN}
              EXTRA_ARGS: '-Dsonar.projectKey=neil.hannonbbc4_monorepotest_proj2 -Dsonar.organization=neil.hannonbbc4 -Dsonar.projectBaseDir=proj2'

We recommend checking that you're using the sonarcloud-scan pipe version mentioned on this page.

Sample projects

You can see our multiple sample projects to see how it works :

If you target a .NET application, see a sample .NET project built with Azure Pipelines.

Troubleshooting

Docker memory limit:

If your Pipelines fail with the error Container ‘docker' exceeded memory limit, you'll need to increase the memory limit for the docker process in your bitbucket-pipelines.yml file: 

...
definitions:
  services:
    docker:
      memory: 2048

pipelines: 
...

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License