Skip to end of metadata
Go to start of metadata

While we have a long-established job type for running Sonar scans via maven (as is used by camunda_workflow and portal_user_interface), the LF recently added a generic job type for Sonar scanning in any supported language (see all supported languages here). The below instructions will guide you through adding one of these Sonarcloud scans to your project.

Step-by-step guide

  1. In your project's JJB file (generally found in the ci-management repo, in the path jjb/<project-name>/<project-name>.yaml ), you need to add "gerrit-sonar" to the list of jobs.
  2. Next, you will need to add properties. There are two ways to do this: either by adding a  file to the project repo, or by adding them in the JJB job.
    1. If you are putting the properties directly into the JJB file, you'll need to supply an empty string for the sonar-project-file  parameter, and then put your properties under the sonar-properties  parameter.
    2. A list of properties (referred to in the docs as "Analysis Parameters", but both the file name and the Jenkins plugin for Sonar refer to these as "properties") can be found here: The first mandatory parameter listed, , does not need to be provided. It will be injected into the environment by the Sonar Scanner plugin, and should not be overwritten.

That's all there is to it! If you need to tweak Quality Profiles or Quality Gates, please submit a support ticket at

Example JJB file

Below is the file used by the LF RelEng team to test this feature. It shows the proper formatting for adding the properties to the JJB job, and provides a list of typical properties than can be provided for optimal scan results. In order to best reflect the real-world use of this feature, the file has not been truncated to show only the relevant section. However, the primary relevant code is entirely contained in the gerrit-sonar  job details.

- project:
    name: ta-caas-install-amd64
    project: ta/caas-install
    project-name: ta-caas-install-amd64
      - merge
      - verify
    build-node: centos7-builder-2c-1g
    stream: master
      - akraino-project-stream-type-ta
      - gerrit-sonar:
          sonar-project-file: ""
          sonar-properties: |
            # Required metadata

            # Source

            # Language

            # Encoding

            # Unit tests

            # Inclusions

            # Exclusions

- project:
    name: ta-caas-install-arm64
    project: ta/caas-install
    project-name: ta-caas-install-arm64
      - merge
      - verify
    build-node: aarch64_dev
    gerrit-skip-vote: true
    arch: arm64
    stream: master
      - akraino-project-stream-type-ta

1 Comment

  1. I have two questions, Eric.

    1. To use SonarCloud I believe the property sonar.login is required. Please include that above if I understand that correctly.
    2. I see the other LF-defined sonar job template with "-prescan", here that probably would allow a builder which generates unit-test coverage stats to file coverage.xml? An example of that would be extremely helpful.

    Thanks in advance.