Integrating SonarQube into GitLab CI

How to use SonarScanner CLI.

This post is also available on my blog.

This is an example of how you can use the SonarScanner CLI. For example, if you want to scan a PHP application. There are also alternatives: Gradle & Maven.

Create a file called sonar-project.properties inside of your repository root. As stated in the SonarQube GitLab CI documentation.

Add a SonarQube stage to yourgitlab-ci.yml file. I configured it to only run on the Git master branch. Because I’m using the SonarQube CommunityEdition — which only supports analyzing one branch per repository.

Add the following variables via the GitLab CI UI. Keep in mind not to commit any credentials to your Git repository.

  1. Go to Settings > CI / CD
  2. Expand Variables
Setting GitLab CI variables

SONAR_HOST_URL :

SONAR_HOST_URL configuration

SONAR_TOKEN :

First off, we need a token. To get one, log into you Sonar instance and create a new one:

  1. Go to My Account
  2. Click the Security tab
  3. Enter a token name, and click Generate
  4. Copy the generated token
SONAR_TOKEN configuration

Now your project will show up in SonarQube after the first GitLab CI pipeline run.

PHP Software & DevOps Engineer. Moved to https://thoeny.dev