SonarQube Integration for Python Project Using Gitlab CI

In this article we are going to cover SonarQube Integration for Python Project using GitLab CI/CD. SonarQube is a popular tool for automating code quality checks and static analysis. Integrating SonarQube into a Continuous Integration/Continuous Deployment (CI/CD) pipeline enables developers to identify and address issues early in the development lifecycle. This article will guide you through the process of integrating SonarQube with a Python project using GitLab CI/CD.

Prerequisites

  • Ubuntu Server 24.04 LTS
  • Basic knowledge of SonarQube and GitLab.

Step #1:Install Gitlab Runner on Ubuntu 24.04 LTS

Add the official GitLab repository.

curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | sudo bash

To install the latest version of GitLab Runner First update the package list.

sudo apt update

Install the gitlab-runner.

sudo apt install gitlab-runner

Now next we are going to register a runner.

sudo gitlab-runner register

Step #2:Install Python and pip

Install the python.

sudo apt install python3

Verify the python installation by checking its version.

python3 --version

Next install the pip.

sudo apt install python3-pip

Verify the pip installation by checking its version.

pip3 --version

Step #3:Download the SonarQube Scanner

Make a directory.

mkdir /downloads/sonarqube -p

navigate to that directory.

cd /downloads/sonarqube

Download the sonar scanner using wget command.

wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.8.0.2856-linux.zip

Install the unzip if you don’t have it.

sudo apt install unzip

And unzip the sonar scanner binary.

sudo unzip sonar-scanner-cli-4.8.0.2856-linux.zip

Then move it to /opt directory.

sudo mv sonar-scanner-cli-4.8.0.2856-linux /opt/sonar-scanner

Next edit the sonar-scanner.properties file using following command

vi /opt/sonar-scanner/conf/sonar-scanner.properties

uncomment the lines present in following sections.

#----- Default sonarqube server
sonar.host.url=http://localhost:9000

#----- Default source code encoding
sonar .sourceEncoding=UTF -8

Create a file to automate the required environment variable configuration

vi /etc/profile.d/sonar-scanner.sh

add the following lines in the file.

#/bin/bash
export PATH="$PATH:/opt/sonar-scanner/bin"

Then use the source command to add the sonar scanner command to the PATH variable.

source /etc/profile.d/sonar-scanner.sh

You can verify it by checking its version

sonar-scanner -v

Now in repository create a file named sonar-scanner.properties and add the following lines into it


sonar.projectKey=devopshint_pythonproject
sonar.qualitygate.wait=true

Add variables in your GitLab repository.

SONAR_HOST_URL
SONAR_LOGIN
SONAR_PASSWORD

Next create a .gitlab-ci.yml file in your Gitlab project.

variables:
    SONARQUBE_ARGUMENTS_PREVIEW: -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.password=$SONAR_PASSWORD --stacktrace -Dsonar.analysis.mode=preview -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
    STAGE_ID: ${CI_PROJECT_NAME}_${CI_BUILD_REF_NAME}_${CI_JOB_NAME}_${CI_JOB_ID}
 
image: "python:3.7"
 
before_script:
  - python --version
  - python -c 'import struct;print( 8 * struct.calcsize("P"))'
  - pip install --upgrade pip
  - pip install --upgrade setuptools
  - pip install pytest
  
 
stages:
  - Static Analysis
  - Test
 
mypy:
  stage: Static Analysis
  script:
  - python -m pip install mypy
  - pwd
  - ls -l
 
 
flake8:
  stage: Static Analysis
  script:
  - python -m pip install flake8
 
 
pylint:
  stage: Static Analysis
  script:
  - pip install pylint
 
test:
  stage: Test
  script:
  - pwd
  - ls -l
  - export PYTHONPATH="$PYTHONPATH:."
  - python -c "import sys;print(sys.path)"
  - sonar-scanner -X -Dsonar.sources=. -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.password=$SONAR_PASSWORD

Conclusion:

In conclusion, by following the steps outlined in this article, you have successfully integrated SonarQube into your Python project using GitLab CI/CD. This setup not only streamlines the static analysis process but also ensures that your code meets high-quality standards as part of your CI/CD pipeline. Regularly analyzing your code with SonarQube helps in identifying potential vulnerabilities, improving maintainability, and enhancing overall project health.

Related Articles:

GitLab CI/CD Tutorial [25 Practical Articles]

Reference:

SonarQube GitLab integration official page

Prasad Hole

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Copy link
Powered by Social Snap