Sonar Cloud

sonarcloud-logo
Namesonarcloud
StatusDelivered
Linksonarcloud.io
TopicsSecurity, Quality
LanguagesJava, Javascript, C#

SonarCloud is a service operated by SonarSource, the company that develops and promotes open-source code quality products SonarQube and SonarLint; SonarSource provides SonarCloud for open source projects, free of charge.

Below are some of the most important features used by Foundation projects:

  1. Integration with CI environments
  2. Measures test coverage
  3. Scans code for security vulnerabilities
  4. Scans code for bad practices (duplicated logic, debts and code smells)
  5. Scans code for bugs
sonarcloud-dashboard

Request access

Sign into sonarcloud.io and register your Github project.

Build configuration

There are different ways to enable Sonar in your project, follow the Getting Started guide to know more.

You can configure a SonarCloud badge by adding the following syntax at the top of your README.md:

[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=<group-id>%3A<artifact-id>&metric=alert_status)](https://sonarcloud.io/dashboard?id=&lt;group-id&gt;%3A&lt;artifact-id>)

From the Account > Security menu of SonarCloud dashboard, you'll be able to generate the token that needs to be passed as SONAR_TOKEN environment variable.