Open
Conversation
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
Comment on lines
+31
to
+34
| - name: Official SonarQube Scan | ||
| # You may pin to the exact commit or the version. | ||
| # uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 | ||
| uses: SonarSource/sonarqube-scan-action@v7.0.0 |
Contributor
There was a problem hiding this comment.
🔴 SonarQube scan step missing required SONAR_HOST_URL and SONAR_TOKEN configuration
The SonarSource/sonarqube-scan-action@v7.0.0 requires SONAR_HOST_URL and SONAR_TOKEN to be set as environment variables (typically from GitHub secrets). Neither is configured in this step via env: block. There is also no sonar-project.properties file in the repository to provide the host URL. Without these, the action will fail at runtime, and since continue-on-error is not set, this will cause the entire CI build to fail on every push/PR to main.
Prompt for agents
In .github/workflows/maven.yml, the SonarQube scan step (lines 31-34) needs required configuration. At minimum:
1. Add an `env:` block to the step with SONAR_HOST_URL and SONAR_TOKEN from GitHub secrets:
- name: Official SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v7.0.0
env:
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
2. Create a sonar-project.properties file in the repository root with at least:
sonar.projectKey=<your-project-key>
3. Alternatively, pass the project key via the `args` input of the action.
4. Make sure the corresponding secrets (SONAR_HOST_URL and SONAR_TOKEN) are configured in the GitHub repository settings.
Was this helpful? React with 👍 or 👎 to provide feedback.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.