Run CodeScan or SonarQube jobs from sfdx
npm install sfdx-codescan-pluginsfdx-codescan-plugin
=============
Run CodeScan or SonarQube jobs from sfdx
sfdx plugins:install sfdx-codescan-plugin.y to continue.sfdx plugins.sfdx help codescan:run to view a list of parameters and flags.
$ sfdx codescan:run [name=value...] [-s ] [-o ] [-k ] [-t ] [-u ] [-p
] [--noqualitygate] [--javahome ] [--nofail] [--qgtimeout ] [--json] [--loglevel
trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]OPTIONS
-k, --projectkey=projectkey sonar.projectKey - the project key
to create.
-o, --organization=organization CodeScan Organization Id. Only
required when connecting to CodeScan
Cloud
-p, --password=password SonarQube password (token is
preferred)
-s, --server=server SonarQube server. Defaults to
CodeScan Cloud
(https://app.codescan.io)
-t, --token=token SonarQube token (preferred)
-u, --username=username SonarQube username (token is
preferred)
--javahome=javahome JAVA_HOME to use
--json format output as json
--loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for
this command invocation
--nofail Don't fail if sonar-scanner fails
--noqualitygate Don't wait until the SonarQube
background task is finished and
return the build Quality Gate
--qgtimeout=qgtimeout Timeout in seconds to wait for
Quality Gate to complete (default
300)
Examples
$ sfdx codescan:run --token --projectkey my-project-key --organization my-org-key
$ sfdx codescan:run --token --projectkey my-project-key --organization my-org-key -Dsonar.verbose=true
-D can be used for passing any sonar-scanner definition
-X will be passed as a jvm arg
$ sfdx codescan:run ... -X
Verbose output