Skip to content

Add update-sonarqube job#2243

Open
JunAr7112 wants to merge 1 commit intoNVIDIA:mainfrom
JunAr7112:add_sonarqube
Open

Add update-sonarqube job#2243
JunAr7112 wants to merge 1 commit intoNVIDIA:mainfrom
JunAr7112:add_sonarqube

Conversation

@JunAr7112
Copy link
Copy Markdown
Contributor

@JunAr7112 JunAr7112 commented Mar 23, 2026

Description

This change creates a job to update sonarqube for the gpu-operator repository. It will only run on the main branch to ensure the sonarqube version is up to date. It will use the sonarsource/sonar-scanner-cli:11 image.

Checklist

  • No secrets, sensitive information, or unrelated changes
  • Lint checks passing (make lint)
  • Generated assets in-sync (make validate-generated-assets)
  • Go mod artifacts in-sync (make validate-modules)
  • Test cases are added for new code paths

Testing

Pipeline was tested manually on Gitlab test branch; verified that sonarqube report was being generated online.

@copy-pr-bot
Copy link
Copy Markdown

copy-pr-bot bot commented Mar 23, 2026

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@rajathagasthya
Copy link
Copy Markdown
Contributor

rajathagasthya commented Apr 3, 2026

/ok-to-test e40dbb5

rajathagasthya
rajathagasthya reviewed Apr 3, 2026
View reviewed changes
@JunAr7112
Add update-sonarqube job
37110b0 
Signed-off-by: Arjun <agadiyar@nvidia.com>
cdesiniotis
cdesiniotis reviewed Apr 6, 2026
View reviewed changes
.nvidia-ci.yml
- if: $CI_COMMIT_BRANCH == 'main'
allow_failure: true
script:
- sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.projectKey=gpu-operator -Dsonar.projectName=gpu-operator -Dsonar.sources=.
Copy link
Copy Markdown
Contributor

@cdesiniotis cdesiniotis Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does this do exactly? Is this performing a static analysis scan and uploading the results somewhere? What commit SHA is SonarQube scanning?

With prior static analysis tools, we were able to schedule regular scans without having to add jobs to our CI. Can we do that with SonarQube and avoid having to add CI changes to all of our repositories?

Copy link
Copy Markdown
Contributor Author

@JunAr7112 JunAr7112 Apr 6, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes this is performing the scan and updating the sonar gpu-operator dashboard with the results. Unfortunately, the SonarQube dashboard does not provide a way to schedule regular scans; we need to trigger with CI/CD. I can try to see if I can move the scan command into the pre-existing NSPECT job if that is preferred.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rajathagasthya rajathagasthya rajathagasthya approved these changes

@cdesiniotis cdesiniotis cdesiniotis left review comments

@karthikvetrivel karthikvetrivel Awaiting requested review from karthikvetrivel karthikvetrivel is a code owner

@rahulait rahulait Awaiting requested review from rahulait rahulait is a code owner

@shivamerla shivamerla Awaiting requested review from shivamerla shivamerla is a code owner

@tariq1890 tariq1890 Awaiting requested review from tariq1890 tariq1890 is a code owner

Assignees

@JunAr7112 JunAr7112

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JunAr7112 @rajathagasthya @cdesiniotis