🔧

SonarQube Integration with Python and GitLab CI

Jul 10, 2025

View transcript

Overview

The lecture explains how to integrate SonarQube with a Python project using GitLab CI, hosted on a DigitalOcean Ubuntu droplet, covering setup steps, configuration, and successful pipeline execution.

Setting Up the Environment

  • Use a DigitalOcean Ubuntu droplet to host the pipeline.
  • Install GitLab Runner using commands from the official GitLab Runner repository.
  • Register the GitLab Runner with the repository URL and registration token found in GitLab Settings under CI/CD.
  • Assign a description, tags, and select 'shell' executor when registering the runner.
  • Enable the runner to pick jobs without tags in runner settings.

Installing Required Software

  • Update the Ubuntu system packages.
  • Install Python and verify its installation using python --version.
  • Install Python pip for package management.
  • Download and unzip the SonarQube Scanner package.
  • Edit sonar-scanner.properties to configure necessary properties.
  • Create a script to set up environment variables for SonarQube Scanner and use source to load them.
  • Verify SonarQube Scanner installation with sonar-scanner -v.

Repository and Configuration Setup

  • Create sonar-project.properties in the repository and set sonar.projectKey for the project.
  • Add necessary variables in GitLab repository Settings → CI/CD:
    • SONAR_HOST_URL with your SonarQube URL
    • SONAR_LOGIN (username)
    • SONAR_PASSWORD
      (Remove 'protected' flag for all variables.)

GitLab CI Pipeline Creation

  • Create .gitlab-ci.yml in the repository.
  • Set variables and use python:3.7 as the Docker image.
  • Add steps in the pipeline for static analysis and testing (including install commands and running SonarQube Scanner).
  • Commit changes to trigger the pipeline.

Verification and SonarQube Results

  • Check pipeline jobs for successful completion in GitLab CI.
  • Refresh SonarQube dashboard to confirm the project appears with a 'Quality Gate PASSED' status.

Key Terms & Definitions

  • SonarQube — a tool for continuous inspection of code quality and security.
  • GitLab Runner — an agent that runs CI/CD jobs for GitLab projects.
  • CI/CD — Continuous Integration/Continuous Deployment, automating code building and testing.
  • SonarQube Scanner — a command-line tool to analyze source code and send results to SonarQube.

Action Items / Next Steps

  • Ensure all required packages, GitLab Runner, Python, and SonarQube Scanner are installed.
  • Configure GitLab CI variables as described.
  • Monitor your project's analysis results in the SonarQube dashboard after each pipeline run.

Full transcript