SQRP-122 Reference SonarQube Community Build (#61)

Author: anita-stanisz-sonarsource

README.md

@@ -1,16 +1,21 @@
-# SonarQube Server Quality Gate check [![QA](https://github.com/SonarSource/sonarqube-quality-gate-action/actions/workflows/run-qa.yml/badge.svg)](https://github.com/SonarSource/sonarqube-quality-gate-action/actions/workflows/run-qa.yml)
+# SonarQube Quality Gate check [![QA](https://github.com/SonarSource/sonarqube-quality-gate-action/actions/workflows/run-qa.yml/badge.svg)](https://github.com/SonarSource/sonarqube-quality-gate-action/actions/workflows/run-qa.yml)
 
-Check the Quality Gate of your code with [SonarQube Server](https://www.sonarsource.com/products/sonarqube/) to ensure your code meets your own quality standards before you release or deploy new features.
+Check the Quality Gate of your code with [SonarQube Server](https://www.sonarsource.com/products/sonarqube/) or [SonarQube Community Build](https://www.sonarsource.com/open-source-editions/sonarqube-community-edition/) to ensure your code meets your own quality standards before you release or deploy new features.
 
-<img src="./images/SonarQubeServer.png">
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./images/SonarQube_dark.png">
+  <img alt="Logo" src="./images/SonarQube_light.png">
+</picture>
 
-SonarQube Server is the leading product for Continuous Code Quality & Code Security. It supports most popular programming languages, including Java, JavaScript, TypeScript, C#, Python, C, C++, and many more.
+[SonarQube Server](https://www.sonarsource.com/products/sonarqube/) and [SonarQube Community Build](https://www.sonarsource.com/open-source-editions/sonarqube-community-edition/) are widely used static analysis solutions for continuous code quality and security inspection.
+
+They help developers detect coding issues in 30+ languages, frameworks, and IaC platforms, including Java, JavaScript, TypeScript, C#, Python, C, C++, and [many more](https://www.sonarsource.com/knowledge/languages/).
 
 ## Requirements
 
 A previous step must have run an analysis on your code.
 
-Read more information on how to analyze your code [here](https://docs.sonarqube.org/latest/analysis/github-integration/)
+Read more information on how to analyze your code for SonarQube Server [here](https://docs.sonarsource.com/sonarqube-server/latest/devops-platform-integration/github-integration/introduction/) and for SonarQube Community Build [here](https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/github-integration/introduction/)
 
 ## Usage
 
@@ -36,14 +41,14 @@ jobs:
           fetch-depth: 0
 
       # Triggering SonarQube analysis as results of it are required by Quality Gate check.
-      - name: SonarQube Server Scan
+      - name: SonarQube Scan
         uses: sonarsource/sonarqube-scan-action@master
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
 
       # Check the Quality Gate status.
-      - name: SonarQube Server Quality Gate check
+      - name: SonarQube Quality Gate check
         id: sonarqube-quality-gate-check
         uses: sonarsource/sonarqube-quality-gate-action@master
         with:
@@ -54,13 +59,13 @@ jobs:
 
       # Optionally you can use the output from the Quality Gate in another step.
       # The possible outputs of the `quality-gate-status` variable are `PASSED`, `WARN` or `FAILED`.
-      - name: "Example show SonarQube Server Quality Gate Status value"
+      - name: "Example show SonarQube Quality Gate Status value"
         run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}"
 ```
 
 Make sure to set up `pollingTimeoutSec` property in your step, to avoid wasting action minutes per month (see above example). If not provided, the default value of 300s is applied.
 
-When using this action with [sonarsource/sonarqube-scan](https://github.com/SonarSource/sonarqube-scan-action) action or with [C/C++ code analysis](https://docs.sonarqube.org/latest/analysis/languages/cfamily/) you don't have to provide `scanMetadataReportFile` input, otherwise you should alter the location of it.
+When using this action with [sonarsource/sonarqube-scan](https://github.com/SonarSource/sonarqube-scan-action) action or with [C/C++ code analysis](https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/languages/c-family/overview/) (available only for SonarQube Server) you don't have to provide `scanMetadataReportFile` input, otherwise you should alter the location of it.
 
 Typically, report metadata file for different scanners can vary and can be located in:
 
@@ -71,19 +76,19 @@ Typically, report metadata file for different scanners can vary and can be locat
 Example usage:
 
 ```yaml
-- name: SonarQube Server Quality Gate check
+- name: SonarQube Quality Gate check
   uses: sonarsource/sonarqube-quality-gate-action@master
   with:
     scanMetadataReportFile: target/sonar/report-task.txt
 ```
 
 ### Environment variables
 
-- `SONAR_TOKEN` – **Required** this is the token used to authenticate access to SonarQube Server. You can read more about security tokens [here](https://docs.sonarqube.org/latest/user-guide/user-token/). You can set the `SONAR_TOKEN` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
+- `SONAR_TOKEN` – **Required** this is the token used to authenticate access to SonarQube. You can read more about security tokens [here](https://docs.sonarqube.org/latest/user-guide/user-token/). You can set the `SONAR_TOKEN` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
 
-- `SONAR_HOST_URL` – **Optional** this tells the scanner where SonarQube Server is hosted, otherwise it will get the one from the scan report. You can set the `SONAR_HOST_URL` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
+- `SONAR_HOST_URL` – **Optional** this tells the scanner where SonarQube is hosted, otherwise it will get the one from the scan report. You can set the `SONAR_HOST_URL` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
 
-- `SONAR_ROOT_CERT` – Holds an additional root certificate (in PEM format) that is used to validate the SonarQube Server certificate. You can set the `SONAR_ROOT_CERT` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
+- `SONAR_ROOT_CERT` – Holds an additional root certificate (in PEM format) that is used to validate the SonarQube certificate. You can set the `SONAR_ROOT_CERT` environment variable in the "Secrets" settings page of your repository, or you can add them at the level of your GitHub organization (recommended).
 
 ## Quality Gate check run
 

action.yml

@@ -17,7 +17,7 @@ inputs:
     required: false
     default: .scannerwork/report-task.txt
   pollingTimeoutSec:
-    description: "The maximum time (in seconds) to poll for SonarQube Server's Quality Gate status. Default: 300."
+    description: "The maximum time (in seconds) to poll for SonarQube's Quality Gate status. Default: 300."
     required: false
     default: "300"
 outputs:

images/SonarQubeServer.png

@@ -55,7 +55,7 @@ done
 printf '\n'
 
 if [[ ${status} == "PENDING" || ${status} == "IN_PROGRESS" ]] && [[ ${SECONDS} -ge ${endTime} ]]; then
-    echo "Polling timeout reached for waiting for finishing of the Sonar scan! Aborting the check for SonarQube Server's Quality Gate."
+    echo "Polling timeout reached for waiting for finishing of the Sonar scan! Aborting the check for SonarQube's Quality Gate."
     exit 1
 fi
 
@@ -77,6 +77,6 @@ elif [[ ${qualityGateStatus} == "ERROR" ]]; then
    fail "Quality Gate has FAILED.${reset}\n\n${analysisResultMsg}"
 else
    set_output "quality-gate-status" "FAILED"
-   fail "Quality Gate not set for the project. Please configure the Quality Gate in SonarQube Server or remove sonarqube-quality-gate action from the workflow."
+   fail "Quality Gate not set for the project. Please configure the Quality Gate in SonarQube or remove sonarqube-quality-gate action from the workflow."
 fi
 

images/SonarQube_dark.png

@@ -102,7 +102,7 @@ teardown() {
 
   [ "$status" -eq 1 ]
   [[ "${github_out_actual}" = "quality-gate-status=FAILED" ]]
-  [[ "$output" = *"Quality Gate not set for the project. Please configure the Quality Gate in SonarQube Server or remove sonarqube-quality-gate action from the workflow."* ]]
+  [[ "$output" = *"Quality Gate not set for the project. Please configure the Quality Gate in SonarQube or remove sonarqube-quality-gate action from the workflow."* ]]
 }
 
 @test "fail when polling timeout is reached" {
@@ -119,7 +119,7 @@ teardown() {
   run script/check-quality-gate.sh metadata_tmp 5
 
   [ "$status" -eq 1 ]
-  [[ "$output" = *"Polling timeout reached for waiting for finishing of the Sonar scan! Aborting the check for SonarQube Server's Quality Gate."* ]]
+  [[ "$output" = *"Polling timeout reached for waiting for finishing of the Sonar scan! Aborting the check for SonarQube's Quality Gate."* ]]
 }
 
 @test "fail when Quality Gate status WARN" {