sfdx-codescan-plugin
Advanced tools
Run CodeScan or SonarQube jobs from sfdx
$ npm install -g sfdx-codescan-plugin
$ sfdx COMMAND
running command...
$ sfdx (-v|--version|version)
sfdx-codescan-plugin/1.0.2 linux-x64 node-v8.11.3
$ sfdx --help [COMMAND]
USAGE
$ sfdx COMMAND
...
sfdx codescan:run [name=value...] [-s <string>] [-o <string>] [-k <string>] [-t <string>] [-u <string>] [-p <string>] [--noqualitygate] [--javahome <string>] [--nofail] [--qgtimeout <integer>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]runs a SonarQube analysis
USAGE
$ sfdx codescan:run [name=value...] [-s <string>] [-o <string>] [-k <string>] [-t <string>] [-u <string>] [-p
<string>] [--noqualitygate] [--javahome <string>] [--nofail] [--qgtimeout <integer>] [--json] [--loglevel
trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]
OPTIONS
-k, --projectkey=projectkey sonar.projectKey - the project key
to create
-o, --organization=organization CodeScan Organization Id. Only
required when connecting to CodeScan
Cloud
-p, --password=password SonarQube password (token is
preferred)
-s, --server=server SonarQube server. Defaults to
CodeScan Cloud
(https://app.codescan.io)
-t, --token=token SonarQube token (preferred)
-u, --username=username SonarQube username (token is
preferred)
--javahome=javahome JAVA_HOME to use
--json format output as json
--loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for
this command invocation
--nofail Don't fail if sonar-scanner fails
--noqualitygate Don't wait until the SonarQube
background task is finished and
return the build Quality Gate
--qgtimeout=qgtimeout Timeout in seconds to wait for
Quality Gate to complete (default
300)
EXAMPLES
$ sfdx codescan:run --token <token> --projectkey my-project-key --organization my-org-key
$ sfdx codescan:run --token <token> --projectkey my-project-key --organization my-org-key -Dsonar.verbose=true
-D can be used for passing any sonar-scanner definition
-X will be passed as a jvm arg
$ sfdx codescan:run ... -X
Verbose output
See code: src/commands/codescan/run.ts
We recommend using the Visual Studio Code (VS Code) IDE for your plugin development. Included in the .vscode directory of this plugin is a launch.json config file, which allows you to attach a debugger to the node process when running your commands.
To debug the hello:org command:
If you linked your plugin to the sfdx cli, call your command with the dev-suspend switch:
$ sfdx hello:org -u myOrg@example.com --dev-suspend
Alternatively, to call your command using the bin/run script, set the NODE_OPTIONS environment variable to --inspect-brk when starting the debugger:
$ NODE_OPTIONS=--inspect-brk bin/run hello:org -u myOrg@example.com
FAQs
Run CodeScan or SonarQube jobs from sfdx
The npm package sfdx-codescan-plugin receives a total of 541 weekly downloads. As such, sfdx-codescan-plugin popularity was classified as not popular.
We found that sfdx-codescan-plugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.