Sonar Scanner for the Python Ecosystem
Project description
pysonar
A Python scanner for SonarQube, available on PyPI.
Requirements
- SonarQube v10.6 or above
- Python 3.9 or above
Installation
Install with pip:
pip install pysonar
Usage
Once installed, the pysonar scanner can be run from the command line to perform an analysis.
It assumes a running SonarQube server or a project configured on SonarCloud.
Setting up analysis properties
In order for the analysis to run, analysis properties need to be defined. There are multiple ways of providing these properties, described below in descending order of priority:
- Through CLI arguments to the
pysonarcommand - Environment variables for individual properties (e.g.
SONAR_TOKEN,SONAR_VERBOSE,SONAR_HOST_URL, ...) - Generic environment variable
SONAR_SCANNER_JSON_PARAMS - Under the
[tool.sonar]key of thepyproject.tomlfile - In a dedicated
sonar-project.propertiesfile - Through common properties extracted from the
pyproject.toml
Through CLI arguments
Analysis properties can be provided as CLI arguments to the pysonar command.
They can be provided in a similar way as when running the SonarScanner CLI directly
(see documentation).
This means that analysis properties provided that way should be prepended with -D, for instance:
$ pysonar -Dsonar.token=myAuthenticationToken
You can use all the arguments allowed by SonarScanner. For more information on SonarScanner please refer to the SonarScanner documentation.
Additionally, some common properties can be provided using a shorter alias, such as:
pysonar --token "MyToken"
See CLI_ARGS for more details.
With a pyproject.toml file
Inside a pyproject.toml, Sonar analysis properties can be defined under the tool.sonar table.
[tool.sonar]
# must be unique in a given SonarQube/SonarCloud instance
projectKey=my:project
# --- optional properties ---
# defaults to project key
#projectName=My project
# defaults to 'not provided'
#projectVersion=1.0
# Path is relative to the pyproject.toml file. Defaults to .
#sources=.
# Encoding of the source code. Default is default system encoding
#sourceEncoding=UTF-8
The configuration parameters can be found in the SonarQube documentation.
In the pyproject.toml file the prefix sonar. for parameter keys should be omitted.
For example, sonar.scm.provider in the documentation will become scm.provider in the pyproject.toml file.
Properties in pyproject.toml files are expected to be provided in camel case. However, kebab case is also accepted:
[tool.sonar]
project-key=My Project key # valid alias for projectKey
By default, the scanner will expect the pyproject.toml file to be present in the current directory. However, its path can be provided manually through the toml-path CLI argument as well as through the sonar.projectBaseDir argument. For instance:
pysonar --toml-path "path/to/pyproject.toml"
Or:
pysonar --sonar-project-base-dir "path/to/projectBaseDir"
Or:
pysonar -Dsonar.projectBaseDir="path/to/projectBaseDir"
Through project properties extracted from the pyproject.toml
When a pyproject.toml file is available, the scanner can deduce analysis properties from the project configuration. This is currently supported only for projects using poetry.
With a sonar-project.properties file
Exactly like SonarScanner,
the analysis can also be configured with a sonar-project.properties file:
# must be unique in a given SonarQube/SonarCloud instance
sonar.projectKey=my:project
# --- optional properties ---
# defaults to project key
#sonar.projectName=My project
# defaults to 'not provided'
#sonar.projectVersion=1.0
# Path is relative to the sonar-project.properties file. Defaults to .
#sonar.sources=.
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8
Through environment variables
It is also possible to configure the scanner through environment variables:
$ export SONAR_HOST_URL="http://localhost:9000"
$ pysonar
See the SonarScanner documentation for more information.
Feedback
For feedback and issues regarding pysonar, do not hesitate to contact us through our Community.
Installation from testPyPI
To install the latest pre-released version of Sonar Scanner Python. Execute the following command:
pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple/ pysonar
License
Copyright 2011-2025 SonarSource.
Licensed under the GNU Lesser General Public License, Version 3.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pysonar-1.1.0.2035.tar.gz.
File metadata
- Download URL: pysonar-1.1.0.2035.tar.gz
- Upload date:
- Size: 26.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
39bde087aa5e72e8ebaf44f46c7ea69e8b1539f9d9101cba3964656d3e2fccc1
|
|
| MD5 |
1e1b22cdf462041e0bfbd7b526eb8b59
|
|
| BLAKE2b-256 |
519b95f7300bb4cda5adf8db2c61eb17b86be60195b957612ad0233f596f283d
|
File details
Details for the file pysonar-1.1.0.2035-py3-none-any.whl.
File metadata
- Download URL: pysonar-1.1.0.2035-py3-none-any.whl
- Upload date:
- Size: 39.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
91b30c50d5f06565551218c7a17c076feebd0b0391edc4dbbce97d497b906a55
|
|
| MD5 |
a0d60f836b83a882697c3b95a478051f
|
|
| BLAKE2b-256 |
300328972e52a4e531d64ccb6c0540ceb0508991c9ba0cf2b28ba3b27487eaa2
|
