SonarQube CLI Skill

This skill centers on scripts/scan_branch.py — a Python orchestrator that runs a full SonarQube analysis on a branch and reports the quality gate. For single-file checks, secrets scanning, and direct API calls, it wraps the sonar CLI (v0.9.0, Beta).

CRITICAL — Credential checks (run before ANY command)

Before running scripts/scan_branch.py or sonar-scanner, verify SONAR_HOST_URL and SONAR_TOKEN are set without reading their values:

[ -n "${SONAR_HOST_URL}" ] && echo "SONAR_HOST_URL set" || echo "SONAR_HOST_URL MISSING"
[ -n "${SONAR_TOKEN}" ]    && echo "SONAR_TOKEN set"    || echo "SONAR_TOKEN MISSING"

Before running sonar CLI commands, verify authentication:

sonar --version
sonar auth status