how to use the plugin in Bitbucket pipeline to generate the report? (SonarQube version: 25.2.0.102705)

[JesusGarce22]

how to use the plugin in Bitbucket pipeline to generate the report?

[DooGer1]

Using sonar-cnes-report in Bitbucket Pipelines

To generate a report using sonar-cnes-report in a Bitbucket Pipeline, follow these steps:

1. Run SonarQube Analysis

Before generating a report, ensure that SonarQube analysis is performed.

image: maven:3.8.6-openjdk-11

pipelines:
  default:
    - step:
        name: SonarQube Analysis
        services:
          - docker
        script:
          - echo "Running SonarQube scan..."
          - mvn sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN

2. Install sonar-cnes-report and Generate Report

After SonarQube analysis is complete, install sonar-cnes-report and generate the report.

image: node:18

pipelines:
  default:
    - step:
        name: SonarQube Analysis
        services:
          - docker
        script:
          - echo "Running SonarQube scan..."
          - mvn sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN

    - step:
        name: Generate Sonar Report
        image: python:3.9
        script:
          - echo "Installing sonar-cnes-report..."
          - pip install sonar-cnes-report
          - echo "Generating report..."
          - sonar-cnes-report -s $SONAR_HOST_URL -t $SONAR_TOKEN -p my_project_key -f html,json
          - ls -l
          - echo "Uploading report as artifact..."
        artifacts:
          - cnes-report/*.html
          - cnes-report/*.json

3. Configure Environment Variables

Ensure the following environment variables are set in Bitbucket Repository Settings → Repository variables:

• SONAR_HOST_URL → URL of your SonarQube server (e.g., https://sonar.mycompany.com)
• SONAR_TOKEN → Authentication token for SonarQube
• my_project_key → SonarQube project key

4. Expected Outcome

• Runs SonarQube analysis
• Installs sonar-cnes-report
• Generates reports in HTML and JSON
• Saves the reports as artifacts in Bitbucket Pipelines

Now, you can download the reports from the Bitbucket Pipelines UI.

[JesusGarce22]

The pipeline show me this problem

[DooGer1]

Fixing "Could not find a version that satisfies the requirement sonar-cnes-report" in Bitbucket Pipelines

If your Bitbucket Pipeline shows the error:

ERROR: Could not find a version that satisfies the requirement sonar-cnes-report
ERROR: No matching distribution found for sonar-cnes-report

It means that sonar-cnes-report is not available on PyPI and needs to be manually downloaded.

🔹 Possible Causes & Solutions

1️⃣ Package is Not on PyPI

The sonar-cnes-report tool is a standalone CLI tool available on GitHub, not a Python package.

✅ Solution: Download and execute it manually:

wget https://github.com/cnescatlab/sonar-cnes-report/releases/latest/download/sonar-cnes-report.jar

Then, run the tool using:

java -jar sonar-cnes-report.jar -s $SONAR_HOST_URL -t $SONAR_TOKEN -p my_project_key -f html,json

2️⃣ Python Version Compatibility

If you still need pip install, first verify your Python version in the pipeline:

python --version

sonar-cnes-report might not support older versions.

✅ Solution: Upgrade Python in the Bitbucket pipeline:

image: python:3.9

3️⃣ Check for Private Index (Custom Repository)

If your company has a private PyPI repository, sonar-cnes-report might be hosted there.

✅ Solution: Try installing from an alternative repository:

pip install --index-url=https://your-private-repo/simple sonar-cnes-report

🔹 Final Working Bitbucket Pipeline Example

Here’s how you can correctly integrate sonar-cnes-report in Bitbucket Pipelines:

image: openjdk:11

pipelines:
default:
- step:
name: SonarQube Analysis
script:
- echo "Running SonarQube scan..."
- mvn sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN

- step:
    name: Generate Sonar Report
    script:
      - echo "Downloading sonar-cnes-report..."
      - wget https://github.com/cnescatlab/sonar-cnes-report/releases/latest/download/sonar-cnes-report.jar
      - echo "Generating Sonar Report..."
      - java -jar sonar-cnes-report.jar -s $SONAR_HOST_URL -t $SONAR_TOKEN -p my_project_key -f html,json
    artifacts:
      - sonar-cnes-report/*.html
      - sonar-cnes-report/*.json

✅ Key Takeaways

🚫 You can't install sonar-cnes-report via pip.

📥 Download the .jar file instead and run it using java -jar.

🛠 Ensure your pipeline has Java installed.

🔍 If needed, check for a private PyPI repository.

[JesusGarce22]

I have this problem This SonarQube version is not supported by this cnesreport version.

SonarQube URL: https://sonarqube.xxxx-apps.net/
SonarQube online: true
Detected SonarQube version: 25.2.0.102705
[WARNING] This SonarQube version is not supported by this cnesreport version.
[WARNING] For further information, please refer to the compatibility matrix on the project GitHub page.

This is the pipeline step

    - step: &report-step
        name: Generate Sonar Report
        image: openjdk:17-slim
        script:
          - apt-get update
          - apt-get install -y wget
          - echo "Downloading sonar-cnes-report..."
          - wget -O sonar-cnes-report.jar https://github.com/cnescatlab/sonar-cnes-report/releases/download/5.0.1/sonar-cnes-report-5.0.1.jar
          - ls -l
          - java -version
          - echo "Generating Sonar Report..."
          - java -jar sonar-cnes-report.jar -s ${SONAR_HOST_URL} -t ${SONAR_TOKEN} -p ${SONAR_PROJECT_KEY} -f html,json
        artifacts:
          - sonar-cnes-report/*.html
          - sonar-cnes-report/*.json

[DooGer1]

Find the latest release that supports SonarQube 25.x.

[JesusGarce22]

I am using version 5.0.1 but the warning persists.

this command download the last version

- wget -O sonar-cnes-report.jar https://github.com/cnescatlab/sonar-cnes-report/releases/download/5.0.1/sonar-cnes-report-5.0.1.jar 

warning

[WARNING] This SonarQube version is not supported by this cnesreport version.
[WARNING] For further information, please refer to the compatibility matrix on the project GitHub page.

artifacts are also not generated