This CDK construct creates an AWS Codebuild action to perform static code analysis using Sonarcloud.
Here is how to include the construct in your CDK code :
const sonarcloudScan = new CDKCodeBuildSonarcloud(this, 'SonarcloudBuildAction', {
sourceOutput: sourceOutput,
sonarOrganizationName: 'my-sonarcloud-organization-name',
sonarProjectName: 'my-sonarcloud-project-name',
});Check Here for an example on how to use the construct.
A Sonarcloud account is required to use this construct. Create a Sonarcloud token to connect securely to Sonarcloud from AWS CodeBuild. Store this token in your AWS account in AWS Secret Manager, name the secret "sonar-token" and use "SONAR_TOKEN" as the secret key.
Please review the AWS Secret Manager security best practices in order to securely create and manage your secret.