Instead of excluding or ignore rules in sonar's property file, I'd like to have only a few certain rules for sonar to analyse, so I don't need to exclude a large number of rules out of 344 rules for c++. How can I do that? (I'm not adding customized rules)
I imageine the syntax would be: (in .properties file)
sonar.issue.include.multicriteria=***
sonar.issue.include.multicriteria.***.ruleKey=cpp:S984
....
EDIT:
1, I need to configure this in a CLI environment.
2, It's about one project, two rule sets. one rule sets for local use and the other one for CI/CD use.
You need to craft a Quality Profile that contains only your rules of interest, and then either make it the default profile for C++, or explicitly assign your project to it.
BTW, correctly setting exclusions in properties (versus through the UI) is quite tricky. I'm not sure about the correctness of the ruleKey field name, and you're probably missing another field in there, but your syntax seems to be on the right track.
Related
Been trying to set up configuration-specific variants of resource .resw files in my project, so I could have have different resource string values in Debug and in Release (and in other configurations).
There are standard facilities in VS to have files conditionally included or excluded from build depending on selected Configuration. I have set up file properties to be Content=Yes and Excluded From Build=No for a file that must be included in a configuration, and the other way around for the other file.
The variants appear as expected in the IDE - only one matching current configuration is active, and another one is shown with Content=False in the Properties view, and with a red icon in the files list. The vcxproj also contains correct PRIResource nodes for .resw files with DeploymentContent and ExcludedFromBuild set:
<ItemGroup>
<PRIResource Include="Debug\Strings.resw">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">false</ExcludedFromBuild>
<DeploymentContent Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</DeploymentContent>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">false</ExcludedFromBuild>
<DeploymentContent...
Building this project however fails with a message
error PRI277: 0xdef00532 - Conflicting values for resource 'resw
name/resource name'
Examining intermediate files reveals that both .resw variants are listed in resources.resfiles that is then fed into MakePri.exe . The ExcludedFromBuild setting appears to be ignored.
How would I get this to work? Is there a special way to control the inclusion of resw files? Maybe a different approach to having string variants altogether?
There are apparently "qualifiers" for organizing resource variants, and a naming scheme (https://learn.microsoft.com/en-us/windows/uwp/app-resources/tailor-resources-lang-scale-contrast). There is even a "Configuration" qualifier, though it is not entirely clear which configuration that is, and where at run time I am supposed to take an identifier to select a resource variant I want.
Adding this as an answer for the sake of completeness, as this is relevant and might even be useful to someone. But I am not happy with project configuration concerns being displaced to runtime, with unneeded and possibly sensitive values being added to the package. So I decided to force-emulate ExcludedFromBuild and am picking and copying the single .resw variant I need into build via a Custom Build Step. Shout out to whoever is responsible for this awkward mess at Microsoft.
I tried in two ways,
1.I write properties file like sonar.language=php,go it didn't work.
2.I tried to change to sonar.languages=php,go and it scan all kinds of languages inculdes js,python and so on.
how can I make it to scan only specific several languages.
Thanks!
The best way is to configure sonar.inclusions and sonar.exclusions in a way that it will only include files you want to analyze. See documentation here https://docs.sonarqube.org/display/SONAR/Narrowing+the+Focus
I once had an extra filter for all rules/problems, whose issues had been fixed up completely in the project, so I would easily see new ones regarding these rules (issue count of that filter rises from 0 to ...).
With version 6.3.1 filters are not supported anymore, so I created a quality profile including the same rules.
My problem is that it's only possible to activate 1 single quality profile for the project, so I can't filter these rules anymore. I also tried to use a parent quality profile, without success. The solved issues of the rules are completely in the 'normal' quality profile, if that's of importance.
How can I configure SonarQube, so that the system analyses 2 quality profiles on the same project?
I read of a work around that just creates a second branch of the project to analyse that one, but I am seeking out for a cleaner solution.
Example:
Quality Profile 'fixed rules':
count 0: use diamond operator
count 0: no stupid equality checks
Quality Profile 'all activated rules':
count 0: use diamond operator
count 0: no stupid equality checks
count 100: variable does not match pattern xyz
count 500: switch case without default
...
It's not possible to add another quality profile. Actually, the project only needs to be analyzed once.
Why don't you just set the tag 'fixed' to all your solved rules? Then you can easily filter the issues with that tag and see the results.
Can you include expressions in the "Output Files" section of a build rule in Xcode? Eg:
$(DERIVED_FILE_DIR)$(echo "/dynamic/dir")/$(INPUT_FILE_BASE).m
Specifically, when translating Java files with j2objc, the resulting files are saved in subfolders, based on the java packages (eg. $(DERIVED_FILE_DIR)/com/google/Class.[hm]). This is without using --no-package-directories, which I can't use because of duplicate file names in different packages.
The issue is in Output Files, because Xcode doesn't know how to search for the output file at the correct location. The default location is $(DERIVED_FILE_DIR)/$(INPUT_FILE_BASE).m, but I need to perform a string substitution to insert the correct path. However any expression added as $(expression) gets ignored, as it was never there.
I also tried to export a variable from the custom script and use it in Output Files, but that doesn't work either because the Output Files are transformed into SCRIPT_OUTPUT_FILE_X before the custom script is ran.
Unfortunately, Xcode's build support is pretty primitive (compared to say, make, which is third-odd years older :-). One option to try is splitting the Java source, so that the two classes with the same names are in different sub-projects. If you then use different prefixes for each sub-project, the names will be disambiguated.
A more fragile, but maybe simpler approach is to define a separate rule for the one of the two classes, so that it can have a unique prefix assigned. Then add an early build phase to translate it before any other Java classes, so the rules don't overlap.
For me, the second alternative does work (Xcode 7.3.x) - to a point.
My rule is not for Java, but rather for Google Protobuf, and I tried to maintain the same hierarchy (like your Java package hierarchy) in the generated code as in the source .proto files. Indeed files (.pb.cc and .pb.h) were created as expected, with their hierarchies, inside the Build/Intermediates/myProject.build/Debug/DerivedSources directory.
However, Xcode usually knows to continue and compile the generated output into the current target - but that breaks as it only looks for files in the actual ${DERIVED_FILE} - not within sub-directories underneath.
Could you please explain better "Output Files are transformed into SCRIPT_OUTPUT_FILE_X" ? I do not understand.
is there a possibility to duplicate existing checkstyle rules? I want Sonarqube to differ guideline rules.
Example:
The rule for method complexity should mark the method as [MINOR] when there is more than 10 lines of code per method and as [MAJOR] when there is more than 30 lines of code per method.
Maybe there is a particular plugin for this special case?
Thanks in advance
This is currently a limitation in SonarQube. However, it can be done partially.
For Checkstyle based rules, you can copy some rules (those that have a Copy Rule button; screenshot here under "Multiple activation of rules"). I've personally used this for the Comment Pattern Matcher and created a rule that matches TODO comments as INFO severity and another that matches FIXME comments as CRITICAL. As I understand your question, that is what you are looking for. I don't think this is possible for all parameterizable rules, though.
Also, for PMD based rules, there is this blog post which describes how to use the XPath rule template in order to create custom PMD rules. This could be a workaround for those PMD based rules that don't have a Copy Rule button.
The feature we would need is a Copy Rule button for every parameterizable rule. AFAIK, this does not exist yet.