I am using SONAR-CSS-PLUGIN to check all SCSS file in my repository.
As it comes with default set of 100+ rules, at this moment am not willing to apply all rules in one go as as there is legacy code too and it's reporting many errors.
I would like to incremental by applying a set of rules (lets say 10) everyweek.
I am using TeamCity as build tool.
Here is my TeamCity configuration.
-Dsonar.language=scss
-Dsonar.inclusions=Src/**/*.scss
-Dsonar.css.configPath= wanna give path to .stylelintrc or custom set of rules
-Dsonar.sourceEncoding=UTF-8
%sonar.github.pullRequest%
%sonar.github.repository%
I can not find any documentaion showing how to configure above plugin in TeamCity.
Is this -Dsonar.css.configPath right property??
No matter what path I provide -Dsonar.css.configPath= SomePath It always applies all the rules bydefault.
I would like to apply only some rules for time being.
(For people who may need it in future)
Well, I asked question on their git-hub repository.
Good to know they are responsive.
And the creator says its not possible to point any .stylelintrc at this moment.
Also to apply a set of rules one need to create new Quality Profile and set that as default for respective repository in sonar web interface.
Note: Above option is available only for Administrator access.
See detailed thread HERE
Related
Is there any way I can get any sonarqube api which can provide the build number of bamboo or any bamboo api which can give sonarqube info.This would really help.
I have so far tried both side but i am surprised both the system are quite clueless about each other. Why it is not possible that a build which ran sonarqube as as one of it's job doesn't have any information about that. Also neither in sonar it tell which build has actually triggered that sonar execution
(Not sure I understand what exactly you are looking for, perhaps this ...? )
I don't believe you can relate a specific Activity (SonarQube analysis) to a specific build (Bamboo), just project to job.
You must have SonarQube Server configured in Bamboo
When executing your job, you can add these sonar.links optional parameters to the analysis step:
sonar.links.homepage Project home page.
sonar.links.ci Continuous integration.
and
sonar.links.scm Project source repository.
sonar.links.issue Issue tracker.
Maybe also specify sonar.host.url=$SONAR_HOST_URL (where SONAR_HOST_URL is the global setting in Bamboo) in the analysis step parameters.
Those populate the Project Overview page sidebar:
That should provide the links from SonarQube back to the other systems of interest.
If you have properly configured Bamboo, you should see a link in Bamboo to the SonarQube project, post execution.
How can I modify the Unsecure and Secure Configuration in plugin code for step?
For example, I have a plugin and I will send it to my friend. I want this plugin to clean or modify all information that my friend has in his XrmToolBox Plugin Step Secure Configuration field and add mine (for me is necessary to add mine config in this field). Can I do it from code in my plugin?
Let's make the things straight.
CRM Plugin is an executable code logic for extending the platform execution pipeline like do something (ex. Assign/Update) after something (ex. Create/Update) happens.
Plugin registration tool (PRT) is useful for registering the Plugin assembly (dll) & steps to execute per our expectation.
Secure/Unsecure config for Plugin step is just like web.config in our web application. Read more
You want to configure certain key/value pair, for example - some external web service credentials, then put it in secure config of that particular plugin step using PRT, so that you can consume it inside the plugin step code logic.
We will not update the secure config from the plugin code, rather we will just consume it.
If you are shipping your environment plugin steps to your friend environment, then give the plugin assembly & step as a solution package, once the solution is imported in your friend environment - the XrmToolBox PRT will show the changes. Or connect the two environments in different PRT sessions & verify the differences for config merge process.
If you want to develop a console app or something to do the deployment for you, read the below link:
Programatically Updating the Secure Configuration of a Plug-in Step
We're transferring our CI stack from a consulting company to in-house. We need to export the SonarQube profiles from the consultant's SQ instance to our corporate instance. We can export the profiles but the consultants created hundreds of custom rules and when we try to import the profile it fails to import the custom rules. We found in the API where you can export the rules to a JSON file, but can't find documentation on how to import them.
Is it possible to import SonarQube rules? What is the best way to go about that?
Referenced documentation:
SQ Docs - Copying Quality Profiles:
https://docs.sonarqube.org/display/SONAR/Quality+Profiles#QualityProfiles-CopyaprofilefromoneSonarQubeinstancetoanother
StackOverflow - How to export Rules:
How to extract or export rules from SonarQube
SQ API - Rules: https://docs.sonarqube.org/pages/viewpage.action?pageId=2392166
Anyone trying to replicate rules from the server on their local setup-
For sonarqube community edition 8.7.1 you can simply export the custom rules as XML files.
Goto
Quality Profiles-> Gear Icon -> Backup
This will get you the custom rule in xml file format.
Then in your local setup goto
Quality Profiles-> Restore(top right corner)- select the XML file you downloaded in the previous step
It is not possible to import/export the logic of those custom rules, only their presence in a profile.
In the case of rules coded in Java, you must make them give you at least the jar containing the rule implementations. Once you install that jar (and restart your server) the rules will be available to you.
In the case of rules written in XPath, you must make them give you their XPath configurations, and you will need to re-create those XPath rules on your side (a tedious process of filling in a form once for each rule).
I've successfully built up a SonarQube server, and I wrote several custom rules to review the code. Now, I can use the server and custom rule with Jenkins and with Maven only when the code is on the same server.
My question is when I develop maven project on another computer, and I want to use maven build or maven install, how can I still use the certain SonarQube server? Simply add plugins in the pom.xml can't use the SonarQube server I established, and the custom rules I developed are also not taken into effect.
As stated in the docs, you only need to make sure the address of your SonarQube server is available to the analysis. Beyond that, you should provide the token of a user with analysis permissions (and 'create project' permissions if the project doesn't already exist) and analyze away.
Of course, this pre-supposes that your SQ server is visible on your network.
I am using chef and one of my recipe needs to upload the sonar quality profile automatically and set it as default. Right now, I am doing it using browser automation using selenium but I dont like it and i dont believe that it is the right way to do. Has anyone done the upload using some API or a script? Any programming language or specific methods is fine although I am using Ruby (chef is a ruby DSL). Any pointers please?
SonarQube supports a REST API that you could invoke using ruby.
There is a documentation option for:
Restore a quality profile
Setting profile as default
I have never tried these, so I think you'll have to take a look at how Sonar performs profile backups. I would suggest considering an approach where the profile is saved in your cookbook as a template (allowing you to sub values in) and submitted to Sonar as a restoration.