Set sonar quality profile from teamcity sonar runner - sonarqube

I am generating sonar report from teamcity sonar runner but I see that Quality Profile is set to
Use 'Sonar way' (XML) but I want it to be Stop using sonar way (xml).
Can anyone suggest the parameter or setting I need to do.
Note: I can not share the logs or screenshots here because of organization policy.

The way to handle this is to use the UI to assign the project to the profile(s) you want it to use: Project-level Administration > Quality Profiles. You'll be presented there with an option to assign a profile for each language available in the instance.
If you simply must do this from TeamCity, then use web services to assign the profile. Although once assigned, assignments "stick" so this really is something you should be able to do from the GUI and then just leave alone.

I used parameter sonar.Language=cs. it excluded xml analysis and now I see Stop using sonar way (xml).
https://docs.sonarqube.org/display/SONAR/Analysis+Parameters
sonar.language
Set the language of the source code to analyze. Browse the Plugin
Library page to get the list of all available languages. If not set, a
multi-language analysis will be triggered.

Related

SonarLint plugin in Eclipse not display Error Javadoc

I'm trying to create method without add comment or documentation it, I expected SonarLint would show errors based on rules, but I don't see any errors or warnings. Why?
The particular rules you're looking for are "common" rules applied at the server. You're not going to see them in SonarLint. But in general:
Out of the box, SonarLint runs with the Sonar way (default) profile. If you want additional rules applied in the IDE, you'll need to:
set up a SonarQube instance (assuming you don't already have one)
configure a Quality Profile to your liking
apply it to your project
connect your project in the IDE to the project on the server
At this point you will see (almost) all the same issues in both places.

Automatically associate new Sonar project with custom quality profile and quality gate

Our use case for Sonar creates new Sonar projects for each branch of our repository. How do we automatically associate the new branch project with a (non-default) Quality Profile and Quality Gate?
We're running this in a Maven project if that's relevant.
We had the same issue, within our company, and the only solution was to use the deprecated attribute sonar.profile (https://docs.sonarqube.org/display/SONAR/Analysis+Parameters).
Sidenote:
Generally there is also a interesting view on how to analyze branches. The general recommendation from sonarSource suggests to only use preview modes for short living branches. As a fact bitbucket-plugins with a richer featureset than just commenting issues, sadly need branch based analysis.
https://jira.sonarsource.com/browse/SONAR-5370 - the property will be removed in 4.5.1 based on the sonar task
Use the api/projects/create web service to provision your projects. You can then call api/qualityprofiles/add_project to assign your new project to the proper profiles. (You'll need to have first looked up the profile id's tho with api/qualityprofiles/search.)

Setting sonar profile together with sonar preview mode on maven command line

I want to use a specific sonar profile with analysis mode preview for generating comments that go into our github pull requests.
The default quality profile for the project includes minor and info level rules which will cause hundreds of extra comments (and literally thousands of github notification emails). So it has to be a quality profile specific to this purpose.
Running the build like this:
mvn sonar:sonar -Dsonar.profile.java=PRComments -Dsonar.analysis.mode=preview
Fails with the following error:
sonar.profile was set to 'PRComments' but didn't match any profile for any language.
The PRComments quality profile exists and works perfectly if I don't specify the preview mode. And yes I know that -Dsonar.profile is deprecated and it makes me sad too.
For info I'm using the sonarqube github plugin http://docs.sonarqube.org/display/PLUG/GitHub+Plugin to push the comments into github - but the failure above appears even if I don't use this plugin. Unfortunately the github plugin doesn't seem to have an option to skip adding comments for violations below a configurable severity level.
Is this possible or do I have to give up?

SonarQube: Profile inheritance and rule deactivation

I've read the docs about profile inhertiance [1]. They say that "A rule inherited from a parent cannot be deactivated". Is this on purpose and will it be supported in the future?
When I upgrade some plugin (i.e. the JavaScript analysis plugin) there are new rules and I have to restore the built-in profile "Sonar Way" in order to get the new rules. However when I do this I lose all the previous configurations (deactivated rules) and I have to remember what I've done in the past and repeat that again.
It sounds like you're using the built-in profile as your default profile. If you're happy with the built-in profile as-is, then that's a great way to go. But it sounds like you're not. So instead, I'd suggest you make a copy of Sonar Way, I'll call it 'Copy', and set it as your default profile. Then after each upgrade, you can reset Sonar Way, use the comparison service to see the differences between Copy and Sonar Way and then choose which new changes to apply in Copy.

How can I get SonarQube to analyse test code?

According to the documentation I've found Sonar will not analyse test code by default. I found some Jira's that indicate it should be possible but nothing with enough information on how to do it.
It's java code setting under src/test/java. I use both the eclipse plugin for local analysis and sonar-runner plugin for gradle via a jenkins job on the CI server so ideally the solution would support both those.
Ta,
Andrew
As of SonarQube 4.2, the only way to have some test code analyzed is to activate rules from "PMD Unit Tests" repository inside your quality profile.
Note that these are rules specific to test code (like the existence of at least one assertion). You can't activate "standard" rules on test code yet. You can vote for the following ticket to extend the scope of source analysis: SONAR-3748

Resources