Sonarqube for Ruby code analysis - sonarqube

is there any plugins available for analyzing Ruby code inn sonarqube. I have downloaded Ruby plugin for sonarqube which has just very few rules like six. is there any other plugins for analyzing Ruby in sonarqube.
Thanks.....

I've been looking for the same thing for a while now. It doesn't seem like there's any good support right now outside of ruby-sonar-plugin. SonarQube is a great tool and is awesome for managers to look into and it's a shame that the repo hasn't been updated for 2 years (at the time I'm writing this).
I know this isn't an answer, but it should provide more visibility on the question, at least.

Related

How to look like Sonar Online Dashboard?

I see a big difference in the look & feel between the online dashboard (https://sonarqube.com/projects or https://sonarqube.com/governance?id=MASTER_PROJECT) and the one that we see by default on our local installation of sonar (v5.6.3).
I'm wondering about whether the online look & feel can in someway be easily applied to a local installation. It's just a matter of css/js or behind we have also a completely different HTML structure?
Any information about this will be much appreciated.
I think I've found the answer to my question. The nice-looking online demo is based on an Enterprise Grade deployment of sonar with the governance plugin.
https://www.sonarsource.com/why-us/products/plugins/governance.html
https://www.sonarsource.com/solutions/deployments/enterprise-grade/
Can't you update your install to the latest version? There have been UI changes in both version 6.0 and 6.1
http://www.sonarqube.org/sonarqube-6-0-in-screenshots/
http://www.sonarqube.org/sonarqube-6-1-in-screenshots/

Where is the Elasticsearch Plugin API Documentation?

The closest thing I've found is their Elasticsearch Plugins and Integrations
page, which doesn't help. I was following their out of date tutorial to make a "hello world" plugin, but I can't find any documentation on the classes used. Is there a page with information on what each class does, or do I have to look at the code to figure it out on my own?
To quote elastic search developer Adrien Grand(jpountz) "No, there is no guide about writing plugins and the API is actually quite unstable. The plugin API is mainly a way for us to provide additional functionality through plugins so that we do not have to fold everything into a single release artifact that would be quite huge. Some community membors have writter plugins by taking inspiration of existing plugins but we do not want to commit on a stable API for plugins as this might prevent us from improving other areas of elasticsearch."
The only real way of learning about developing a plugin is trying to find something similar and modifying it to suite your needs. Developing anything remotely complex will require an extensive knowledge of the ES codebase. I suggest you look into some plugins developed by jprante to get started.

How to manage Java/Maven Dependencies in JRuby

I search for the best way to manage java dependancies in a jruby app/library.
Some time ago i read an article about getting java dependancies based on Maven through rubygems. I tried to follow up on this and found some information that this feature was dropped in JRuby 1.7. Also I found some projects like ruby_maven and jbundler but they look like work in progress.
Im especially interested in the integration with bundler and gemspec.
I am no fan of maven and prefer the ruby / bundler way.
Would be nice if a jruby pro could shed some light on the current state.
Me and my coworker are working on a tool to handle mixed Java/JRuby projects. We're hoping to be finished with it this week, so check it out next week and see if it meets your needs. (We still need to update the documentation a little bit, too.)
https://github.com/sam/doubleshot
You had mentioned that JBundler looks like a work in progress, but it does work. I'd recommend giving it a shot if you can't wait a week to try out our project.

Is Hudson a mature continuous integration tool now?

I have searched the SO site for question about Hudson but some of it are a little dated now say 2 years or more. Some comments link Hudson as 'newbie' ing the CI Field
I just would like to know if Hudson is mature right now and is the best option for a CI tool.
Thanks
P.S. I just would like to hear latest feedback from community.
I would thoroughly recommend Jenkins, which is a fork of Hudson made in late 2010/early 2011 (wikipedia has more information on the split if you're interested). You'll find more contemporary resources if you do a search for Jenkins - but at the moment most Hudson tutorials are still relevant.
As to stability/maturity, we've been using it for many months without any issues that I'd attribute to maturity :)
We are using Jenkins for our continuous integration and found it quite useful.
All the basics are there, regarding starting builds, getting and generating statistics from i.e. build results, unit tests, function tests. It is also very flexible as you can ask Jenkins to execute a script which does pretty much anything you need.
Jenkins is the best I've tested so far, and also it is free.
I think nobody can answer if it is the best option for you. It might be mature and everything, but that doesn't mean it's the best for your particular problem

Is SonarQube Replacement for Checkstyle, PMD, FindBugs?

We are working on a web project from scratch and are looking at the following static code analysis tools.
Conventions (Checkstyle)
Bad practices (PMD)
Potential bugs (FindBugs)
The project is built on Maven. Instead of using multiple tools for the purpose, I was looking at a single flexible solution and came across SonarQube.
Is it true that we can achieve the results from Checkstyle, PMD and Findbugs with SonarQube?
Sonar will run CheckStyle, FindBugs and PMD, as well as a few other "plugins" such as Cobertura (code coverage) by default for Java projects. The main added value, however, is that it stores the history in a database. You can then see the trend. Are you improving the code base or are you doing the opposite? Only a tool with memory can tell you that.
You should run Sonar in your CI system so that even things that take some time to execute (such as CPD – copy paste detector) can run. And you'll have your history. Whereas with an Eclipse plugin, for example, you'll detect violations sooner – which is great – but you will be tempted to run it less often if it starts taking too long, or run less "quality plugins" (such as skipping CPD or skipping code coverage analysis). And you won't have history.
Also, Sonar generates visual reports, "Dashboard" style. Which makes it very easy to grasp. With Sonar in Jenkins, you'll be able to show developers and your management the effects of the work that was performed on the quality of the code base over the last few weeks and months.
Sonar uses these 3 tools as plugins and aggregates the data from all three giving addition value by showing graphs and such from these tools. So they are complementary to sonar.
Yes and no. In addition to the other answers.
SonarQube is currently on the way to deprecate PMD, Checkstyle and Findbugs and use their own technology to analyze Java code (called SonarJava). They do it, because they don't want to spend their time fixing, upgrading (or waiting on it) those libraries (e.g. for Java 8), which for example uses outdated libraries.
They also got a new set of plugins for your personal IDE called SonarLint.
Sonar is great, but if you want to use the mentioned tools separately and still have nice graphs, you can use the Analysis Collector Plugin as part of your Jenkins CI build. A slight advantage of this is that you can check in your PMD/Findbugs/Checkstyle configuration into your SCM and have it integrated into your Maven build, rather than relying on a separate Sonar server.
... a few years later: no, it is not! SonarQube supposes to be able to cover all the rules with its own analyzer, but there are still rules from PMD or CheckStyle not covered by SonarQube. See for example: PMD ReturnFromFinallyBlock.
Sonar is much more than these tools alone.
The greatest benefits is the gui, which lets you configure anything easily.
The statistics it offers are very detailed (lines of code etc).
And it even offers great support for test coverage etc :)
Here you can take a good look:
http://nemo.sonarsource.org/
I would still use these tools in addition to sonar because they can fail the maven build when someone violates a rule. Where as sonar is more retrospective.
Well at least since SonarQube 6.3+ it seems to be that Findbugs is (at the moment) no longer supported as a plugin. Sonarsource is working on replacements of Findbugs-rules with its own Java-plugin.
They even had a list for the replacement status of each rule here, but it got removed by now.
See https://community.sonarsource.com/t/where-is-dist-sonarsource-com-content/5353 for more details.

Resources