My objective is to run sonar scan and provide early feed back on defects without uploading scan result to sonar server.
I am planning to use sonarlint-cli to scan code as soon as Git merge request is crated. This will help me to report issues early without running full sonar scan.
I already have multiple module sonar-project.properties at the root folder of source code.
Can I use same sonar-project.properties with sonarlint-cli?
No it's not possible to feed sonarlint-cli with sonar-project.properties. You must use a dedicated sonarlint.json configuration file. See http://www.sonarlint.org/commandline/index.html
Related
Is there any way I can get any sonarqube api which can provide the build number of bamboo or any bamboo api which can give sonarqube info.This would really help.
I have so far tried both side but i am surprised both the system are quite clueless about each other. Why it is not possible that a build which ran sonarqube as as one of it's job doesn't have any information about that. Also neither in sonar it tell which build has actually triggered that sonar execution
(Not sure I understand what exactly you are looking for, perhaps this ...? )
I don't believe you can relate a specific Activity (SonarQube analysis) to a specific build (Bamboo), just project to job.
You must have SonarQube Server configured in Bamboo
When executing your job, you can add these sonar.links optional parameters to the analysis step:
sonar.links.homepage Project home page.
sonar.links.ci Continuous integration.
and
sonar.links.scm Project source repository.
sonar.links.issue Issue tracker.
Maybe also specify sonar.host.url=$SONAR_HOST_URL (where SONAR_HOST_URL is the global setting in Bamboo) in the analysis step parameters.
Those populate the Project Overview page sidebar:
That should provide the links from SonarQube back to the other systems of interest.
If you have properly configured Bamboo, you should see a link in Bamboo to the SonarQube project, post execution.
I like to include Gauge (http://gauge.org) results in SonarQube (LTS 6.7.1), basically by simply include execution information for a project (which is stored locally in a junit xml file).
What spec and scenarios have been run etc.
But I completely fail on how to integrate this in sonarqube. I managed to add a new page to sonarqube, but how can I retrieve the values to display ?
So my thought was to have a Sensor reading the Gauge report file and publishing the information. But all the sensorContext.newXXX methods seem wrong to use for this.
Any advise on how to extract and present external information in SonarQube ? Any best practices available ?
Thanks
I am trying two options.
One is not to store source code
If it is not possible how to delete project from sonar database?
I tried with "sonar.import Sources=false" but this is not working for sonar version 6.1(deprecated after 4.5 version).
If I delete the project,will source code remain in database?
Storage of source code in database can't be disabled because it's used to display data in webapp.
Source code is indeed dropped from db when deleting a project.
This is late, but might be helpful for someone:
Sonar usually cache the project for performance purpose via squid mechanism, then thru queue mechanism it stores the project data in internal h2 database which can be changed to few supported databases, then you will be having advanced options to manipulate data on database(things like fail-over cases can be achieved), not that I know of any way of not to store project data in database.
Unless you configure certain user, default user can be admin to sonar dashboard with password as admin, Login to console and navigate to Administration-> projects->Management, now delete n number of unnecessary projects. Once you do this Sonar dashboard will not be able to show the project again until you re-analyze same project. To make sure this worked,after re-analyzing project click on the project on dashboard and check the version under Activity.
Additional info: If you modify the maven project code, first build the project & then do sonar:sonar for latest modifications to be reflected.
I agree with other answer, elaborating in few lines..
I need to show version number including three figures
1. Using pom version (done)
2. Commit number from Git (done)
3. Build number from Bamboo ( worst part :( )
I tried to make one property file with placeholders as bamboo.properties in my project. I am expecting that when Bamboo prepares the build it will replace those properties and include that file in war. Later I will read those properties and expose to Web Layer.
Am I doing right? Because I need that my other team members should able to make build locally without Bamboo?
bamboo.properties:
bamboo.buildKey=${bamboo.buildKey}
bamboo.buildResultsUrl=${bamboo.buildResultsUrl}
bamboo.buildNumber=${bamboo.buildNumber}
bamboo.buildPlanName=${bamboo.buildPlanName}
bamboo.buildTimeStamp=${bamboo.buildTimeStamp}
Here is how we achieve above after long time.
Pom version
A simple maven property that can be accessed.
Commit id from git
Since in this project we are using git only, there is a maven plugin that gives you information about commit number. With the help of it you can retrieve Git commit id. For details please look for
git-commit-id-plugin
For bamboo there is environment variable that you need to configure in bamboo settings (For me this has done by client as he owns it). But after it we access it in our env as "<bamboo.build.no>"
Thanks
Please refer to below example:
I have a jar file abc.jar. I have deployed the jar on three different tomcat server, namely server1,server2,server3.
I configured jacoco plugin into server1,server2,server3 to generate jacoco execution file namely jacoco1.exec, jacoco2.exec, jacoco3.exec.
I am executing different test cases with these servers and I got jacoco1.exec, jacoco2.exec, jacoco3.exec.
Using jacoco:merge I can club 3 .exec file and using sonar runner I will get the code coverage report on the sonar server.
On the dashboard of the report I will have different widget like Unit test case, Integration test, etc..
That report will give me figures for combined .exec.
Is there any way I can get the figures based on the execution data file?
Like separate widget for the code coverage given by "jacoco1.exec", separate widget for the code coverage given by "jacoco2.exec", separate widget for the code coverage given by "jacoco3.exec"
And combined report as well. By this I will be able to identify which testing is hitting/missing which code of the jar.
As the jar file is same, I want to create single project on the dashboard, and under that I should get this distributed information. I don't want to create different projects on the Sonar dashboard.
As there any way to achieve this in Sonar Server (3.5.1 V) code coverage report?
This is currently not possible, as you have only 1 "coverage" measure per project.