How to enable/disable any rule from SonarLint in Eclipse - sonarqube

I have SonarLint installed in Eclipse and there is a remotely set up sonarQube server, but rules are different on both . How can I configure rules same as SonarQube on SonarLint in my Eclipse ?

I thought I would leave this up here for anyone looking.....
To Disable/Re-Enable Rules in SonarLint/Eclipse.
-Window-Preferences-SonarLint-Rules Configuration.
-Select Your Language(in my case Java).
-Select the drop for changed rules or open the + symbol to show all rules.

In your Java code, you can disable a specific rule for a single method using annotations:
#java.lang.SuppressWarnings("java:S2699")

You want to use the connected mode in order to apply the same ruleset on your IDE that the one running on your SonarQube instance.
Have a look at the relevant documentation :
http://www.sonarlint.org/eclipse/#Connected

Related

Vugen Runtime Settings are incomplete

Why, in my LoadRunner, when I want to configure runtime settings my options are only this :
But I want to change Internet Procotol & normally my options should be like this :
Do you know why ? My LoadRunner version is 12.50.
Thanks
You are using Web Services protocol.
You can create a new script and choose Web-HTTP protocol, then you will see thinktime option.

SonarQube 6.7 failed to start because CONFIG_SECCOMP not compiled into kernel

I've just upgraded SonarQube from 6.0 to 6.7 LTS running in a CentOS 6 box, and noticed that ElasticSearch (ES) failed to start because the kernel (2.6.32-696.3.1.el6.x86_64) doesn't have seccomp available.
This is officially documented at System call filter check and a correct workaround for systems without this feature is to configure bootstrap.system_call_filter to false in elasticsearch.yml.
The issue here is because Sonar creates the ES configuration at startup, writing in $SONAR_HOME/temp/conf/es/elasticsearch.yml and I haven't found a way to set bootstrap.system_call_filter property.
I tried a natural (undocumented) way introducing sonar.search.bootstrap.system_call_filter and bootstrap.system_call_filter properties in sonar.properties but it doesn't work.
We had the same problem. At first we used the above solution but after searching in the sonar code on github found the place where this setting should be placed:
Edit the sonar.properties file and change the line:
#sonar.search.javaAdditionalOpts=
to
sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false
For sonarqube docker image, setup additional environment to disable this feature when "docker run":
-e SONAR_SEARCH_JAVAADDITIONALOPTS="-Dbootstrap.system_call_filter=false"
Hi I tried to echo bootstrap.system_call_filter: 'false' to temp/conf/es/elasticsearch.yml, I see the line in that file, but got same error during start of sonarqube 6.7 on centos6.
Has someone tested that with success?
First of all: don't even try to update elasticsearch.yml . SonarQube self-manages its ElasticSearch component config, so any attempt of manual intervention will be harmful. (reminder: the only config file that should ever be modified to operate SonarQube is sonar.properties)
More interestingly regarding that seccomp component:
the seccomp requirement does come from underlying ElasticSearch requirement, and transitively applies to operating SonarQube
if you run SonarQube locally with default config (specifically: default sonar.search.host), then the seccomp check may not be fatal (i.e. just a warning)
if you did override sonar.search.host , then the first thing you should wonder is: does the ElasticSearch JVM really needs to listen on other interfaces than loopback ? (knowing that SonarQube uses ES locally, except with the Data Center Edition). If no good answer to that, then keep sonar.search.host at its default value.
Last but not least, the golden path here is obviously to follow the requirement (i.e. have seccomp available on your OS), even if that involves upgrading to a more recent Linux kernel. And to wrap it all up: we've edited SonarQube Requirements to transparently share this situation.
You could really cheat and edit /${SONAR_HOME}/elasticsearch/bin/elasticsearch.
Add
echo "bootstrap.system_call_filter = 'false'" >>
/${SONAR_HOME}/temp/conf/es/elasticsearch.yml
before the "demonized" variable is set.

SonarQube sonar.issue.ignore.multicriteria and MSBuild

I have a Console project and want to disable the rule Console logging should not be used on it.
But it seems MSBuild don't get theses exclusions (anything found in Agent logs, or .sonarqube logs) added in project configuration (sonar.issue.ignore.multicriteria).
Rule Key Pattern: csharpsquid:S2228
File Path Pattern:**/MyProject/**/*.*
Do I have to have a configuration file or MSbuild should retreive Sonar configuration for projects ?
For the first project, the runner try to get server rules:
2016-01-29T08:37:36.3162048Z 09:37:36.217 INFO - ------------- Scan FisrtProject
2016-01-29T08:37:36.3172057Z 09:37:36.288 INFO - Load server rules
2016-01-29T08:37:36.8185565Z 09:37:36.629 INFO - Load server rules (done) | time=341ms
But not the others. I thougt that, as the runner has passed once for this rule and this file, these default are not deleted automatically, but should I to find logs about this ?
I try to change sonar.global.exclusions and sonar.exclusions and they are found by the runner.
The sonar.exclusions / sonar.global.exclusions are not what you want to use. They are for excluding files from the analysis not rules.
To exclude a rule specifically for a project you must define, in SonarQube, a quality profile and remove that rule from the profile, and assign that quality profile to your project. You can copy your standard profile in a new one and remove the rule on the new one, or use the more flexible quality profile inheritance mechanism (QP for consoles apps inherits from the default QP minus the csharpsquid:S2228 rule)
Then run the analysis as usual.
None of the SonarQube.Issue.* properties can be set by the command line since they are multivalued. Please find the official documentation here.
You can have SonarQube ignore issues on certain components and against certain coding rules. Go to Administration > General Settings > Analysis Scope > Issues.
Note that the properties below can only be set through the web interface because they are multi-valued.
These are the SonarQube issue properties:
Ignore Issues on Files - Key: sonar.issue.ignore.allfile
Ignore Issues in Blocks - Key: sonar.issue.ignore.block
Ignore Issues on Multiple Criteria - Key: sonar.issue.ignore.multicriteria
Restrict Scope of Coding Rules - Key: sonar.issue.enforce.multicriteria
If you want to set this property globally for all SonarQube projects then go to the Administration -> Analysis Scope of your SonarQube server:
Browse to the your Sonar instance : http://servername:9000
Login as Admin
Click on Administration
Choose the Analysis tab on the left hand side
Go down to the issues block and look at the "Ignore Issues on Multiple Criteria"
If you want to apply this exclusion for a specific SonarQube project then select the project and then browse the project -> Administration -> Analysis Scope.

Jenkins Matrix build. Combination filter groovy script fails after upgrade

Upgraded 1.599->1.605
Matrix job is used
In order to chooseparticular configuration or run All of them the following groovy expression is used in Combination filter:
targetHost=="All" || targetHost.contains(hostUnderTest)
where
hostUnderTest is matrix axis that contains the list of available hosts
targetHost is build parameter and usually contains comma separated list of hosts against which tests are executed
It was working on 1.599 but fails with the following error after update to 1.605
FATAL: Scripts not permitted to use method java.lang.String contains java.lang.CharSequence
I suppose these are due to some security restriction - could someone please advise how to disable them or propose another workaround?
That is truly a pain. What version of the matrix-project do you have? You can see this through Manage Jenkins -> manage plugins
If its 1.4.1 then it is a bad release and you need to downgrade to 1.4 https://issues.jenkins-ci.org/browse/INFRA-250
I think you should be able to apply 1.4 over the top if you download it and used the advanced tab on the manage plugin page
According to this comment - appears to be expected behaviour.
Script works correctly after being approved by jenkins admin in
Manage Jenkins ยป In-Process Script Approval
menu

How can I restrict the Sonar JavadocMethod rule to filenames including "Controller"?

I have a pre-existing Java project, that Sonar Analysis was recently applied to. There are a large number of CheckStyle JavadocMethod rule violations.
How would I restrict the JavadocMethod rule, to apply only to java filenames with the pattern "Controller.java" ?
The JavadocMethod check does not offer an option to limit itself to certain files, so this cannot be done easily. But - you could:
Write a custom filter which suppresses all JavadocMethod warnings that occur in files which do not match a pattern. This is not difficult - the example on the linked page covers just that case. But it requires you to deploy the filter and that may be a bit of a hassle.
I am not sure if this works in Sonar. I use custom Checkstyle checks in Sonar all the time, but I haven't tried custom filters yet.
Write a subclass of Checkstyle's JavadocMethodCheck which adds an option to apply itself only to certain files (Sonar Examples, Checkstyle tutorial). This is a sure bet if custom filters cannot be added to Sonar.
If you are using Eclipse, you can configure it to use different rule sets based on filename. You would do that using the "advanced" configuration setting in the project properties. Your regexes would be Controller\.java$ to match all controllers, and .{10}(?<!Controller)\.java$ to match the other Java files. This approach could also be applied to a stand-alone or Ant-based Checkstyle run, but not to Sonar.
I am sorry that there is nothing easier available to you - but that's how things are at the moment ... Good luck!

Resources