I am currently developing a new PL/SQL plugin (language: "plsql", key: "plsql-cop") for SonarQube (using sonarqube-5.0.1), my PL/SQL "checker" is an external java program which is analyzing the PL/SQL code and creates an XML report with all the found recommendations. I started with the recommended "sonar-reference-plugin" from GitHub to do this. To test my plugin I use SonarQube on localhost in a web browser.
The rules are implemented by implementing "RulesDefinition"; this part is easy to implement, works fine and I can see all my PL/SQL rules in my local running SonarQube in the tab "Rules".
The profile is now harder to implement. So I imported my XML profile manually via "Restore Profile" button into the SonarQube web app on the tab "Quality Profiles" successfully (no errors). But I cannot see my profile with my rules mapped. In fact I cannot see my profile definition at all on the tab "Quality Profiles" anywhere. But when I install the sonar-plsql-plugin-2.7, I can see my Profile with my mapped rules and of cause the "Sonar way" definition.
Now here are my questions:
Why do I have to install the SonarQube PL/SQL plugin to see the
section "PL/SQL Profiles" on the "Quality Profiles" tab?
How can I make my own "PL/SQL Profile" section on the "Quality
Profiles" tab?
When I try to analyze some PL/SQL project, the process is stop with
the follwoing error messages "ERROR: Error during Sonar runner
execution ERROR: Unable to execute Sonar ERROR: Caused by: No
license for plsql". Can I not create my own plugin for SonarCube for
the language "plsql"?
How can I analyze PL/SQL with my own plugin without getting the
error message above and still see my profile in SonarCube?
Any help is highly appreciated! I would like to continue with my own SonarQube PL/SQL plugin.
You are not allowed to install the commercial PL/SQL plugin without a license. You also are not allowed to alter it. So, you should either obtain a valid license, or uninstall it from your SonarQube server.
See how an open source language plugin such as PHP does it: PHPProfile.java
See point 1
See point 1
Here are a few considerations to take into account:
If you want to be able to use your plugin without the SonarQube PL/SQL plugin installed, you need to declare a new SonarQube language in your plugin: See Php.java
If you want to be able to use your plugin both without and side-by-side with the SonarQube PL/SQL plugin (i.e. run both on your project), you will need to use a different language name than plsql - else the license validation from the official plugin will kick in [that is - only when it is installed of course].
If you want to make your plugin a pure addition to SonarQube PL/SQL plugin (i.e. you must have it installed and have a valid license for it) - then you do not need to declare your own SonarQube language: simply create a new rule profile using the existing plsql language key.
Related
I have a brand new TFS2018 test installation and try to run a maven build with sonarqube analysis.
The sonarqube extension is installed from the marketplace and configured to use our internal Sonarqube. I added the prepare and publish SonarQube steps to my build like described.
In the prepare step I can successfully select my SonarQube endpoint from the drop down box.
When I now tick the "Use SonarQube" check box in my maven task the SonarQube-Endpoint drop-down box is empty. My SonarQube-Server "Heuboe" does not show up. Even if I type it in the box stays invalid.
Any hint what's going wrong? Does anybody now how to file an issue to SonarQube directly. I can view issues under: https://jira.sonarsource.com/browse/VSTS/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel
but I didn't find a way to report one.
The Maven task is expecting a Generic Endpoint. The SonarQube extension adds another type of endpoint specifically for SonarQube, which the built-in Maven task has no awareness of.
Version 2.* of the task (which should be selectable from the dropdown menu for the task) has another method of running SonarQube, which will use the endpoint defined in the Prepare Analysis step.
I'm trying to create method without add comment or documentation it, I expected SonarLint would show errors based on rules, but I don't see any errors or warnings. Why?
The particular rules you're looking for are "common" rules applied at the server. You're not going to see them in SonarLint. But in general:
Out of the box, SonarLint runs with the Sonar way (default) profile. If you want additional rules applied in the IDE, you'll need to:
set up a SonarQube instance (assuming you don't already have one)
configure a Quality Profile to your liking
apply it to your project
connect your project in the IDE to the project on the server
At this point you will see (almost) all the same issues in both places.
I want to use a specific sonar profile with analysis mode preview for generating comments that go into our github pull requests.
The default quality profile for the project includes minor and info level rules which will cause hundreds of extra comments (and literally thousands of github notification emails). So it has to be a quality profile specific to this purpose.
Running the build like this:
mvn sonar:sonar -Dsonar.profile.java=PRComments -Dsonar.analysis.mode=preview
Fails with the following error:
sonar.profile was set to 'PRComments' but didn't match any profile for any language.
The PRComments quality profile exists and works perfectly if I don't specify the preview mode. And yes I know that -Dsonar.profile is deprecated and it makes me sad too.
For info I'm using the sonarqube github plugin http://docs.sonarqube.org/display/PLUG/GitHub+Plugin to push the comments into github - but the failure above appears even if I don't use this plugin. Unfortunately the github plugin doesn't seem to have an option to skip adding comments for violations below a configurable severity level.
Is this possible or do I have to give up?
I am using sonar to review my code for a java project. the version that I am using is v.2.9, I am using sonar for the first time. I have no idea how to add project in sonar server.
Please help on this
Thanks.
There's no option to "add" a project in Sonar from Sonar UI. Projects are automatically added to Sonar whenever a successful analysis occurs.
I'd suggest you the following :
Upgrade to a more recent Sonar version. http://www.sonarqube.org/downloads/
Read the analyzing source code guide where you can find instructions for all available methods to trigger a new analysis
Update : Sonarqube allows (I think after 5.x version) provisioning of projects as described in their documentation
With Administrator role, you can "Provision" a project.
Log in as administrator
Select Settings from the menu
Select System -> Provisioning from the sub-menu
Click Create (at the very far right of the frame)
It's pretty straight forward with the newest version. All you have to do is installing as the guide. And it will prompt a command which you need to execute with your build tool at the project folder.
For an example for maven it would be like
mvn sonar:sonar -Dsonar.host.url=http://localhost:9000 -Dsonar.login=4aa32e977ab1513e3fe5c3ac0c7883528d01a5e8.
With a command similar to this reports will be sent to the Sonarqube. And code analysis will be done
I used TeamCity to create CI, The CVS is ClearCase. I have test the connection when configure the Version Control Settings on TeamCity, Connection successful!
But when I run this build, it's not correct, the status of build will show "Checking for changes" for a long time, the source code is only 40M.
My ClearCase view's config spec as following:
element * CHECKOUT
element * /main/LATEST
load \Tranning
Anyone meets the same issue?
Is this configuration correct?
The page on "ClearCase support" mentions:
When using the ClearCase integration, it is helpful to open the Version Control tool window. Its Console tab displays the following data:
All the commands generated based on the settings you specify through the IntelliJ IDEA user interface.
Information messages concerning the results of executing generated ClearCase commands.
Error messages.
So that would go a long way in order to debug whatever error the integration with ClearCase currently has with your view.
I assume you have the full ClearCase client installed with your agent (not CCRC, ClearCase Remote Control)