I'm new to sonar and installed this Build-stability plugin. But when i run it locally i get this error.
Caused by: org.sonar.api.utils.SonarException: Access to the secured
property 'sonar.build-stability.username.secured' is not possible in
preview mode. The SonarQube plugin which requires this property must
be deactivated in preview mode.
How to disable a plugin in different modes? Any other help would be appreciated.
Go to the Settings > General page and the add the "buildstability" plugin part of the default list of plugins to be excluded for Preview and Incremental modes. Ticket created to make this behavior the default one : https://jira.codehaus.org/browse/SONAR-4980.
Related
I have issues reported for my project through PMD analysis and am allowing sonarqube to consume the report through external properties.
Now I can see the external issues in sonar UI, but am not able to change the issue status from open to confirmed…there is no dropdown available.
I am using SonarQube 8.5.1 version.
Could someone help how will be able to change the issue status for these?
see here
There are a couple of limitations with importing external issues:
you can't manage them within SonarQube; for instance, there is no ability to mark them False Positive.
you can't manage the activation of the rules that raise these issues within SonarQube. External rules aren't visible on the Rules page or reflected in Quality Profiles.
I have a brand new TFS2018 test installation and try to run a maven build with sonarqube analysis.
The sonarqube extension is installed from the marketplace and configured to use our internal Sonarqube. I added the prepare and publish SonarQube steps to my build like described.
In the prepare step I can successfully select my SonarQube endpoint from the drop down box.
When I now tick the "Use SonarQube" check box in my maven task the SonarQube-Endpoint drop-down box is empty. My SonarQube-Server "Heuboe" does not show up. Even if I type it in the box stays invalid.
Any hint what's going wrong? Does anybody now how to file an issue to SonarQube directly. I can view issues under: https://jira.sonarsource.com/browse/VSTS/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel
but I didn't find a way to report one.
The Maven task is expecting a Generic Endpoint. The SonarQube extension adds another type of endpoint specifically for SonarQube, which the built-in Maven task has no awareness of.
Version 2.* of the task (which should be selectable from the dropdown menu for the task) has another method of running SonarQube, which will use the endpoint defined in the Prepare Analysis step.
I'm trying to create method without add comment or documentation it, I expected SonarLint would show errors based on rules, but I don't see any errors or warnings. Why?
The particular rules you're looking for are "common" rules applied at the server. You're not going to see them in SonarLint. But in general:
Out of the box, SonarLint runs with the Sonar way (default) profile. If you want additional rules applied in the IDE, you'll need to:
set up a SonarQube instance (assuming you don't already have one)
configure a Quality Profile to your liking
apply it to your project
connect your project in the IDE to the project on the server
At this point you will see (almost) all the same issues in both places.
I want to use a specific sonar profile with analysis mode preview for generating comments that go into our github pull requests.
The default quality profile for the project includes minor and info level rules which will cause hundreds of extra comments (and literally thousands of github notification emails). So it has to be a quality profile specific to this purpose.
Running the build like this:
mvn sonar:sonar -Dsonar.profile.java=PRComments -Dsonar.analysis.mode=preview
Fails with the following error:
sonar.profile was set to 'PRComments' but didn't match any profile for any language.
The PRComments quality profile exists and works perfectly if I don't specify the preview mode. And yes I know that -Dsonar.profile is deprecated and it makes me sad too.
For info I'm using the sonarqube github plugin http://docs.sonarqube.org/display/PLUG/GitHub+Plugin to push the comments into github - but the failure above appears even if I don't use this plugin. Unfortunately the github plugin doesn't seem to have an option to skip adding comments for violations below a configurable severity level.
Is this possible or do I have to give up?
We have upgarded sonar server 3.5.1. In order to use sonar I have upgraded my local eclipse to Juno(4.2) and sonar plugin to 3.1. Sonar server is able to exclude some packages usign sonar.excustions key and does not show violations for those packages. But when I run report for sonar local analysis I see even though I added sonar.exclusions from local properties it does show violations for exluded files. How i can resolve this issue.
Thanks in advance.
Sapana.
There's currently a limitation on Sonar side (see http://jira.codehaus.org/browse/SONAR-4265) that prevents modules to retrieve all their related settings when analyzed independently from their root project.
Feel free to watch and vote for the ticket.