sonarqube

问题 Hi the problem i am having is after upgrading from 5.1.2 -> 5.6 -> 6.4. I believe i followed the upgrade path as documented. The system worked fine on 5.1.2 & 5.6 but now on 6.4 the initial projects page that loads first thing is empty. It reads "Once you analyze some projects, they will show up here." Does this mean i need to analyse new projects? It does not pull the old analysis from the previous versions? If i go into administration -> projects -> management i see all the projects in

问题 I have a gitlab-ci integration that require a sonar analysis and if the quality gates pass, to build a docker image. Is this possible using gitlab-ci ? 回答1: To break the CI build for a failed Quality Gate, 1.Search in /report-task.txt the values of the CE Task URL (ceTaskUrl) and CE Task Id (ceTaskId) 2.Call /api/ce/task?id=XXX where XXX is the CE Task Id retrieved from step 1 Ex:- https:///api/ce/task?id=Your ceTaskId 3.Wait for sometime until the status is SUCCESS, CANCELED or FAILED from

问题 I have just separated the unit tests and the integration tests. I wanted to separate the coverage results from UT and from IT. I followed this tutorial and it works (Thanks @JohnDobie). Sonar displays the separate code coverage results and the unit test success (upper right). But how can i get the integration test success in sonar ? 回答1: Awaiting for an implementation in sonar of the IT execution results (see the @Fabrice answer). I have found a workaround in this tutorial. The idea is : ...

问题 I'm evaluating SonarQube 5.4 with SonarLint eclipse plugin. SonarQube as well as the plugin are set up and are running. But now I'm pretty confused how SonarLint is supposed to run in 'connected mode': SonarLint is connected with SonarQube and is bound to the corresponding project. But some issues are only shown in SonarQube. It was my understanding SonarLint should be able to identify issues like Malicious code vulnerability - May expose internal representation by incorporating reference to

问题 I saw some posts on stackoverflow, like this one and this, but problem still exists. I updated sonarqube from 5.3 to 5.6. Here's example of my config: sonar.security.realm=LDAP sonar.security.savePassword=false sonar.security.localUsers=admin ldap.authentication=simple ldap.url=ldap://ipa.company.com ldap.bindDn=uid=ldap_search,cn=users,cn=accounts,dc=company,dc=com ldap.bindPassword=************* ldap.user.baseDn=cn=users,cn=accounts,dc=company,dc=com ldap.user.request=(&(objectClass

问题 I saw some posts on stackoverflow, like this one and this, but problem still exists. I updated sonarqube from 5.3 to 5.6. Here's example of my config: sonar.security.realm=LDAP sonar.security.savePassword=false sonar.security.localUsers=admin ldap.authentication=simple ldap.url=ldap://ipa.company.com ldap.bindDn=uid=ldap_search,cn=users,cn=accounts,dc=company,dc=com ldap.bindPassword=************* ldap.user.baseDn=cn=users,cn=accounts,dc=company,dc=com ldap.user.request=(&(objectClass

问题 I'm trying to develop a custom rule for SonarQube Java Plugin, where it will analyze Android code. I've already created some rules that just identify basic functions of Java as the example below: @Override public void visitNode(Tree tree){ MethodInvocationTree method = (MethodInvocationTree) tree; Symbol symbol = method.symbol(); if (symbol.name() != null && symbol.name().equalsIgnoreCase("createTempFile")){ reportIssue(method.firstToken(), "Criação de arquivo temporário identificada.

问题 Background: We have two subprojects each with many sub-sub-projects. The root project is an empty parent. We have one project that is strictly for the flyway plugin. Often times names do not match directories. For perspective, settings.gradle is 219 lines and roughly half of those are projects. So I'm getting this error: Caused by: java.lang.IllegalStateException: The base directory of the module ':commons:sitewidget' does not exist: /dev/abc/commons/:commons:sitewidget Here is the question:

问题 I'm writing an internal manual for SonarQube administration but after getting ElasticSearch engine into the product I have not been able to close the circle. Before this, a DB backup and copy some folders where enough to save SQ status, but what should I do now with ElasticSearch? Should I simply use one more node of ES so to have a live duplicate of indexes? Should I make a copy of the new node shards and keep it as backup? And how can I restore the SQ status if required? 回答1: No need to

问题 I installed SonarQube 6.1 with MSBuild.SonarQube.Runner-2.2.0.24 to analyse a C# solution. When I run an analysis, I get the following error: WARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project. ERROR: Error during SonarQube Scanner execution java.lang.IllegalArgumentException: Start pointer [line=90, lineOffset=89] should be before end pointer [line=90, lineOffset=89] at org.sonar.api.internal