sonarqube

问题 Our use case for Sonar creates new Sonar projects for each branch of our repository. How do we automatically associate the new branch project with a (non-default) Quality Profile and Quality Gate? We're running this in a Maven project if that's relevant. 回答1: We had the same issue, within our company, and the only solution was to use the deprecated attribute sonar.profile (https://docs.sonarqube.org/display/SONAR/Analysis+Parameters). Sidenote: Generally there is also a interesting view on

问题 I'm using Gradle 4.4 on my Java project with JaCoCo 0.8.0, and Sonar with SonarJava 5.0.1. I have a class annotated with lombok's @Value and @Builder . My JaCoCo config in build.gradle looks like this: jacoco { toolVersion = "0.8.0" reportsDir = file("$buildDir/reports/jacoco") } jacocoTestReport.doFirst{ classDirectories = files("buildDir/classes") } task jacocoReport(type: JacocoReport){ sourceSets sourceSets.main executionData test, integrationTest } Also, I have lombok.confi file, with

问题 I finished this tutorial on medium in order to integrate my Xcode project with sonarQube to have some metrics. Setup SonarQube - Swift. I was able to make it through the last step that is: running "fastlane metrics" on the terminal while being in the root of the project directory. But i get this error on step "slather" nokogiri requires Ruby version >= 2.3.0., fastlane finished with errors: I have also found that someone had a similar question here, but no answers: Similar Question If i run:

问题 We updated Sonarqube to version 5.2. After it, some Java projects start failing with following exception: 2015.12.22 02:42:13 INFO [o.s.s.c.s.ComputationStepExecutor] Execute component visitors | time=9942ms 2015.12.21 13:01:45 ERROR [o.s.s.c.t.CeWorkerRunnableImpl] Failed to execute task AVHFtA0KaMG72s7lWjEx java.lang.IllegalArgumentException: Multiple entries with same key: MeasureKey{metricKey='lines', ruleId=-6253, characteristicId=-6253}=org.sonar.db.measure.PastMeasureDto@7493f7f3 and

问题 I want to scan existing .cs files with sonarqube. I understood that I need to use SonarQube Scanner for MSBuild, and this one requires to create a project to analyze. So I created a project on Visual studio from existing files and declared it as Class Library. But while executing SonarQube Scanner for MSBuild, I've got this error: WARNING: The project has an invalid GUID "00000000-0000-0000-0000- 000000000000". The project will not be analyzed by SonarQube. Project file: C:\Users\sas1

问题 According to the documentation I've found Sonar will not analyse test code by default. I found some Jira's that indicate it should be possible but nothing with enough information on how to do it. It's java code setting under src/test/java. I use both the eclipse plugin for local analysis and sonar-runner plugin for gradle via a jenkins job on the CI server so ideally the solution would support both those. Ta, Andrew 回答1: As of SonarQube 4.2, the only way to have some test code analyzed is to

问题 We are running SonarQube(5.0.1), with sonar.net-runner on a TFS (2010) team build. FxCop works fine, and everything runs perfect, I see all the issues in sonar. However, when I try to pull in the test results in sonar, I run into an issue. When I set the property sonar.cs.vstest.reportsPaths to an absolute file of a trx file, it publishes my test results to sonar. Great . But when I use a wild card, my test results don't get published in sonar. Not so great Configurations I've tried. #1 sonar

问题 I have spent a day migrating all PMD and Checkstyle rules to the new Squid rules, as the PMD/Checkstyle ones are marked as deprecated. However, some fine tuning options which I am used to with PMD/CS, are not present in Squid. As a result, Sonar is cluttered with thousands of issues which reports nothing of real value. Example 1 Rule: BadConstantName_S00115_Check / S00115 All our enums are implemented with camelCase instead of CONSTANT_NAME, e.g.: public enum Classification { PoorMinus(1),

问题 Can we run 2 instances(2 different versions) of Sonar on same machine? At present Sonar 3.7.3 is installed and is been used with Hudson for Sonar Reports. Now, there are some projects that run on Java 8 and Java 8 is not supported by 3.7.3 Sonar version. So to run the Java 8 projects, I need to use the latest version of Sonar but upgradation of Sonar would impact the existing projects that run on Java 6. So can we configure 2 Sonar instances and can configure Hudson accordingly so that both

问题 I use SonarQube (5.1 with cppecheck 1.70) to analyse C-code. In following example, there is a Null Pointer Dereference issue that should be detected by SonarQube and/or Cppcheck (used by Sonar). But no issue found by SonarQube niether repported by Cppcheck. struct s1 { char c1; char c2; }; struct s1 * toto1(void) { return NULL; } void toto2(void) { struct s1* my_st=NULL; my_st = toto1(); my_st->c1 = 1; my_st->c2 = 0; return; } Is there any restriction on this rule (Null pointers should not be