The company is concerned about the Sea Lions committing trade secrets. In true Dilbert fashion, they decided the solution was to ban the word "secret" from method and variable names.
Conveniently, we had a developer (Jeanne) handy to write the rule. You can browse the source code at
(SecretNotAllowedRule.java is the most interesting class)
- Copy the snapshot jar of this rule to a directory on your machine. You can use Maven to build sonar-custom-rule or use the pre-built version from
-
cd to the directory where you downloaded (or built) the jar.
-
docker cp sonar-custom-rule-0.0.1-SNAPSHOT.jar sonarqube:/opt/sonarqube/extensions/plugins/sonar-custom-rule-0.0.1-SNAPSHOT.jar
-
docker restart sonarqube
-
Go to http://localhost:9000 (remember it could take a minute so refresh if you don't see the screen)
-
Login (admin/admin)
-
Close the tutorial popup by clicking the Skip button
-
Click "Quality Profiles" in the top navigation
-
Click "Create" on the upper right
-
Enter a name of your choosing and select "Java" from the pulldown
-
Click "Create"
-
Note your quality profile has zero rules
-
Note how many rules are in the quality profile now. (It was 299 active rules when we tested)
-
Click "Activate More"
-
Click "Activate"
-
Leave the default of "Critical" and choose "Activate" again.
-
Click "Quality Profiles" in the top navigation and observe one more rule is active.
For this step you will need to have completed Section 7.1 - "Download and Build sea-lion Project", in which the sea-lion project was built using the local Nexus repository.
The sea-lion-project directory referred to in Steps 5 and 6 assume you are running it in the directory where the sea-lions project was previously built.
-
Download the CLI for your operating system from https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
-
Extract the files to a new directory and make sure to write down where you placed it, since you will need the full path later, such as:
~/Downloads/sonar-scanner-1.2.3
- Navigate to the /conf directory of the extracted files, open the sonar-scanner.properties file with your favorite text editor, and uncomment the # in the following line:
sonar.host.url=http://localhost:9000
-
Save the properties file.
-
Navigate (cd) into the sea-lion-project folder
-
Run the /bin/sonar-scanner executable from the extracted folder in the sea-lion-project directory. You'll need the full path you created in Step 2. The following example demonstrates this, although your paths may vary locally:
$ cd OracleCodeOne2018-HOL-Automating-Stack-
Groovy/sea-lion-project
$ ~/Downloads/sonar-scanner-1.2.3_/bin/sonar-scanner_