Skip to content

fundacionjala/enforce-sonarqube-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

530 Commits
.sfdx/tools
.sfdx/tools
 
 
apex-checks
apex-checks
 
 
apex-squid
apex-squid
 
 
apex-toolkit
apex-toolkit
 
 
sonar-apex-plugin
sonar-apex-plugin
 
 
sonar_sample_project
sonar_sample_project
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
descriptor.json
descriptor.json
 
 
pom.xml
pom.xml
 
 
sonar-project.properties
sonar-project.properties
 
 
sonarlint.json
sonarlint.json
 
 

Repository files navigation

Build Status license Download

Note: Apex plugin for SonarQube current functionality.

The plugin has support for the Apex language grammar, the current list of checks is focused mainly on test components. The support for more SFDC components is in progress.

Enforce Sonarqube Plugin

Description

The plug-in enables analysis of Apex source code with SonarQube.

Steps to Analyze a Apex Project

  1. Install SonarQube Server

    • Download and unzip the SonarQube distribution (let's say in "C:\sonarqube" for windows or "/etc/sonarqube/" for linux)

  2. Install SonarQube scanner and configure sonar-runner as an enviroment variable

    • For linux use, go to /etc/profile file, and add at the end of the file this code

            export SONAR_RUNNER_HOME=.../sonar-scanner-2.5.1
      export PATH=$PATH:$SONAR_RUNNER_HOME/bin.

    • For windows use, follow these steps using sonar scanner path and its bin folder as well

  3. Install Apex Plug-in; To do this, download the plugin file (apex-plugin.jar) from here, then copy and paste into "../sonarqube/extensions/plugins" folder.

  • Start the SonarQube server:

     ![starting SonarQube server](https://github.com/fundacionjala/enforce-sonarqube-plugin/blob/gh-pages/img/starting-sonarQube.png)
Note: These steps must be performed only once after plugin is installed in sonnarqube.
         3.1 Log in as administrator

sonar login

         3.2 Go to Rules tab

rules tab

         3.3 Select Apex in languages in the left panel.

select apex language

         3.4 Then click on Bulk Change option

         3.5 Click on activate in option

select Bulk Change

         3.6 Enter Apex and click on apply

write apex

###Scanning projects.

  1. Create a sonar-project.properties file at the root of your project

        sonar.projectKey=my:project
    sonar.projectName=My project
    sonar.projectVersion=1.0
    sonar.language=apex
    sonar.sources=.

    sonar.projectKey: must be unique in a given SonarQube instance

    sonar.projectName: this is the name displayed in the SonarQube UI

    sonar.language: specifies the language for analysis

    sonar.sources: this "dot" indicates to sonnar scanner to scan all files from the current level of directories, this is, all files that have an extension ".cls". This extension is defined by plugin scanner.

  2. Run sonar-runner command from the project root dir.

  3. Follow the provided link at the end of the analysis output to browse your project's quality in SonarQube project analysis result

Enforce plug-in for developers.

Prerequisites

To build a SonarQube plug-in, you need Java 8 (or greater) and Maven 3.1 (or greater).

Structure

Enforce plug-in divides its structure in the following modules:

enforce-sonarqube-plugin
  | - apex-checks
  | - apex-squid
  | - sonar-apex-plugin
  /

apex-checks: Represents all sonarqube rules for analyze Apex language.

apex-squid: Represents to static source analyzer, which provides an AST.

sonar-apex-plugin: Represents to implementation of sonarqube plugin for Apex language.

About

Apex static code analyzer.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

36 stars

Watchers

25 watching

Forks

39 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 10

Languages