Repository for Powershell language plugin for Sonar.
Currently plug-in supports:
- Reporting of issues found by PSScriptAnalyzer
- Cyclomatic and cognitive complexity metrics (since version 0.3.0)
- Reporting number of lines of code and comment lines metrics (since version 0.3.2)
Dev-Branch:
Master-Branch:
You can support this project and others via Paypal
- Download and install SonarQube
- Download plugin from the releases and copy it to sonarqube's extensions\plugins directory
- Start SonarQube and enable rules
- Prepare build agent machines:
- WINDOWS:
- Install PSScriptAnalyzer into your build machine where you plan to run sonar scanner, quick steps:
- In powershell terminal run (more info):
Install-Module -Name PSScriptAnalyzer -Force - Verify if module got installed successfully in poweshell terminal run (more info):
Invoke-ScriptAnalyzer -ScriptDefinition '"b" = "b"; function eliminate-file () { }' - You can check sample project to test plugin and verify configuration
- LINUX:
- Install Powershell on Linux (for example Ubuntu https://learn.microsoft.com/en-us/powershell/scripting/install/install-ubuntu?view=powershell-7.4)
- Install PSScript analyzer (https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/overview?view=ps-modules#installing-psscriptanalyzer), for example in the terminal execute to install it:
pwsh -Command "Install-Module -Name PSScriptAnalyzer -Force" - Test if module is working properly:
pwsh -Command "Invoke-ScriptAnalyzer -ScriptDefinition '"b" = "b"; function eliminate-file () { }'" - Once you executed previous steps, please specify "sonar.ps.executable" property to point to powershell executable on the linux (you can find it by using command
whereis pwsh): sonar.ps.executable="/usr/bin/pwsh"
Currently there is a possibility to override the following options either on server in the Administration tab or on the project configuration files:
- sonar.ps.tokenizer.skip - if set to true - skips tokenizer, which might be time consuming, defaults to false
- sonar.ps.file.suffixes - allows to specify which files should be detected as Powershell files, defaults to .ps1,.psm1,.psd1
- sonar.ps.executable - allows to specify powershell executable, defaults to powershell.exe (since version 0.3.0)
- sonar.ps.plugin.skip - if set to true - skips plugin in general, meaning that no sensors are run, defaults to false (since version 0.3.0)
- sonar.ps.tokenizer.timeout - maximum number of seconds to wait for tokenizer results, defaults to 3600 (since version 0.4.0)
- sonar.ps.external.rules.skip - list of repo:ruleId comma separated pairs to skip reporting of issues found by rules (since version 0.5.0)
Different plugin versions supports the following:
- 0.5.3 - Sonarqube version 8.9.2+ and PSScriptAnalyzer version 1.20+ rules, Java 17+
- 0.5.1 - Sonarqube version 8.9.2+ and PSScriptAnalyzer version 1.20+ rules, Java 11+
- 0.5.0 - Sonarqube version 6.7.7+ and PSScriptAnalyzer version 1.18.1 rules, Java 8
- 0.3.0 - Sonarqube version 6.3+ and PSScriptAnalyzer version 1.17.1 rules, Java 8
- 0.2.2 - Sonarqube 5.6+ version and PSScriptAnalyzer version 1.17.1 rules, Java 8