Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use Sonarcloud for code analysis #2055

Closed
lwrage opened this issue Nov 9, 2019 · 3 comments · Fixed by #2099
Closed

Use Sonarcloud for code analysis #2055

lwrage opened this issue Nov 9, 2019 · 3 comments · Fixed by #2099

Comments

@lwrage
Copy link
Contributor

lwrage commented Nov 9, 2019

Summary

Explore if Sonarcloud can be used to scan code for bugs and vulnerabilities.

This would enable us to use Kotlin or Scala for plugin development.

Environment

  • OSATE Version: 2.6.0
  • Operating System: all
@lwrage lwrage added this to the 2.6.1 milestone Nov 9, 2019
@lwrage lwrage self-assigned this Nov 9, 2019
@lwrage
Copy link
Contributor Author

lwrage commented Nov 25, 2019

Preview available at https://sonarcloud.io/organizations/osate/projects
This was created by a manual run of mvn sonar:sonar on my laptop. Still need to figure out how to get code coverage results reported. Tests are written in Xtend, maybe that's the issue.

@lwrage
Copy link
Contributor Author

lwrage commented Nov 25, 2019

By default files in .gitignore are ignored for analysis. This included xtend-gen directories. Needed to add <sonar.scm.exclusions.disabled>true</sonar.scm.exclusions.disabled> to the main pom.

@lwrage
Copy link
Contributor Author

lwrage commented Nov 28, 2019

Waiting for IT to enable access to sonarcloud.io from the build server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant