Questions tagged [sonarqube]

0

votes
1

answer
13

Views

How to fix “The following languages have no built-in quality profiles” since SQ 7.2.1 with custom plugin

I develop custom SQ plugins for several SQ versions. I am facing a issue since SQ 7.2.1. On SQ startup, le web.log file tells -normal Register rules -start [o.s.s.q.BuiltInQProfileRepositoryImpl] Load quality profiles -stops with the following error : [o.s.s.p.Platform] Background initialization fai...
D Cruette
1

votes
1

answer
1.4k

Views

Unit Test Coverage not visible in Sonarqube

I am running analysis on my solution which contains a Unit Test project just like any other projects . But there is 'No Data' in Unit Test Coverage Widgets .But I can see the analysis if I open respective folder/file of UT . How can I see Unit Test Coverage details by adding widget.
Rehan Haque
1

votes
1

answer
823

Views

What is Cognitive Complexity in sonar report?

Now a days i switched to sonar reports for static code review and performance improvement. Under the rules section I found that the cognitive complexity of my methods are high. You can find cognitive complexity error in sonar as: Go to Project->Issues Tab->Rules Drop-down->Cognitive Complexity Below...
Akshay Paliwal
1

votes
1

answer
53

Views

SonarQube use case in a multi-teamed monolithic application development

We have a monolithic application in development. Development is done by several backend teams. Our application is not tightly coupled and in general you can say, that each team is responsible for it's own set of Symfony bundles (say, top-level directories inside src folder). We are now trying to use...
1

votes
2

answer
658

Views

cannot update default project visibility to private

We have configured Sonarqube 6.7.3 fresh setup (no history, no old data). I am trying to update the default project visibility to private using admin credentials as well as my account which is added to sonar-admin group but getting below error Unknown url : /api/organizations/update_project_visibili...
Coc
1

votes
2

answer
88

Views

SonarQube issue with New FileReader

Below mentioned Code snippet gives Sonar comment with following squid rule: squid:S1943 try(BufferedReader reader = new BufferedReader(**new FileReader**(properties.get(FILE_BASED_CONFIGURATION).toString()))) { //some code } catch (IOException | ArrayIndexOutOfBoundsException e) { LOG.error('Except...
yug
1

votes
3

answer
32

Views

Getting : Remove this Redundant Jump in SonarQube

I have a method in which there is a if else conditions . The if-else looks something similar as below. public void agreementCoduct(String agreement) { if(agreement.equals('Pass')) { { //do someting return; // getting Remove this Redundant Jump } else if(aggrement.equals('NotPass')) { // do something...
Sadina Khatun
0

votes
0

answer
4

Views

Getting Metric 'files' should not be computed by a Sensor when sinning run-sonar-swift.sh -v

Currently I am implementing SonarQube in project but after all setting I am getting error like Running Lizard...Running SonarQube using SonarQube Runner..ERROR: Error during SonarQube Scanner execution ERROR: Metric 'files' should not be computed by a Sensor ERROR: ERROR: Re-run SonarQube Scanner...
Satyen Chauhan
1

votes
0

answer
185

Views

CORS with SonarQube

I am trying to put an iframe tag inside my jenkins website from sonarqube (version 6.7) specific project. i get this error: 'refused to display 'https://...' in a frame beacuse it set X-Frame-Options to sameorigin' I added this code to the web.xml file - CorsFilter org.apache.catalina.filters.CorsF...
Noa Amir
1

votes
0

answer
261

Views

SONAR quality gates on cross-projects

We have set up our branching strategy in Bitbucket in a way that for each release to production we create a new release branch in Bitbucket (User Acceptance Testing and then the production release is done from this branch). Now for each feature to be developed in that release, we create a new featu...
Mitesh Parikh
1

votes
1

answer
341

Views

SonarLint “Connection refused” to SonarQube 6.7

Since upgrading SonarQube from 6.6 to 6.7 I'm facing the Problem, that I can't connect SonarLint for IntelliJ with the SonarQube Server. I need to configure a corporate proxy but the configuration worked with SonarQube 6.6 and hitting 'Test Connection' also returns an OK. The Error Message when conf...
Christoph Forster
1

votes
2

answer
295

Views

Code analysis changes if SonarQube full analysis report enabled in VSTS

I've been setting up SonarQube analysis for one of our builds in VSTS, and I've noticed that there's a difference in the code analysis / build warnings if the advanced option 'include full analysis report in build summary' is enabled in VSTS. We have a custom ruleset enabled for our local builds in...
Tom Anderson
1

votes
0

answer
285

Views

SonarQube: Configure VSTS to analysis GitHub Pull Requests

I am using VSTS for CI and CD. We have a workflow which involves pull requests in Github. These are automatically built and tested by VSTS. I am trying to add SonarQube analysis to this workflow. I have tried adding the SonarQube VSTS plugin from the marketplace and then passing the github parameter...
1

votes
1

answer
143

Views

Sonarqube failing to start even after clearing the $SONAR_HOME/data/es folders

I am getting the below error message in the sonarqube logs and sonarqube web page is not accessible. I found out the solution that clearing the $SONAR_HOME/data/es/ would fix it. But it didn't. Please let me know if there are any other alternative ways. 2017.11.30 08:58:51 WARN es[o.e.index.engine...
Sandeep.Mulawad
1

votes
0

answer
79

Views

SonarQube passing code that should fail

Using sonarqube-6.3.1 and sonar-scanner-3.0.3.778, I can run the command .sonar-scanner from the bin directory of the scanner folder. This outputs a bunch of stuff stating that it's loading and scanning. I can view this on the SonarQube webpage and see the files I expect when I click the code tab f...
JoeSlingsby
1

votes
0

answer
114

Views

Unable to uninstall the SonarPLSQL plugin

I go to Administration > Marketplace. For all other plugins that I have installed (SonarJS, SonarJava, ...) I see a 'Uninstall' button to the right. For SonarPLSQL it just says 'Installed'. How do I uninstall this plugin?
Pmarcoen
1

votes
0

answer
523

Views

SonarQube integration with gradle

I am integrating Sonar qube with gradle. I have mentioned plugin and required properties in app level build.gradle file.But command execution failed with exception. Please clarify what else required? Build.gradle : plugins { id 'org.sonarqube' version '2.6.1' } sonarqube { properties { property 'son...
Anshika Bansal
1

votes
2

answer
335

Views

Why doesn't Sonar read the format of django-nose coverage results?

When I try to send a python project with sonar-scanner, it throws an exception: Caused by: java.lang.IllegalStateException: Unknown report version: 4.4.2. This parser only handles version 1.'. Before trying to introduce the cover, the project was run normally, the project is python code and the re...
Jose Luis Vallina
1

votes
1

answer
256

Views

Sonar api : what is the purpose of analysisid?

I'm following the guide to be able to control job status based on sonar report : https://docs.sonarqube.org/display/SONARQUBE53/Breaking+the+CI+Build Here, it is explained you get a taskid ,and when task is completed you retrieve a analysisId that can be used to get the qualitygate info using /api/q...
Xtof
1

votes
0

answer
2.9k

Views

Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar

We recently upgraded from Sonarqube 5.6 to 6.7.1 and can no longer scan our projects successfully. Versions I am currently using: SonarQube 6.7.1 Java 1.8 mysql 5.7 I am executing using mvn sonar:sonar Error message I am receiving: [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-...
jman
1

votes
0

answer
74

Views

Data lost Sonarqube migration 6.6 to 6.7.1

I am trying to upgrade sonarqube from version 6.6 to LTS version 6.7.1. I noticed post migration all the projects configured are lost. Wondering if anyone has encountered this before or there is any solution to it.
jeevs
1

votes
1

answer
287

Views

SonarQube. Custom rule needs to access to file

I implemented rule where I needed to extract data from external file. I put this file in resources folder and extract it with the following construction: CustomRuleCheck.class.getResource(/com/packagename/file.json) During JUnit testing is everething ok, but when I run an integration testing I canno...
Vladimir Topolev
1

votes
1

answer
184

Views

How to cover java test using Coverage.py library

Devlopment stack is in Python (flask) and our automation suite(API) is coded in Java . So which is the best library can be used for code coverage
Aneesh Goel
1

votes
1

answer
237

Views

sonar-scanner-vsts task fails to install in TFS 2017

I'm getting an error when installing the sonar-scanner-vsts downloaded from the marketplace and installed in TFS 2017 with the version 4.0: The task.json file was not found in contribution tasks/scanner-cli. Looking over the source at git-hub, looks like folders were added but the manifest JSON was...
Jesse Campbell
1

votes
1

answer
491

Views

Compare Sonar Qube result from different Git branches

We use Sonar Qube to collect metrics about our project. We use Git as version control system. Each project has a Master repository and several team contribute to this via pull requests of their branches. We make nightly build and releases of the master, this includes Sonar analysis. We would like to...
k.c.
1

votes
1

answer
450

Views

How to add TSLint rules to Sonarqube Typescript plugin?

An existing TS project with a set of TSLint rules activated want to be analyzed with Sonarqube, therefore I installed the latest LTE version of sonarqube as well as TS plugin provided by Sonar. Despite the fact the TS plugin includes a good set of rules, the ones currently used by the project does n...
XtianGIS
1

votes
0

answer
191

Views

Get Arquillians Code Coverage Using JaCoCo

I have a Maven build that runs Arquillian tests on a Wildfly. What I want to do is run JaCoCo as well so that I get a test coverage. What I did to my working Arquillian setup: I changed the parent's pom.xml the following way: jacoco reuseReports ../target/jacoco/jacoco-ut.exec ../target/jacoco/jacoc...
Steffi S.
1

votes
0

answer
42

Views

How to present external data in Sonarqube?

I like to include Gauge (http://gauge.org) results in SonarQube (LTS 6.7.1), basically by simply include execution information for a project (which is stored locally in a junit xml file). What spec and scenarios have been run etc. But I completely fail on how to integrate this in sonarqube. I manage...
Emerson Cod
1

votes
0

answer
496

Views

SONAR not reporting cucumber test results

My maven project is trying to use SONARqube through Jenkins for test coverage report. We are able to see the test coverage for testcases that use Junits; but for those which are covered using Cucumber/gherkin, we are unable to see the coverage report. Sonarqube is not even taking that code into acco...
Ram
1

votes
0

answer
752

Views

Jenkins job: Sonarqube server can not be reached

In Jenkins, I created a job to test a Sonarqube configuration, but the job fails with errors. I tried several times to solve the problem, but I can't find the solution. Is there anyone who can help me? Below, I put the code of the Jenkins build. INFO: Scanner configuration file: D:\Jenkins\Jenkins_...
Wlllem Dalen
1

votes
0

answer
145

Views

What is the proper way to know the size of DB needed for SonarQube?

From what I have seen on the web they say: 2.The amount of disk space you need will depend on how much code you analyze with SonarQube. As an example, SonarCloud the public instance of SonarQube, has more than 30 millions lines of code under analysis with 4 years of history. SonarCloud is currently...
Juan Jose Jaramillo
1

votes
0

answer
178

Views

SonarQube Scanner for MSBuild, could not upload results to the web interface

I am running SonarQube for analyzing my C# project. I am running on the console. Despite the fact it says everything is ok, the results are not shown in the web interface. This is the result from the SonarQube Scanner for MSBuild: SonarQube Scanner for MSBuild 4.0.2 Default properties file was found...
Marcus
1

votes
0

answer
275

Views

Include iOS Swift Projects Test Data in SonarQube Analysis

We are setting up a Swift iOS Project, build with fastlane, to be analysed by SonarQube with the SonarSwift Plugin. Everything works so far except for information about the Tests. We archived to add Code coverage by generating a report with slather (llvm-cov) and renaming it Coverage.report and fill...
Peter Schumacher
1

votes
1

answer
224

Views

Import SoapUI JUnit result in SonarQube

I use SonarQube: Version 7.0 (build 36138)-LGPL v3-Community. I would like to import the results of SoapUI tests suites executions in SonarQube as explained on this page: (https://docs.sonarqube.org/pages/viewpage.action?pageId=1442166) I run the SoapUI tests and have results generated in JUnit xml...
Wognin
1

votes
1

answer
277

Views

TS code scanning does not return error but tslint returns a list of errors

i am having a strange issue - for TS sources, the sonarQube runs but does not return errors. I am using the SonarTS plugin. SonarQube returns 0% errors. Any idea what could be wrong. Thanks. My sonar-project.properties has the following - sonar.projectKey=CCW:20feb11 sonar.projectName=CCW20feb11 son...
Nosidec
1

votes
1

answer
278

Views

How do I measure security in SonarQube 7.0?

I have checked OWASP in SonarQube, but I'm looking for other security metrics to test my proyects in java. I've already checked the Security option in Sonarqube, but it seems to be related to variable names and simple security rules, so maybe there's a security plugin that could help me.
1

votes
0

answer
22

Views

Coding standard validator for angular

Is there any module (way) to validate and define the rules for the angular application coding standard with report generation (Currently using cli getting the code coverage report)? Also is possible to validate in sonar, as of now i can validate the template files for the w3c standard.
Govinda raj
1

votes
0

answer
212

Views

SonarQube not able scan complete python code

I have python script with around 520 lines of code. But when i am scanning it with sonar qube i could observe that only aroung 390 line of code is getting scanned. Please help me to fix this, my sonar version:: 5.6.7, sonar Python plugin verion:: 1.8.0.1496, mine is windows machine Below is my sonar...
Raghu
1

votes
1

answer
3k

Views

Configure gradle projects in SonarQube

I am working with Liferay DXP and I would like integrate SonarQube in my workspace, I am using gradle. My workspace is called: test-workpace My gradle.properies file (path: test-workspace/gradle.properties) is: systemProp.sonar.host.url=http://localhost:9000 systemProp.sonar.sourceEncoding=UTF-8 sys...
p.hevia
1

votes
0

answer
60

Views

Should empty cookies intended to delete to be marked as secure?

SonarQube found an issue (Cookies should be 'secure') in the following code: public static void eraseSamlCookie(final HttpServletResponse response) { final String cookieName = Config.getParameter(Constants.SSO_COOKIE_NAME); if (cookieName != null) { final Cookie cookie = new Cookie(cookieName, '');...
agabrys

View additional questions