Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SonarQube 9.9 (Java 11 compatible) #244

Closed
wants to merge 12 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
3 changes: 1 addition & 2 deletions .github/actions/test-plugin-installation/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# #%L
# AEM Rules for SonarQube
# %%
# Copyright (C) 2015-2019 Wunderman Thompson Technology
# Copyright (C) 2015-2024 VML
# %%
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -26,4 +26,3 @@ ARG inputs_aem_rules_binary
FROM $inputs_sonarqube_base_image

COPY $inputs_aem_rules_binary $SONARQUBE_HOME/extensions/plugins/$inputs_aem_rules_binary
# COPY sonar-findbugs-plugin-3.11.0.jar $SONARQUBE_HOME/extensions/plugins/sonar-findbugs-plugin-3.11.0.jar
4 changes: 2 additions & 2 deletions .github/actions/test-plugin-installation/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# #%L
# AEM Rules for SonarQube
# %%
# Copyright (C) 2015-2019 Wunderman Thompson Technology
# Copyright (C) 2015-2024 VML
# %%
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -24,7 +24,7 @@ inputs:
sonarqube-base-image:
description: 'Which base Docker image to use to set up SonarQube'
required: true
default: sonarqube-8.9-community
default: sonarqube-9.9-community
aem-rules-binary:
description: "Name of the JAR file to copy from Maven's 'target' directory into the plugins directory"
required: true
Expand Down
4 changes: 2 additions & 2 deletions .github/actions/test-plugin-installation/run-tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# #%L
# AEM Rules for SonarQube
# %%
# Copyright (C) 2015-2019 Wunderman Thompson Technology
# Copyright (C) 2015-2024 VML
# %%
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -31,7 +31,7 @@ print_usage() {
usage: $0 [IMAGE...]

examples:
$0 7.6-community
$0 9.9-community
EOF
}

Expand Down
23 changes: 7 additions & 16 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# #%L
# AEM Rules for SonarQube
# %%
# Copyright (C) 2015-2019 Wunderman Thompson Technology
# Copyright (C) 2015-2024 VML
# %%
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -20,34 +20,25 @@

name: build-and-analyse

on: [push]
on: [ push ]

jobs:
build:
runs-on: ubuntu-latest

strategy:
matrix:
java-version: [11]
java-version: [ 11 ]

steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java-version }}
distribution: 'adopt'
cache: maven
- name: Package the Maven project and analyse the AEM Rules code with SonarCloud
# The Sonar plugin automatically picks up the token from an env variable.
# See https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-for-maven/#configuration
# See https://docs.github.com/en/actions/security-guides/automatic-token-authentication
- name: Package the Maven project and analyse the AEM Rules code
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONARCLOUD_KEY }}
run: |
mvn clean package \
org.jacoco:jacoco-maven-plugin:report \
org.eluder.coveralls:coveralls-maven-plugin:report \
sonar:sonar -Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=wttech \
-Dsonar.projectKey=wttech_AEM-Rules-for-SonarQube
mvn clean package jacoco:report coveralls:report
12 changes: 6 additions & 6 deletions .github/workflows/test-instalation.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# #%L
# AEM Rules for SonarQube
# %%
# Copyright (C) 2015-2019 Wunderman Thompson Technology
# Copyright (C) 2015-2024 VML
# %%
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -29,17 +29,17 @@ jobs:
strategy:
matrix:
sonarqube-image:
- 'sonarqube:8.9-community'
- 'sonarqube:9.4-community'
- 'sonarqube:9.9-community'
- 'sonarqube:10.7-community'
- 'sonarqube:lts-community'
- 'sonarqube:latest'
fail-fast: false
steps:
# To use this repository's private action,
# you must check out the repository
- name: Checkout
uses: actions/checkout@v3
- uses: actions/setup-java@v3
uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'adopt'
Expand All @@ -58,4 +58,4 @@ jobs:
sonarqube-base-image: ${{ matrix.sonarqube-image }}
aem-rules-binary: ${{ steps.get-executable-name.outputs.aem_rules_jar_name }}
docker-hub-login: ${{ secrets.DOCKER_HUB_USERNAME }}
docker-hub-token: ${{ secrets.DOCKER_HUB_TOKEN }}
docker-hub-token: ${{ secrets.DOCKER_HUB_TOKEN }}
24 changes: 18 additions & 6 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,11 +1,23 @@
node_modules
.DS_Store
target/
node/
.idea/
sonar-example-plugin.iml
.java-version
local-docker-image/extensions/plugins/*
*.iml
*.ipr
*.iws
target/
atlassian-ide-plugin.xml

# Eclipse
.classpath
.project
.settings/
.java-version
.DS_Store

# yarn
.yarn/*
!.yarn/cache
!.yarn/patches
!.yarn/plugins
!.yarn/releases
!.yarn/sdks
!.yarn/versions
50 changes: 24 additions & 26 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,41 +1,35 @@
[![Wunderman Thompson Technology logo](assets/wtt-logo.png)](http://www.cognifide.com/)
[<img src="assets/vml-logo.png" width=50% height=50%>](http://www.vml.com/poland)


![Builds Status](https://github.com/wttech/AEM-Rules-for-SonarQube/actions/workflows/build.yml/badge.svg)
[![Coverage Status](https://coveralls.io/repos/github/Cognifide/AEM-Rules-for-SonarQube/badge.svg?branch=master)](https://coveralls.io/github/Cognifide/AEM-Rules-for-SonarQube?branch=master)
[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=AEM-Rules-for-SonarQube&metric=alert_status)](https://sonarcloud.io/dashboard?id=AEM-Rules-for-SonarQube)
[<img src="https://rules.sonarsource.com/images/logos/SonarLint-black.svg" height="28" alt="Available in SonarLint">](https://www.sonarlint.org/)
[<img src="https://rules.sonarsource.com/images/logos/SonarCloud-black.svg" height="28" alt="Available in SonarCloud">](https://sonarcloud.io)
[<img src="https://rules.sonarsource.com/images/logos/SonarQube-black.svg" height="28" alt="Available in SonarQube">](https://www.sonarqube.org/)
# About AEM Rules for SonarQube

![AEM Rules for SonarQube](https://raw.githubusercontent.com/wttech/AEM-Rules-for-SonarQube/master/assets/logo.png)

## Purpose

As we all know, SonarQube is a great tool that helps us increase quality of our codebase. However, it does apply mainly to general Java issues. As we know, we can hurt ourselves much more doing AEM. [Adobe Experience Manager](https://docs.adobe.com/docs/en/aem/6-2.html) is a comprehensive content management platform solution for building websites, mobile apps and forms. This tool is intended to find common bugs and bad smells specific for AEM development. Documentation of each rule is available from SonarQube interface after plugin installation.
As we all know, SonarQube is a great tool that helps us increase quality of our codebase. However, it does apply mainly to general Java issues. As we know, we can hurt ourselves much more doing AEM. [Adobe Experience Manager](https://experienceleague.adobe.com/en/docs) is a comprehensive content management platform solution for building websites, mobile apps and forms. This tool is intended to find common bugs and bad smells specific for AEM development. Documentation of each rule is available from SonarQube interface after plugin installation.

## Prerequisites

Each release has its own prerequisites section, for more information please check [releases page](https://github.com/wttech/AEM-Rules-for-SonarQube/releases).

## Installation

**Custom Dockerfile**
### Local docker image

Following Dockerfile uses official Sonarqube 7.9 image and download AEM Rules 1.0-RC2 to plugin directory.
Check the plugin locally with the prepared ```docker-compose.yml```. Just run these commands from the repo root to build the latest package and fire up a container.

```
FROM sonarqube:7.9-community AS aemrulesqube79
RUN curl -Lk -o $SONARQUBE_HOME/extensions/plugins/aemrules-1.0-RC2.jar https://github.com/wttech/AEM-Rules-for-SonarQube/releases/download/v1.0-RC2/aemrules-1.0-RC2.jar
mvn clean package
cd local-docker-image
docker-compose up -d
```

**Community image**

This is already prepared solution thanks to @ahmed-musallam.

`docker run --rm -p 9000:9000 ahmedmusallam/sonarqube-aem:latest`

This solution is for those who would like to start testing theirs code within aem rules and sonarqube. It contains SonarQube v 7.7, aem rules v 0.11 and predefined quality gates.
If you would like to participate in our Aem Rules development, please refer to [wiki page](https://github.com/wttech/AEM-Rules-for-SonarQube/wiki) to get into.


### Update Center

Go to your SonarQube instance administration console and open Update Center. Find AEM Rules for SonarQube plugin and click install!
Expand All @@ -52,22 +46,26 @@ Go to your SonarQube instance administration console and open Update Center. Fin
Use of the plugin does not differ much from regular SonarQube analysis. However, as rules are often tied to a certain AEM version and its components (Felix, Sling), we've introduced the `aemVersion` analysis property.

Each rule defines supported AEM version or version range. Most of the rules are universal.
By providing the AEM version parameter, you can instruct the Sonar Runner to only use only a subset of rules applicable to a particular AEM version. When the parameter is not provided then a default AEM version is used (currently 6.4)

### Running analysis

When running analysis, pass `sonarRunner.aemVersion` property with your AEM version. The format is as follows:

`sonarRunner.aemVersion=<MAJOR_VERSION>.<MINOR_VERSION>`

Runing with Maven
```
mvn sonar:sonar -DsonarRunner.aemVersion=6.4
```
To avoid quality profiles collisions, the additional execution param has been added.

`-Dsonar.html.file.suffixes=.notexistingsuffix`

Runing with Gradle (See [Gradle AEM Plugin](https://github.com/wttech/gradle-aem-plugin))
Running with Maven
```
gradlew sonarQube -DsonarRunner.aemVersion=6.4
mvn clean verify sonar:sonar \
-Dsonar.projectKey={sonar_project_key} \
-Dsonar.projectName='{sonar_project_name}' \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.token={sonar_project_token} \
-DsonarRunner.aemVersion=6.5 \
-Dsonar.html.file.suffixes=.notexistingsuffix
```

# Rule set
Expand Down Expand Up @@ -180,13 +178,13 @@ Release notes for each version can be found in [releases section](https://github

# License

Copyright 2015-2016 Wunderman Thompson Technology
Copyright 2015-2024 VML

Licensed under the Apache License, Version 2.0

# Commercial Support

Technical support can be made available if needed. Please [contact us](mailto:labs-support@cognifide.com) for more details.
Technical support can be made available if needed. Please [contact us](mailto:labs-support@wundermanthompson.com) for more details.

We can:

Expand Down
2 changes: 1 addition & 1 deletion assets/license-template.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#%L
${project.name}
%%
Copyright (C) ${project.inceptionYear}-2019 Wunderman Thompson Technology
Copyright (C) ${project.inceptionYear}-2024 VML
%%
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
Binary file added assets/vml-logo.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed assets/wtt-logo.png
Binary file not shown.
Loading
Loading