Page History

...

Bug Severity in SonarQube and mapping to Akraino security requirements

Enabling scanning should be done per-project, with the addition of mvn-params and nexus-iq-namespace variables, and the gerrit-maven-sonar job added. 

Here's some additional documentation on the Sonar jobs/macros we have set up:
https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-maven-jobs.html#lf-infra-maven-sonar

https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-python-jobs.html#lf-infra-tox-sonar

https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-c-cpp-jobs.html#cmake-sonar