...
SonarQube | Akraino |
---|---|
Blocker | Critical |
Critical | Important |
Major | Important |
Minor | Moderate |
Info | Low |
Each project should have jjb file to integrate with CI.
To add SonarQube scan, the jjb file should be modified with the following changes:
- mvn-settings
- mvn-params
- gerrit-maven-sonar job
Here is an example:
- project:
name: portal_user_interface
project: portal_user_interface
project-name: portal_user_interface
mvn-settings: portal_user_interface-settings
mvn-params: '-f AECPortalMgmt'
nexus-iq-namespace: 'akraino-'
build-node: centos7-builder-2c-1g
stream: master
jobs:
- '{project-name}-maven-jobs'
- gerrit-maven-sonar
views:
- project-viewEnabling scanning should be done per-project, with the addition of mvn-params and nexus-iq-namespace variables, and the gerrit-maven-sonar job added.
Here's some additional documentation on the Sonar jobs/macros we have set up:
https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-maven-jobs.html#lf-infra-maven-sonar
https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-python-jobs.html#lf-infra-tox-sonar
https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-c-cpp-jobs.html#cmake-sonar