1,488 questions
- Bountied 0
- Unanswered
- Frequent
- Score
- Trending
- Week
- Month
- Unanswered (my tags)
0
votes
1
answer
71
views
Problem with injecting value to the static variable
With the entered code here, I am trying to build a project on springboot. I am using AES encryption in my project. I am keeping the password(key) of AES in the application properties. The variable ...
0
votes
0
answers
56
views
How to remove method or line from sonarqube check in Go?
have a correct method to remove unique method or line from check coverage sonar? like //NOSONAR?
I've tried but I wouldn't like to have to use sonar.exclusions= in my sonar-project.properties file
0
votes
1
answer
118
views
Retrieving SonarQube Project Key and Name Used in Jenkins Build via API
I’m currently running SonarQube code analysis through Jenkins as part of my CI pipeline. In the Jenkins pipeline, I’m passing the SonarQube project name, project key, and authentication token to ...
1
vote
0
answers
104
views
Why is SonarCloud `reportPaths` property not receiving wildcards?
According to the Sonar Cloud Documentation it is possible to use wildcards in the sonar.javascript.lcov.reportPaths following the Test Coverage parameters guideline for wildcards. However, when trying ...
0
votes
0
answers
42
views
Updates are not getting reflecting in the sonar server even after deploying the latest custom sonar
I’m working with a custom Quality Profile for the Natural language in SonarQube. so even after deploying the latest version of the plugin on the quality default profile its showing "Sonar way (...
0
votes
0
answers
35
views
Assistance in formatting curl command in Jenkin's pipeline to call SonarQube
In a pipeline (Jenkins Version 2.496) script block;
I have an environment params variable defined with 4 & to pass multiple values;
SET tools_params=mainBranch=%default_branch%^&...
0
votes
0
answers
44
views
Gitlab Merge happening despite update_sonar job failing
I have the following update_sonar job in my CI pipeline:
stage: update_sonar
allow_failure: false
image: sonarscanner:4.7-n14
tags:
- "ocp_l"
script:
- sonar-scanner
-...
0
votes
0
answers
96
views
How to Disable FindBugs Sensor/Scanning or Fix Unsupported Class File Major Version Error in SonarQube with Java 21?
We recently upgraded our codebase from Java 17 to Java 21. During our Maven build, we use the following Azure pipeline tasks to run SonarQube:
- task: SonarQubePrepare@7
inputs:
SonarQube: '...
0
votes
0
answers
125
views
How can I set up a CI pipeline in gitlab with sonarqube?
I try to set up a simple CI pipeline in gitlab with sonarqube. I don't know how I can start the sonarqube server inside the CI pipeline and access it.
I tried the following CI pipeline:
image: ...
0
votes
1
answer
108
views
Jenkins/Sonarqube: Fetch target branch in multibranch pipeline?
I am running a Jenkins a multibranch pipeline with SonarQube scanner. It looks like the scanner requires target branch of the PR to be fetched in order to run the analysis but Jenkins is only fetching ...
0
votes
0
answers
36
views
Sonar + Devops + PHP - How to analyze projects that doesn’t have a "Build" stage?
How can I analyze a PHP project that doesn’t have a "Build" stage? I have the following pipeline:
trigger:
branches:
include:
- '*'
pool:
vmImage: 'ubuntu-latest'
variables:
# Sonar-...
0
votes
1
answer
297
views
org/sonar/batch/bootstrapper/EnvironmentInformation has been compiled by a more recent version of the Java Runtime
I'm trying to integrate SonarQube scanner into a TeamCity build configuration. I have installed the Sonar Runner plugin and set the build step to use scanner version 4.2.0, and run a build with the ...
0
votes
0
answers
104
views
NoSonar feature for custom sonar plugin for the language that is not supported the conventional sonar server
I am working on a custom SonarQube plugin for a programming language that are not supported by the conventional sonar plugin.
My current task is to implement a feature where lines containing a ...
1
vote
0
answers
95
views
Maven dependency and Sonar Qualys vulnerabilities
I need to know how I can find the JARs without the vulnerabilities.
I have an application, lets say, service A, now when I build this application, Sonar points to the list of vulnerabilities and ...
4
votes
1
answer
686
views
Exclude directory from SonarQube analysis
When I open a PR on GitHub, SonarQube Cloud checks the source code and reports any problems. I also have the IntelliJ plugin "SonarQube for IDE" installed. By connecting the IDE plugin to ...