I am using Sonarqube (Enterprise Edition v9.3) as our code scanner for a Salesforce project. I am confused about how to add our customised PMD ruleset into the Sonarqube server so it checks our codes based on my rules. But I don’t know how to implement that.
I tried to import Xpath but that does not support Apex.
The code repo is Azure DevOps and connected with Azure Pipeline.
Do I need to add any plugins?
Many thanks!!
Hey there.
As noted in the documentation on Importing Third-Party Issues | SonarQube Docs – you can pass PMD reports generated in your pipeline to sonar.apex.pmd.reportPaths to have the issues fed into SonarQube.
Hi Colin,
Thank you for your suggestion. But I am considering using Sonarqube as Code Scanner. I want the Sonarqube to analyse Apex code directly instead of just analysing and storing the result generated by other Code Scanner. So I am wondering if I can upload any customized rules to the Sonarqube.
Besides, on the Sonarqube platform, the sonar.apex.pmd.reportPaths requires coverage report file (test-result-codecoverage.json) generated by Salesforce CLI test command for Apex. Does it accept both PMD and Salesforce CLI results?
Thank you very much for your answer.
Best Wishes