[NEW RELEASE] Ansible Plugin 1.0.0

(Sbaudoin) #1

Hello everybody,

I have released a new SonarQube plugin to analyze Ansible playbooks with ansible-lint:

Be aware that you must have ansible-lint installed on the machine you will be running the scanner.

Can you add this plugin to the Marketplace and the Plugin Library page, please?

(G Ann Campbell) #2


Can you help me understand how to test this, please? I’m not seeing any Quality Profiles or Rules via the interface. Is this purely about using the new APIs that import “external” issues? And if so, why not take the next step and declare the rules in your plugin to make them visible and manageable within SonarQube? Doing so also makes the issues manageable within SonarQube (i.e. FP/WF). Doing so wouldn’t mean you couldn’t still rely on an external report from ansible-lint.

Also, can you point me to a relevant project to test this with?\


(G Ann Campbell) #3


I’ve just noticed that your artifact ID is sonar-ansible. Since you don’t declare a sonar.pluginKey property and your artifact ID doesn’t follow the pattern sonar-[this will be the plugin key]-plugin (i.e. the -plugin part is missing), then the entire artifact Id will be used as the plugin key. And that yields a plugin key that breaks the hard requirement for [a-z0-9]+.


(Sbaudoin) #4


The actual plugin is the the module named “sonar-ansible-plugin”, which defines a property sonar.pluginKey and whose artifact Id is sonar-ansible-plugin. Please see https://github.com/sbaudoin/sonar-ansible/blob/master/sonar-ansible-plugin/pom.xml.

For the test, as the plugin extends the YAML plugin, it adds something like 19 new rules to the YAML language but these rules are not enabled. You first have to create a new profile with the Anslble rules (search by tags with “ansible” as a keyword) then scan playbooks. I did not consider necessary to create a new profile with the new rules as they are added to an existing language, which already offers plenty of rules: my personal use case, depending on my preferences, is to create a profile dedicated to my Ansible playbooks in which I enable some Ansible rules and some pure YAML rules. If you can read Shell and speak curl, look at the script it/audit.sh: my integration tests follow this scenario. If you are looking for playbooks, look at the it/src directory.

Hope this is ok for you.

(G Ann Campbell) #5


You’re in!

Nice job. :slight_smile: