which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Enterprise Edition Version 8.9.8 (build 54436)
how is SonarQube deployed: zip, Docker, Helm
Helm
what are you trying to achieve
Project automation with Backstage configured with default sonar-project.properties
what have you tried so far to achieve this
We’ve provisioned a loose default for typescript/node services
Hi there!
I’m part of a Developer Experience team, particularly within our QA / Test Engineering space and we’re looking to bake in SonarQube configuration when devs create new services with Backstage.
For languages like JavaScript and Go, that last is as simple as cding into the project root and invoking sonar-scanner -Dsonar.host.url=[your SonarQube instance] -Dsonar.login=[analysis token]. For Java it will take a bit more. The docs will give you the particulars.
Thanks for getting in touch. Got it - I suppose these wouldn’t necessarily be bespoke to Backstage; rather, we want to have programmatically create the sonar-project.properties file dynamically.
Example:
// pseudo-code
function getSonarPropertiesFile(project) {
switch (language) {
case 'javascript':
return [
`sonar.projectKey=foo:${project}`,
`sonar.ProjectName=foo/${project}`,
`sonar.language=javascript`,
'sonar.exclusions=node_modules',
...
].join('\n')
break;
case 'python':
return [...]
}
Hopefully this kinda make sense? I’m trying to see if there’s recommended defaults or maybe it will just be alright to have the sonarProjectKey and sonar.ProjectName? I suppose it depends on how opinionated we should be.
First, sonar.language was dropped years and years ago. So no need to set it. Analysis is multi-lingual and the languages in your project will automatically be recognized (unless you have some unusual file extension conventions).
You do need to provide sonar.projectKey. And… other than sonar.host.url, which I assume you’ll set at a higher level, that’s it. Everything else has - we believe - sane defaults.
If there are common exclusions you want to set across projects, there’s a global exclusion you can set via the UI, but the default exclusions for JS/TS include node_modules.
OK - thanks for note on sonar.language, I’ll make sure to inform my team!
You do need to provide sonar.projectKey . And… other than sonar.host.url , which I assume you’ll set at a higher level, that’s it.
Copy that.
If there are common exclusions you want to set across projects, there’s a global exclusion you can set via the UI, but the default exclusions for JS/TS include node_modules .
Yup! I’m aware and I’ll see what we have set globally, that would probably knock out a lot of the defaults we ultimately prescribe.