We are on old version(5.3) and need an upgrade path, can anyone advise? We might be able to spin up a separate SQ server and move some of these projects to it so we are using the most recent version.
I read that Community Edition does not support PL/SQL analysis and will instead need a developer/enterprise edition, can anyone confirm?
Is it possible with our current setup to install sonar-scanner and/or plsql jar file and trigger analysis via Jenkins with report being sent to SQ server? Would this remove the limitations above or will plsql scan just not run? I know about the sonarscanner for Jenkins plugin that allows us to centralize SQ server config in Jenkins.
Can i have sonar-scanner and SQ server on different machines?
I think I am just a bit confused if sonar-scanner on its own will detect plsql project and perform analysis on it based on plsql rules or if the plsql jar file needs to be added alongside sonar-scanner install.
I appreciate i have asked a lot but thanks in advance for any help.
You need to hit the intermediate LTSs, so assuming you want to go all the way to the current version:
5.3 → 5.6.7 → 6.7.7 → 7.9.2 (current LTS) → 8.1 (out this week)
PL/SQL has always been a licensed language. If you were able to find the version of the PL/SQL analyzer compatible with 5.3, you would need an specific license for that individual plugin, but the Sales department would not issue you one. Instead, they would/will tell you to upgrade to a current version of SQ and then to request a DE license.
Regarding Jenkins, it is absolutely possible to kick off the analysis from Jenkins, once you have a way for Jenkins to check out / obtain the code.
You can, and in fact you should.
The SonarQube 7.9.2 or 8.1 DE bundle you download will include the PL/SQL analyzer (jar). Then you’ll configure a job on Jenkins to obtain the PL/SQL code and fire off analysis. And that’s it.
Thank you for your swift response which has helped me. I have a couple of follow up questions to your points if I may.
Should I install sonar-scanner on the Jenkins machine and configure it to point to SQ server via server.host.url and via Jenkins–>Manage Plugins. I then add config for sonarqube scanner to Jenkins with authentication token.
For PL/SQL jar I can’t install it under the CE edition that I am using or any CE edition for that matter or DE without a license, is that correct?
If i have SQ 7.9.2 or 8.1 DE the download includes the PL/SQL analyzer (jar) If I setup a jenkins job to look at PL/SQL project do I need to do anything specific to ensure that the language for analysis is set to PL/SQL or is this detected automatically?
Uhm… just use the Jenkins UI to configure a SonarQube “server”. You’ll fill in both the URL and auth token there.
This is a great question. For most languages detection is going to work automatically based on the language’s normal file extensions. For PL/SQL the defaults are sql, pks, pkb. If your files don’t have those extensions then you’ll need to edit settings (Administration → Languages → PL/SQL → File suffixes) to associate your extensions with the language.