Sonarproperties for GO

Kirupakaran · July 13, 2022, 6:22pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant
extension)

Using sonarqube:community Image

what are you trying to achieve

Looking for proper sonar.properties for GO

I am trying to adopt best practices for Scanning Go lang using default Sonar Way rules

But once the pipeline is successful I am seeing project is getting Passed even though its not meeting the default rules where its supposed to get failed .

Also I am not able to make use of new rules created by me. Pipeline is picking up Sonarway .

sonar-project.properties:

Any thing else to be added in properties ?
I am not sure on this .

Please help me on this !

ganncamp · July 13, 2022, 6:30pm

Hi,

I guess this is about the Quality Profile you created not being used in the project analysis? Have you made it the default or explicitly assigned it to the project?

Ann

Kirupakaran · July 13, 2022, 6:35pm

Hi Ann,

I have not created anything currently . Making use of default one !

Kirupakaran · July 13, 2022, 6:40pm

Hope my code is not matching or meeting the expectations set by default rules .

It must fail as per the rules defined but its getting passed .

ganncamp · July 13, 2022, 6:51pm

Hi,

I’m not sure what’s not happening that you think should be happening. Is this about the Quality Gate that’s applied during analysis? The answer for it is actually going to be the same as for Quality Profiles: either make it the default or explicitly assign it to the project in question.

HTH,
Ann

Kirupakaran · July 13, 2022, 6:59pm

Hi ,

My question is why the project is getting passed even if it doesn’t meet the rules .

For instance : Coverage is less than 80.0% is one of the rule set on code.

Where as code coverage is 0% and it must fail . But its getting passed

ganncamp · July 13, 2022, 7:06pm

Hi,

Did you pass in a coverage report? I believe that if you don’t make an attempt to provide coverage data, we take that as an indication that you really don’t care about coverage & just sort of … look the other way on coverage.

Ann

Kirupakaran · July 14, 2022, 6:02am

Hi Ann,

yes I am passing coverage report in sonar-project.properties :

sonar.projectKey=recordkeeper
sonar.exclusions=**/restapi/**/*.*,**/vendor/**/*.*,**/client/**/*.*,**/models/**/*.*
sonar.inclusions=**/*.go
sonar.test.inclusions=**/*.go
sonar.test.exclusions=**/restapi/**/*.*,**/vendor/**/*.*,**/client/**/*.*,**/models/**/*.*
sonar.go.coverage.reportPaths=coverage.out
sonar.go.tests.reportPaths=report.json
sonar.jacoco.reportPath=build/reports/jacoco.xmln
sonar.qualitygate.wait=true

But not sure why its not working !

Below is my pipeline status for sonarqube

Kirupakaran · July 14, 2022, 6:07am

Also you could see the mismatch between Sonarway rules & Projects

There are conflicts in Duplications , Coverage , Security Hotspots . Where it is supposed to fail but its getting passed .
Surprised how its happening !

ganncamp · July 14, 2022, 3:19pm

Hi,

What did you make of error in the analysis log?

Regarding the mismatch between your project values and your Quality Gate, are you sure that Quality Gate is being applied? The Quality Gate used in the last analysis is shown in the Project Information slide-out:

Ann

Kirupakaran · July 14, 2022, 3:28pm

Thank you ! Able to add new rules & configured accordingly.

Kirupakaran · July 14, 2022, 3:29pm

Hi @ganncamp ,
How do we set test coverage report . Can you help on this !

system · July 21, 2022, 3:57pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.