Uploaded image for project: 'IT: Release Engineering'
  1. IT: Release Engineering
  2. RELENG-4120

Simpler configuration for SonarCloud scanning of Go code?

    Issue XMLXMLWordPrintable

Details

    • Story
    • Status: Selected for Development
    • Normal
    • Resolution: Unresolved
    • None
    • Q1 2023 RE Operations
    • None
    • None

    Description

      It would be beneficial if the SonarCloud scanning of Go products was available out of the box with as little extra configuration as possible, like it is for Maven based products.
      Now a bash script and rather extensive configuration is needed for each product, see below:

      project:
      <<: *nonrtric_jdk_common
      name: nonrtric-dmaap-mediator-producer-sonar
      project-name: nonrtric-dmaap-mediator-producer-sonar

      prescan script requires ubuntu
      golang is only on docker-enabled nodes
      build-node: ubuntu1804-docker-4c-4g
      sonar-prescan-script: !include-raw-escape: prescan-dmaapmediatorproducer-ubuntu.sh
      sonar-project-file: ""
      java-version: openjdk11
      use sonarcloud values from defaults.yaml
      sonar-properties: |
      Required metadata
      sonar.login=

      {sonarcloud_api_token}

      sonar.projectKey=

      {sonarcloud_project_organization}_nonrtric-dmaap-mediator-producer
      sonar.organization={sonarcloud_project_organization}

      Encoding
      sonar.build.sourceEncoding=UTF-8
      Language
      sonar.language=go
      Source
      sonar.sources=.
      Unit tests
      sonar.go.coverage.reportPaths=dmaap-mediator-producer/coverage.txt
      Inclusions
      sonar.inclusions=dmaap-mediator-producer/internal//.go
      Exclusions
      sonar.exclusions=dmaap-mediator-producer/main.go,dmaap-mediator-producer/mocks/.go,dmaap-mediator-producer/stub/.go,dmaap-mediator-producer/internal//_test.go
      jobs:

      gerrit-sonar-prescan-script

      Attachments

        JEditor

          Activity

            eball Eric Ball added a comment -

            Hi Henrik. I have proposed a change that would simplify the implementation of sonar projects: https://gerrit.o-ran-sc.org/r/c/ci-management/+/7546

            This is simplest change that could be made. There are further options to remove/abstract more of the details, such as putting the sonar-project.properties file one level higher in the filesystem, which would allow using it for any project. We could also make a new job for oran-sonar if there are other values that could have a standard implementation.

            Please let me know what you think of these options.

            eball Eric Ball added a comment - Hi Henrik. I have proposed a change that would simplify the implementation of sonar projects: https://gerrit.o-ran-sc.org/r/c/ci-management/+/7546 This is simplest change that could be made. There are further options to remove/abstract more of the details, such as putting the sonar-project.properties file one level higher in the filesystem, which would allow using it for any project. We could also make a new job for oran-sonar if there are other values that could have a standard implementation. Please let me know what you think of these options.
            eball Eric Ball added a comment -

            elinuxhenrik Please let me know if that change is what you're looking for, or if you need something else.

            eball Eric Ball added a comment - elinuxhenrik  Please let me know if that change is what you're looking for, or if you need something else.

            Hi Kevin!

            Sorry for not answering you earlier, I have been busy with fixing bugs.

            In my dream scenario, a script file to generate the coverage data would not be needed and you should only need to add as little extra configuration as possible. The only extra configuration I think should be needed to add in some way for each product would be:
            Source
                Exclusions
                sonar.exclusions=dmaap-mediator-producer/main.go,dmaap-mediator-producer/mocks/.go,dmaap-mediator-producer/stub/.go,dmaap-mediator-producer/internal//_test.go

            This configuration should be a part of the ordinary project configuration for a Go project.

            Then Jenkins should handle the Sonar checking just as it does for Maven based projects. I beleive that the script should be possible to generalize to cover all Go products. But I have too little knowledge about Jenikns to see if it can be integrated in the process.

            I don’t think that breaking the Sonar configuration out to a separate file really helps I am afraid. I think it is better to keep all configuration in the jjb file. But try to make the extra configuration for Sonar as small as possible by generalizing as much of the work as possible in the global Jenkins jobs.

            I hope this makes things clearer. If not, please come back to me.

            elinuxhenrik Henrik Andersson added a comment - Hi Kevin! Sorry for not answering you earlier, I have been busy with fixing bugs. In my dream scenario, a script file to generate the coverage data would not be needed and you should only need to add as little extra configuration as possible. The only extra configuration I think should be needed to add in some way for each product would be: Source     Exclusions     sonar.exclusions=dmaap-mediator-producer/main.go,dmaap-mediator-producer/mocks/.go,dmaap-mediator-producer/stub/.go,dmaap-mediator-producer/internal//_test.go This configuration should be a part of the ordinary project configuration for a Go project. Then Jenkins should handle the Sonar checking just as it does for Maven based projects. I beleive that the script should be possible to generalize to cover all Go products. But I have too little knowledge about Jenikns to see if it can be integrated in the process. I don’t think that breaking the Sonar configuration out to a separate file really helps I am afraid. I think it is better to keep all configuration in the jjb file. But try to make the extra configuration for Sonar as small as possible by generalizing as much of the work as possible in the global Jenkins jobs. I hope this makes things clearer. If not, please come back to me.
            kevin.sandi Kevin Sandi added a comment -

            Hi elinuxhenrik

            Thanks for sharing more details about your request. We will take a look at it and propose a solution if there is any.

            kevin.sandi Kevin Sandi added a comment - Hi elinuxhenrik Thanks for sharing more details about your request. We will take a look at it and propose a solution if there is any.
            kevin.sandi Kevin Sandi added a comment -

            currently taking care of higher priority work, will keep it in my TO-DO list for a while

            kevin.sandi Kevin Sandi added a comment - currently taking care of higher priority work, will keep it in my TO-DO list for a while

            People

              kevin.sandi Kevin Sandi
              kevin.sandi Kevin Sandi
              Eric Ball, Henrik Andersson, Kevin Sandi
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Salesforce