SonarQube SPCAF Plugin
Core plugin for automatically importing results of SPCAF analysis after an MSBuild.
Using SPCAF With SonarQube & Visual Studio Team Services
Installing the SPCAF SonarQube involves three simple steps:
- Install SonarQube Plugin.
- Add SPCAF Rules to a Quality Profile.
- Configure the Visual Studio Team Services Build Process.
Install SonarQube Plugin
- On the SonarQube Server stop the SonarQube Service.
- From "Services" right click the SonarQube service and select "Stop".
- Copy the SPACF plugin jar files into your SonarQube Server and put it in the directory: $SONARQUBE_HOME/extensions/plugins;- (C:\SOnarQube\extensions\plugins).
- You may already have certain languages defined. If this is the case only copy languages from SPCAF that are new to your environment.
- Start the SonarQube service.
- From "Services" right click the SonarQube service and select "Start".
Add SPCAF Rules to a Quality Profile
- Open the SonarQube administration portal. (http://localhost:9000/)
- Click "Rules" in the top menu.
- Choose repositories from the left-hand panel and select SPCAF repository of the language you would like to add.
- The "Rules" option is at the top whilst logged in as an Administrator role, else it can be found on the side.
- You can also filter all SPCAF rules using the "spcaf" tag.
- Click "Bulk Change" in the top right-hand menu.
- Select "Activate In".
- The option is top right of the rules tab in SonarQube.
- Starting typing and choose the quality profile that you wish to add SPCAF rules too.
- "Activate In" has predictive typing.
- Click "Apply".
- Repeat steps 3-6 for any other language rules you want to add.
Configure the Visual Studio Team Services Build Process
- Open Visual Studio Team Services.
- Under "Build Menu" edit your build task.
- Add the SPCAF Build task process between the “Fetch the Quality Profile from SonarQube.” and “Finish the analysis and upload the results to SonarQube” tasks. How to Add SPCAF to VSTS:
- Set the "Advanced" -> Additional Settings Attribute of the "Fetch the Quality Profile from SonarQube to:
- Ensure you select the XML report for the output In the "SPCAF code analysis for SharePoint and Office Projects" task or SonarQube will not be able to read the results.
- After you have run the Visual Studio Team Services build, it will then upload the results to SonarQube server. You will then be able to go into your SonarQube project via the administration interface and see the SPCAF results.
Typical Visual Studio Team Services Build task set-up: - Fetch the Quality Profile from SonarQube -> Build solution x - Publish symbols path -> Copy files to staging -> Publish artifacts drop -> SPCAF code analysis for SharePoint and Office Projects -> Finish the analysis and upload the results to SonarQube.