Continuous integration/SonarQube Scanner

wmf-sonar-scanner

edit

The Code_Health_Group/projects/Code_Health_Metrics working group maintains an integration with the static analysis code tool, SonarQube.

To use it, run "check experimental" on MediaWiki core or any extension (example). The link to the generated report will be output in the build logs for the "wmf-sonar-scanner" job.

You can read more about in this blog post.

Coming soon:

Debugging

edit

You can test out the scanner locally, if you have an API key.

docker run \
--volume $(pwd)/mediawiki/extensions/GrowthExperiments/log://var/lib/jenkins/log \
--volume /tmp/sonar-scanner-cache://cache \
--volume $(pwd)/mediawiki/extensions/GrowthExperiments://src \
--env SONAR_API_KEY=REDACTED \
--env ZUUL_PROJECT=mediawiki-GrowthExperiments \
docker-registry.wikimedia.org/releng/java8-sonar-scanner:0.4.0 \
-X \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=wmftest \
-Dsonar.projectKey=mediawiki-extensions-GrowthExperiments \
-Dsonar.projectName=mediawiki-extensions-GrowthExperiments

The following example is useful if you want to make modifications to run.sh and copy them into the container without rebuilding the Docker image.

docker run \
--volume $(pwd)/src/mediawiki/extensions/examples/log://var/lib/jenkins/log \
--volume /tmp/cache://cache \
--volume $(pwd)//src/mediawiki/extensions/examples://src \
--entrypoint=sh \
--rm -it \
--env SONAR_API_KEY=REDACTED \
--env ZUUL_PROJECT=examples \
docker-registry.wikimedia.org/releng/java8-sonar-scanner:0.4.0

Then you can execute /run.sh -X  -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=wmftest -Dsonar.projectKey=mediawiki-extensions-Examples -Dsonar.projectName=mediawiki-extensions-Examples

Sonar Lint

edit

The SonarLint tool is a useful complement to SonarQube, as it runs many of the same checks locally in your IDE.