[
https://issues.apache.org/jira/browse/CASSANDRA-18390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17706601#comment-17706601
]
Maxim Muzafarov commented on CASSANDRA-18390:
---------------------------------------------
[~jmckenzie] I think these are different sides of the same coin. We can't force
developers and new contributors to install plugins for their IDEs. However, for
example, if we enable checkstyle for the build, a developer might want to check
their changes before committing and failing the build, so they will look for
documentation about our recommendations (installing plugins, how to run the
build locally). So the Sonar -> Sonarlint plugin path looks better to me than
Sonarlint -> Sonar, but it is still the same coin.
The downside of having ant generate-idea-files scripts is that we have to
maintain them for different IDEs and make them backwards compatible for those
IDEs, instead of focusing on the project goals. I think a better approach might
be to make the code styles shareable (plugins are still out of scope, but
inspections are) - I have created an issue for this CASSANDRA-18277, so I could
move forward with that with your help :-)
> Run Sonar analyzer over the Cassandra project
> ---------------------------------------------
>
> Key: CASSANDRA-18390
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18390
> Project: Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Maxim Muzafarov
> Assignee: Maxim Muzafarov
> Priority: Normal
> Time Spent: 10m
> Remaining Estimate: 0h
>
> As we already have Cassandra's project configured for the sonarcloud.io
> INFRA-24196, I wonder if we will be able to release branches, trunk, and pull
> requests to get analyzed by the SonarAnalyzer tool.
> Sonar is a code quality and security tool that is free to open-source
> projects and recommended by the INFRA team:
> https://cwiki.apache.org/confluence/display/INFRA/SonarCloud+for+ASF+projects
> It can have the following benefits without introducing any drawbacks (except
> for a few lines of source code)
> - visualise the LFH problems to work on;
> - see the trends in the source code;
> - add an extra layer of static code analysis;
> Changes below I have tested it locally with my SonarQube deployed on
> http://localhost:9000 and run the `act` for the GA part of the PR. It seems
> to work and parse classes correctly, but there are a few steps that need to
> be done by Cassandra's Committer or PMC (I do not have sufficient privileges):
> - Get the {{sonar.projectKey}} from the INFRA team;
> - make sure that the {{SONARCLOUD_TOKEN}} is available for GA and enabled for
> the project;
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
