<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:05:23 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-386] Incorporate SonarQube into CI process </title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-386</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;p&gt;Julian recommends Sonarqube for code quality management (&lt;a href=&quot;http://www.sonarqube.org/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;http://www.sonarqube.org/&lt;/a&gt;).   It looks fairly comprehensive and there are plugins for Jenkins integration as well including a quality gate plugin that will &quot;fail&quot; a build if a threshold of errors is crossed. &lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://sonar.gbv.de&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://sonar.gbv.de&lt;/a&gt; (Julian&apos;s site)&lt;/p&gt;</description>
                <environment></environment>
        <key id="79982">FOLIO-386</key>
            <summary>Incorporate SonarQube into CI process </summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5f9abc1eb45b2e007453f423">John Malconian</assignee>
                                                                <reporter accountid="5f9abc1eb45b2e007453f423">John Malconian</reporter>
                                    <labels>
                            <label>ci</label>
                            <label>sprint22</label>
                    </labels>
                <created>Thu, 10 Nov 2016 14:41:55 +0000</created>
                <updated>Mon, 12 Nov 2018 14:23:20 +0000</updated>
                            <resolved>Thu, 28 Sep 2017 15:20:10 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>7</watches>
                                                    <timespent seconds="41400">1 day, 3 hours, 30 minutes</timespent>
                                <comments>
                                                            <comment id="188252" author="5f9abc1eb45b2e007453f423" created="Thu, 10 Nov 2016 14:43:35 +0000"  >&lt;p&gt;experimented with Sonarqube implementation running in Docker container.&lt;/p&gt;</comment>
                                                            <comment id="188253" author="557058:8629b273-56f1-466d-b7c7-5cbac0c3379b" created="Tue, 29 Aug 2017 18:46:57 +0000"  >&lt;p&gt;Starting with setting up mod-circulation.  After the changes are reviewed by John we can identify next projects.&lt;/p&gt;</comment>
                                                            <comment id="188255" author="557058:8629b273-56f1-466d-b7c7-5cbac0c3379b" created="Thu, 7 Sep 2017 14:52:52 +0000"  >&lt;p&gt;Created pull request for mod-circulation.  Awaiting approval.&lt;/p&gt;</comment>
                                                            <comment id="188257" author="5f9abc1eb45b2e007453f423" created="Thu, 7 Sep 2017 14:54:39 +0000"  >&lt;p&gt;Rather than host our own SonarQube installation, I opted for for the SonarQube hosted version.   It is free for public, OS projects.  &lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://sonarcloud.io/organizations/folio-org/projects&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://sonarcloud.io/organizations/folio-org/projects&lt;/a&gt;&lt;/p&gt;


&lt;p&gt;There are a few different ways to run the publish results: &lt;/p&gt;

&lt;p&gt;For Maven-based projects,  the easiest way is to run is:&lt;/p&gt;

&lt;p&gt;mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar \&lt;br/&gt;
    -Dsonar.host.url=&lt;a href=&quot;https://sonarcloud.io&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://sonarcloud.io&lt;/a&gt; \&lt;br/&gt;
    -Dsonar.organization=folio-org \&lt;br/&gt;
    -Dsonar.login=SECRET&lt;/p&gt;

&lt;p&gt;This is simple because it does not require updating project POMs or any extra special configs. &lt;/p&gt;

&lt;p&gt;The SonarQube &quot;scanner&quot;, I guess, is a standalone tool.    It requires a &quot;properties&quot; or configuration file located with the project&apos;s source.  I imagine it allows for more granular configuration.  &lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The &quot;scanner&quot; can be used for all sorts of projects, including JavaScript, so we can also utilize this for Stripes/UI stuff as well.  &lt;/p&gt;

&lt;p&gt;The next step for me is the integration between Jenkins and SonarQube.   There is a SonarQube scanner plugin for Jenkins that I&apos;ve installed on our the FOLIO Jenkins system.    I&apos;ve configured it to publish results to the SonarQube site above.    Each project/job requires a step that will run the scanner and publish results. &lt;/p&gt;

&lt;p&gt;I&apos;m in the process of developing shared pipeline libraries for Jenkins.   I will experiment with adding a SonarQube step to the library so that it is run for each project rather than configuring it manually for each project. &lt;/p&gt;</comment>
                                                            <comment id="188258" author="557058:8629b273-56f1-466d-b7c7-5cbac0c3379b" created="Thu, 7 Sep 2017 16:31:06 +0000"  >&lt;p&gt;I will drop my PR then.  Using properties file might be indeed a better way of configuring the project if needed.   &lt;br/&gt;
Does gradle allow for executing plugins in the command line?  mod-circulation is a gradle project (at least for now) and I think there are some other gradle projects as well.&lt;/p&gt;</comment>
                                                            <comment id="188259" author="5ee89462f7aa140abd82d11d" created="Thu, 7 Sep 2017 16:51:18 +0000"  >&lt;p&gt;No: &lt;a href=&quot;https://stackoverflow.com/questions/17862307/running-gradle-plugin-directly-from-command-line&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://stackoverflow.com/questions/17862307/running-gradle-plugin-directly-from-command-line&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;As a software developer I would like to run sonar for the module I&apos;m working on (and reporting to my local sonar server) so I would like to have the sonar plugin in the build.gradle.&lt;/p&gt;</comment>
                                                            <comment id="188260" author="5f9abc1eb45b2e007453f423" created="Tue, 12 Sep 2017 20:38:16 +0000"  >&lt;p&gt;I&apos;ve integrated SonarQube with the CI builds of the master branch for all FOLIO backend modules except the two Gradle projects - mod-circulation and mod-inventory.    You can see them in the SonarQube dashboard here:&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://sonarcloud.io/organizations/folio-org/projects&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://sonarcloud.io/organizations/folio-org/projects&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Projects left to do: &lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Okapi&lt;/li&gt;
	&lt;li&gt;UI modules&lt;/li&gt;
	&lt;li&gt;Some other miscellaneous projects.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;Also,  we will want SonarQube analysis/feedback for non-master branches and PRs without updating results in the database.   I&apos;ll circle back to this after setting up the remaining modules.     Some info on setting that up here: &lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://blog.sonarsource.com/analysis-vs-preview-vs-incremental-preview-in-sonarqube/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://blog.sonarsource.com/analysis-vs-preview-vs-incremental-preview-in-sonarqube/&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://docs.sonarqube.org/display/PLUG/GitHub+Plugin&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.sonarqube.org/display/PLUG/GitHub+Plugin&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="188262" author="5f9abc1eb45b2e007453f423" created="Mon, 18 Sep 2017 21:02:09 +0000"  >&lt;p&gt;All current folio-org projects now have corresponding sonarqube projects except mod-circulation and mod-inventory.  &lt;/p&gt;
</comment>
                                                            <comment id="188263" author="5f9abc1eb45b2e007453f423" created="Tue, 19 Sep 2017 18:22:11 +0000"  >&lt;p&gt;I&apos;ve enabled a branch called &apos;pr-sonarqube&apos; of the shared jenkins pipeline library to trigger sonarqube analysis of PRs and post analysis of results back to GitHub.   Experimental at this time and only enabled for folio-org/okapi and folio-org/mod-notes.     Let&apos;s see how this works out before enabled across all projects. &lt;/p&gt;

&lt;p&gt;TODO: Magda has also reminded to enable analysis for stripes-* projects. &lt;/p&gt;</comment>
                                                            <comment id="188264" author="5f9abc1eb45b2e007453f423" created="Thu, 28 Sep 2017 15:20:10 +0000"  >&lt;p&gt;All software projects have been added to Sonarqube with the exception of mod-inventory and mod-circulation (See 
    &lt;span class=&quot;jira-issue-macro resolved&quot; data-jira-key=&quot;CIRC-30&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/CIRC-30&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Migrate to Maven&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium&quot; /&gt;
            CIRC-30
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-success jira-macro-single-issue-export-pdf&quot;&gt;Closed&lt;/span&gt;
            &lt;/span&gt;
).   Additional Sonarqube activities are being tracked in additional issues (
    &lt;span class=&quot;jira-issue-macro resolved&quot; data-jira-key=&quot;FOLIO-844&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-844&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;integrate SonarQube test coverage into PR verification&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium&quot; /&gt;
            FOLIO-844
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-success jira-macro-single-issue-export-pdf&quot;&gt;Closed&lt;/span&gt;
            &lt;/span&gt;
, 
    &lt;span class=&quot;jira-issue-macro&quot; data-jira-key=&quot;FOLIO-864&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-864&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Managing Sonarqube exceptions and rule customization&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium&quot; /&gt;
            FOLIO-864
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-current jira-macro-single-issue-export-pdf&quot;&gt;In Progress&lt;/span&gt;
            &lt;/span&gt;
, and 
    &lt;span class=&quot;jira-issue-macro&quot; data-jira-key=&quot;FOLIO-858&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-858&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Increase Sonarqube ratings to &amp;#39;A&amp;#39; for all backend modules&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10307?size=medium&quot; /&gt;
            FOLIO-858
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-complete jira-macro-single-issue-export-pdf&quot;&gt;Open&lt;/span&gt;
            &lt;/span&gt;
).&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|hzxhun:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 29 Aug 2017 18:46:57 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>