Skip to content

Commit ced5bf5

Browse files
committed
Merge remote-tracking branch 'gitlab/sonar17'
2 parents 538d108 + 06daefe commit ced5bf5

29 files changed

+133
-233
lines changed

README.md

Lines changed: 36 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -1,55 +1,50 @@
1-
Coverity Sonar Plugin
2-
=====================
1+
# Coverity® Sonar Plugin
32

4-
The Coverity Sonar Plugin automatically import issues from Coverity Connect into SonarQube.
3+
The Coverity Sonar Plug-in automatically imports issues from Coverity Connect into SonarQube.
54

6-
![Coverity Scan Build Status](https://scan.coverity.com/projects/13562/badge.svg "Coverity Scan Build Status")
5+
**Current Version**: 1.7.5
76

8-
Coverity® Sonar Plug-in Installation and Configuration Guide
9-
============================================================
7+
![Coverity Scan Build Status](https://scan.coverity.com/projects/13562/badge.svg "Coverity Scan Build Status")
108

11-
Version 1.7.4
9+
# Coverity Sonar Plug-in Installation and Configuration Guide
1210

1311
This guide is intended to assist you with the installation and
1412
configuration of the Coverity Sonar plug-in. Once completed, you will be
1513
able to view Coverity Analysis issues within the SonarQube environment.
1614

17-
Compatibility
18-
=============
15+
## Compatibility Matrix
16+
-----------------------
1917

2018
The table below displays the software versions supported by the Coverity
2119
Sonar plug-in.
2220

2321
| **Software** | **Supported versions** |
2422
|------------------|------------------------|
25-
| SonarQube | 6.7.5 - 7.9.1 |
23+
| SonarQube | 7.9.1 - 8.9 |
2624
| SonarQube Scanner| 3.0 - 4.0 |
2725
| Coverity Connect | 8.0+ |
2826

29-
Installing the Coverity Sonar Plug-in
30-
=====================================
27+
## Installing the Coverity Sonar Plug-in
28+
----------------------------------------
3129

3230
To install the Coverity Sonar plug-in, complete the following steps.
3331

34-
1. Ensure that you have SonarQube(v6.7.5 ~ v7.9.1) and SonarQube Scanner(v3.0 ~ v4.0) installed.
35-
Sonar installation and setup instructions are located at
32+
1. Ensure that you have a supported version of SonarQube and SonarQube Scanner installed.
33+
<br>Sonar installation and setup instructions are located at
3634
<http://docs.sonarqube.org/display/SONAR/Setup+and+Upgrade>.
3735

3836
2. Download and unzip the Coverity Sonar plug-in to the Sonar plugins
39-
folder:
40-
41-
&lt;SonarInstallDirectory&gt;/extensions/plugins
37+
folder: &lt;SonarInstallDirectory&gt;/extensions/plugins
4238

4339
3. Restart SonarQube.
4440

4541
Note: After upgrading SonarQube, reset the quality profile for the languages which use Coverity
4642
(in **Quality Profiles**, select **Restore Built-in Profiles**, and select the language.)
4743

48-
Configuring the Coverity Sonar Plug-in
49-
======================================
44+
## Configuring the Coverity Sonar Plug-in
45+
-----------------------------------------
5046

51-
Once installed, you must configure the Coverity Sonar plug-in for
52-
general use.
47+
Once installed, you must configure the Coverity Sonar plug-in for general use.
5348

5449
1. Log in to SonarQube as an administrator.
5550

@@ -66,8 +61,8 @@ general use.
6661
6. Click **Save Coverity Settings** to complete the
6762
basic configuration.
6863

69-
Configuring your Project Settings
70-
=================================
64+
## Configuring your Project Settings
65+
------------------------------------
7166

7267
After configuring the general plug-in settings, you must select the
7368
correct Coverity Connect project to associate with each of your Sonar
@@ -100,8 +95,8 @@ whenever you run SonarQube Scanner on the specified project. This
10095
configuration must be completed for each project you wish to link with
10196
Coverity Connect.
10297

103-
Setting Up sonar-project.properties
104-
===================================
98+
## Setting Up sonar-project.properties
99+
--------------------------------------
105100

106101
For the plug-in to successfully display Coverity defects, the correct
107102
source paths must be entered in the sonar-project.properties file at the
@@ -157,12 +152,12 @@ See below for a complete example sonar-project.properties file.
157152
>
158153
> \# sonar.coverity.prefix=MyOptionalPrefix
159154
160-
*Note*: When using the Coverity plug-in, use the language key "cov-cpp" instead of "c", "c++", or "cpp". This language key prevents conflicts with non_Coverity plug-ins.
155+
*Note*: When using the Coverity plug-in, use the language key "cov-cpp" instead of "c", "c++", or "cpp". This language key prevents conflicts with non-Coverity plug-ins.
161156

162157
To specify the language key:
163-
- Add "sonar.language=cov-cpp" (or another preferred language) to the properties file.
164-
- in **Administration &gt; Coverity &gt; Languages**, configure "C/C++ source files suffixes" appropriately.
165-
- Configure the source file suffixes for the other language plug-ins to avoid conflicts.
158+
- In **Administration &gt; Coverity &gt; Languages**, configure "C/C++ source files suffixes" appropriately.
159+
- Make sure that **Administration &gt; Configuration &gt; Languages** and your project level settings (**Project Settings &gt; General Settings &gt; Languages**) don't contain the suffixes that you configured above to avoid conflicts. For example, if your Coverity language configuration includes <code>\*\*./\*.cpp </code>, make sure to remove <code>\*\*./\*.cpp </code> everywhere else.
160+
- See https://community.sonarsource.com/t/language-of-file-dal-db2-vb-can-not-be-decided-as-the-file-matches-patterns-of-2-languages/21998 and https://community.sonarsource.com/t/language-of-file-can-not-be-decided-as-the-file-matches-patterns/16246 to see example conflicts.
166161

167162
*Note*: The "sonar.coverity.prefix" property is used to help locate files when anlyzing with the sonar scanner. The prefix value will be removed from the "File path" value on the Coverity Connect issue.
168163
- the value must match exactly, if having trouble finding the source files look at the Coverity Connect issues "File" column
@@ -174,8 +169,7 @@ To specify the language key:
174169
- If **sonar.coverity.stream** is not configured, then the plugin will use **sonar.coverity.project** to fetch defects from.
175170

176171

177-
The Coverity Widget
178-
===================
172+
# The Coverity Widget
179173

180174
The Coverity plug-in includes a Coverity widget that displays
181175
Coverity-specific measures. The Coverity widget is available with SonarQube versions before version 6.2.
@@ -192,17 +186,15 @@ Coverity-specific measures. The Coverity widget is available with SonarQube vers
192186
- The Coverity widget can be added to the Dashboard by two different routes: as Admin,
193187
go to **Dashboards &gt; Manage dashboards**, or in a Project, go to **Dashboard** and add it there.
194188

195-
Sonar Scanner with SSL
196-
===================
189+
# Sonar Scanner with SSL
197190

198191
Coverity SonarQube Plugin provides a connection to Coverity Connect through SSL. The certificates should be imported to the java key chain where Sonar Scanner is running from.
199192

200193
Sonar Scanner provides its own jre bundle as part of Sonar Scanner. This means that if a user installed java locally, the certificates need to be imported to the jre which is bundled with Sonar Scanner.
201194

202195
keytool -importcert -keystore <PATH_TO_SONAR_SCANNER>/jre/lib/security/cacerts -storepass changeit -file <CERT_FILE> -alias <ALIAS>
203196

204-
Limitations
205-
===========
197+
# Limitations
206198

207199
The Coverity Sonar plug-in has the following limitations, which may be
208200
addressed in future releases.
@@ -237,17 +229,20 @@ addressed in future releases.
237229
- There are no immediate plans for localization to languages other
238230
than English.
239231

240-
Support
241-
=======
242-
If you have any questions or issues with the Coverity plugin, contact <[email protected]>
232+
# Support
233+
234+
If you have questions or issues with the Coverity plugin, please contact <[email protected]>
243235

244-
Changelog
245-
=========
236+
# Changelog
246237

238+
* __1.7.5__
239+
* Fixed crash on start up of plug-in (SQP-156)
240+
* Updated minimum supported version of SonarQube to 7.9.1 (SQP-141)
241+
* Added support for SonarQube 8.* (SQP-148)
247242
* __1.7.4__
248243
* Fixed an issue where C/C++ doesn't show up under 'languages' filter in the Projects page. (SQP-134)
249244
* Fixed an issue where lines of code not reporting consistently for c/c++ in SonarQube. (SQP-135)
250-
* Enhancement Request - addition of Coverity c/c++ rules into SonarQube plugin (SQP-133)
245+
* Enhancement Request - addition of Coverity c/c++ rules into SonarQube plugin (SQP-133)
251246
* __1.7.3__
252247
* Fixed an issue where C/C++ project is displayed as an empty project in the SonarQube after running Coverity SonarQube plugin. (SQP-144)
253248
* "sonar.coverity.cov-cpp.suffixes" property is declared as multi-value property. (SQP-136)

pom.xml

Lines changed: 40 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -5,15 +5,15 @@
55
<groupId>org.sonar.plugins.coverity</groupId>
66
<artifactId>coverity-sonar-plugin</artifactId>
77
<packaging>sonar-plugin</packaging>
8-
<version>1.7.4</version>
8+
<version>1.7.5</version>
99

1010
<name>Coverity</name>
1111
<description>Imports Coverity defects into SonarQube</description>
1212
<url>https://github.com/coverity/coverity-sonar-plugin</url>
1313
<inceptionYear>2014</inceptionYear>
1414
<properties>
1515
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
16-
<sonar.version>6.7.5</sonar.version>
16+
<sonar.version>7.9.6</sonar.version>
1717
<jdk.min.version>1.8</jdk.min.version>
1818
<cim.url></cim.url>
1919
<ws.version>v9</ws.version>
@@ -28,7 +28,7 @@
2828

2929
<organization>
3030
<name>Synopsys, Inc.</name>
31-
<url>http://www.coverity.com</url>
31+
<url>https://www.synopsys.com/</url>
3232
</organization>
3333

3434
<developers>
@@ -37,11 +37,6 @@
3737
<name>Andrew Cho</name>
3838
<email>[email protected]</email>
3939
</developer>
40-
<developer>
41-
<id>jbriggs</id>
42-
<name>Joel Briggs</name>
43-
<email>[email protected]</email>
44-
</developer>
4540
<developer>
4641
<id>shami</id>
4742
<name>Shami Willms</name>
@@ -162,7 +157,13 @@
162157
<artifactId>jaxws-api</artifactId>
163158
<version>2.3.1</version>
164159
</dependency>
165-
</dependencies>
160+
<dependency>
161+
<groupId>org.codehaus.staxmate</groupId>
162+
<artifactId>staxmate</artifactId>
163+
<version>2.0.1</version>
164+
</dependency>
165+
166+
</dependencies>
166167

167168
<build>
168169
<plugins>
@@ -393,11 +394,36 @@
393394

394395
</profiles>
395396

397+
<pluginRepositories>
398+
<pluginRepository>
399+
<id>central</id>
400+
<name>Central Repository</name>
401+
<url>https://repo.maven.apache.org/maven2</url>
402+
<layout>default</layout>
403+
<snapshots>
404+
<enabled>false</enabled>
405+
</snapshots>
406+
<releases>
407+
<updatePolicy>never</updatePolicy>
408+
</releases>
409+
</pluginRepository>
410+
</pluginRepositories>
411+
396412
<repositories>
397-
<repository>
398-
<id>sonar-plugin-local</id>
399-
<name>sonar-plugin-local</name>
400-
<url>http://artifactory.internal.synopsys.com:8081/artifactory/simple/sonar-plugin-local</url>
401-
</repository>
413+
<repository>
414+
<id>central</id>
415+
<name>Central Repository</name>
416+
<url>https://repo.maven.apache.org/maven2</url>
417+
<layout>default</layout>
418+
<snapshots>
419+
<enabled>false</enabled>
420+
</snapshots>
421+
</repository>
422+
<repository>
423+
<id>sonar-plugin-local</id>
424+
<name>sonar-plugin-local</name>
425+
<url>http://artifactory.internal.synopsys.com:8081/artifactory/simple/sonar-plugin-local</url>
426+
</repository>
402427
</repositories>
428+
403429
</project>

src/license/coverity_license/header.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2017 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/CoverityPlugin.java

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made
@@ -20,7 +20,6 @@
2020
import org.sonar.plugins.coverity.batch.CoveritySensor;
2121
import org.sonar.plugins.coverity.server.CoverityProfiles;
2222
import org.sonar.plugins.coverity.server.CoverityRules;
23-
import org.sonar.plugins.coverity.ui.CoverityWidget;
2423
import org.sonar.plugins.coverity.server.CppLanguage;
2524
import org.sonar.plugins.coverity.ws.CIMClientFactory;
2625

@@ -152,9 +151,6 @@ private List getExtensions() {
152151
CoverityProfiles.class,
153152
CppLanguage.class,
154153

155-
//UI
156-
CoverityWidget.class,
157-
158154
//Base
159155
CoverityPluginMetrics.class
160156
);

src/main/java/org/sonar/plugins/coverity/batch/CoverityScanner.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/batch/CoveritySensor.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/defect/CoverityDefect.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/defect/CoverityDefects.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/metrics/CoverityPluginMetrics.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

src/main/java/org/sonar/plugins/coverity/metrics/MetricService.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/*
22
* Coverity Sonar Plugin
3-
* Copyright (c) 2020 Synopsys, Inc
3+
* Copyright (c) 2021 Synopsys, Inc
44
55
*
66
* All rights reserved. This program and the accompanying materials are made

0 commit comments

Comments
 (0)