Reducing the size of the scan shortens the length of time needed to complete. This can be as specific as the current directory, or even a specific file. After the server is connected to PhpStorm and its project resources imported, the targets of the local scan are set.Īs the SonarQube analysis on the server runs over the entire application, I prefer to make the scan test as little code as possible using the “Local analysis script”. Alternatively, pressing “Ctrl+Alt+S” brings up the same menu. Once the plugin has been installed, configure it to target the SonarQube server through the File > Settings option. To that end, SonarQube allows for both local testing of a single file, a group of files, or whole directories, while also analyzing the entire project after the changes are sent. The local tests need to be run quickly so that many iterations can be performed. In an ideal development lifecycle, code changes are made that are then validated locally before being committed and pushed to a testing environment. This does require a running instance of SonarQube and works best with a local sonar-runner to perform testing prior to pushing any changes. Step-by-step documentation is scattered or insufficient, so I have compiled an explanation of the process, with accompanying screenshots. One useful method of expanding upon its native features is to add the SonarQube plugin to provide source code analysis. The software development IDE, JetBrains PhpStorm, is a versatile tool to incorporate into a DevOps pipeline.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |