diff options
| author | Wouter Admiraal <wouter.admiraal@sonarsource.com> | 2022-11-25 16:54:09 +0100 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2022-12-06 20:02:54 +0000 |
| commit | 53038a77043dedd1021c6338ae2cad23ee33199d (patch) | |
| tree | 025165f7ac4aa8cf5aec57d94a92c029eb1e8fae /server/sonar-docs/src | |
| parent | e3c87f90cf9dbba3654f0f27f435376ba0c7a88b (diff) | |
| download | sonarqube-53038a77043dedd1021c6338ae2cad23ee33199d.tar.gz sonarqube-53038a77043dedd1021c6338ae2cad23ee33199d.zip | |
SONAR-17683 Remove server/sonar-docs
Diffstat (limited to 'server/sonar-docs/src')
321 files changed, 0 insertions, 26033 deletions
diff --git a/server/sonar-docs/src/@types/graphql-types.d.ts b/server/sonar-docs/src/@types/graphql-types.d.ts deleted file mode 100644 index e1fc9511db6..00000000000 --- a/server/sonar-docs/src/@types/graphql-types.d.ts +++ /dev/null @@ -1,5728 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -/* tslint:disable */ - -export interface Query { - allSitePage: SitePageConnection | null; - allSitePlugin: SitePluginConnection | null; - allDirectory: DirectoryConnection | null; - allFile: FileConnection | null; - allMarkdownRemark: MarkdownRemarkConnection | null; - sitePage: SitePage | null; - sitePlugin: SitePlugin | null; - site: Site | null; - directory: Directory | null; - file: File | null; - markdownRemark: MarkdownRemark | null; -} - -export interface AllSitePageQueryArgs { - skip: number | null; - limit: number | null; - sort: sitePageConnectionSort | null; - filter: filterSitePage | null; -} - -export interface AllSitePluginQueryArgs { - skip: number | null; - limit: number | null; - sort: sitePluginConnectionSort | null; - filter: filterSitePlugin | null; -} - -export interface AllDirectoryQueryArgs { - skip: number | null; - limit: number | null; - sort: directoryConnectionSort | null; - filter: filterDirectory | null; -} - -export interface AllFileQueryArgs { - skip: number | null; - limit: number | null; - sort: fileConnectionSort | null; - filter: filterFile | null; -} - -export interface AllMarkdownRemarkQueryArgs { - skip: number | null; - limit: number | null; - sort: markdownRemarkConnectionSort | null; - filter: filterMarkdownRemark | null; -} - -export interface SitePageQueryArgs { - jsonName: sitePageJsonNameQueryString | null; - internalComponentName: sitePageInternalComponentNameQueryString | null; - path: sitePagePathQueryString_2 | null; - component: sitePageComponentQueryString | null; - componentChunkName: sitePageComponentChunkNameQueryString | null; - context: sitePageContextInputObject | null; - pluginCreator: sitePagePluginCreatorInputObject | null; - pluginCreatorId: sitePagePluginCreatorIdQueryString_2 | null; - componentPath: sitePageComponentPathQueryString | null; - id: sitePageIdQueryString_2 | null; - internal: sitePageInternalInputObject_2 | null; -} - -export interface SitePluginQueryArgs { - resolve: sitePluginResolveQueryString_2 | null; - id: sitePluginIdQueryString_2 | null; - name: sitePluginNameQueryString_2 | null; - version: sitePluginVersionQueryString_2 | null; - pluginOptions: sitePluginPluginOptionsInputObject_2 | null; - nodeAPIs: sitePluginNodeApIsQueryList_2 | null; - browserAPIs: sitePluginBrowserApIsQueryList_2 | null; - ssrAPIs: sitePluginSsrApIsQueryList_2 | null; - pluginFilepath: sitePluginPluginFilepathQueryString_2 | null; - packageJson: sitePluginPackageJsonInputObject_2 | null; - internal: sitePluginInternalInputObject_2 | null; -} - -export interface SiteQueryArgs { - siteMetadata: siteSiteMetadataInputObject_2 | null; - port: sitePortQueryString_2 | null; - host: siteHostQueryString_2 | null; - pathPrefix: sitePathPrefixQueryString_2 | null; - polyfill: sitePolyfillQueryBoolean_2 | null; - buildTime: siteBuildTimeQueryString_2 | null; - id: siteIdQueryString_2 | null; - internal: siteInternalInputObject_2 | null; -} - -export interface DirectoryQueryArgs { - id: directoryIdQueryString_2 | null; - internal: directoryInternalInputObject_2 | null; - sourceInstanceName: directorySourceInstanceNameQueryString_2 | null; - absolutePath: directoryAbsolutePathQueryString_2 | null; - relativePath: directoryRelativePathQueryString_2 | null; - extension: directoryExtensionQueryString_2 | null; - size: directorySizeQueryInteger_2 | null; - prettySize: directoryPrettySizeQueryString_2 | null; - modifiedTime: directoryModifiedTimeQueryString_2 | null; - accessTime: directoryAccessTimeQueryString_2 | null; - changeTime: directoryChangeTimeQueryString_2 | null; - birthTime: directoryBirthTimeQueryString_2 | null; - root: directoryRootQueryString_2 | null; - dir: directoryDirQueryString_2 | null; - base: directoryBaseQueryString_2 | null; - ext: directoryExtQueryString_2 | null; - name: directoryNameQueryString_2 | null; - relativeDirectory: directoryRelativeDirectoryQueryString_2 | null; - dev: directoryDevQueryInteger_2 | null; - mode: directoryModeQueryInteger_2 | null; - nlink: directoryNlinkQueryInteger_2 | null; - uid: directoryUidQueryInteger_2 | null; - gid: directoryGidQueryInteger_2 | null; - rdev: directoryRdevQueryInteger_2 | null; - blksize: directoryBlksizeQueryInteger_2 | null; - ino: directoryInoQueryInteger_2 | null; - blocks: directoryBlocksQueryInteger_2 | null; - atimeMs: directoryAtimeMsQueryFloat_2 | null; - mtimeMs: directoryMtimeMsQueryFloat_2 | null; - ctimeMs: directoryCtimeMsQueryFloat_2 | null; - birthtimeMs: directoryBirthtimeMsQueryFloat_2 | null; - atime: directoryAtimeQueryString_2 | null; - mtime: directoryMtimeQueryString_2 | null; - ctime: directoryCtimeQueryString_2 | null; - birthtime: directoryBirthtimeQueryString_2 | null; -} - -export interface FileQueryArgs { - id: fileIdQueryString_2 | null; - internal: fileInternalInputObject_2 | null; - sourceInstanceName: fileSourceInstanceNameQueryString_2 | null; - absolutePath: fileAbsolutePathQueryString_2 | null; - relativePath: fileRelativePathQueryString_2 | null; - extension: fileExtensionQueryString_2 | null; - size: fileSizeQueryInteger_2 | null; - prettySize: filePrettySizeQueryString_2 | null; - modifiedTime: fileModifiedTimeQueryString_2 | null; - accessTime: fileAccessTimeQueryString_2 | null; - changeTime: fileChangeTimeQueryString_2 | null; - birthTime: fileBirthTimeQueryString_2 | null; - root: fileRootQueryString_2 | null; - dir: fileDirQueryString_2 | null; - base: fileBaseQueryString_2 | null; - ext: fileExtQueryString_2 | null; - name: fileNameQueryString_2 | null; - relativeDirectory: fileRelativeDirectoryQueryString_2 | null; - dev: fileDevQueryInteger_2 | null; - mode: fileModeQueryInteger_2 | null; - nlink: fileNlinkQueryInteger_2 | null; - uid: fileUidQueryInteger_2 | null; - gid: fileGidQueryInteger_2 | null; - rdev: fileRdevQueryInteger_2 | null; - blksize: fileBlksizeQueryInteger_2 | null; - ino: fileInoQueryInteger_2 | null; - blocks: fileBlocksQueryInteger_2 | null; - atimeMs: fileAtimeMsQueryFloat_2 | null; - mtimeMs: fileMtimeMsQueryFloat_2 | null; - ctimeMs: fileCtimeMsQueryFloat_2 | null; - birthtimeMs: fileBirthtimeMsQueryFloat_2 | null; - atime: fileAtimeQueryString_2 | null; - mtime: fileMtimeQueryString_2 | null; - ctime: fileCtimeQueryString_2 | null; - birthtime: fileBirthtimeQueryString_2 | null; - publicURL: publicUrlQueryString_3 | null; -} - -export interface MarkdownRemarkQueryArgs { - id: markdownRemarkIdQueryString_2 | null; - internal: markdownRemarkInternalInputObject_2 | null; - frontmatter: markdownRemarkFrontmatterInputObject_2 | null; - rawMarkdownBody: markdownRemarkRawMarkdownBodyQueryString_2 | null; - fileAbsolutePath: markdownRemarkFileAbsolutePathQueryString_2 | null; - fields: markdownRemarkFieldsInputObject_2 | null; - html: htmlQueryString_3 | null; - excerpt: excerptQueryString_3 | null; - headings: headingsQueryList_3 | null; - timeToRead: timeToReadQueryInt_3 | null; - tableOfContents: tableOfContentsQueryString_3 | null; - wordCount: wordCountTypeName_3 | null; -} - -export interface sitePageConnectionSort { - fields: Array<SitePageConnectionSortByFieldsEnum>; - order: sitePageConnectionSortOrderValues | null; -} - -export type SitePageConnectionSortByFieldsEnum = - | 'jsonName' - | 'internalComponentName' - | 'path' - | 'component' - | 'componentChunkName' - | 'context___slug' - | 'pluginCreator___NODE' - | 'pluginCreatorId' - | 'componentPath' - | 'id' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___description' - | 'internal___owner'; - -export type sitePageConnectionSortOrderValues = 'ASC' | 'DESC'; - -export interface filterSitePage { - jsonName: sitePageConnectionJsonNameQueryString | null; - internalComponentName: sitePageConnectionInternalComponentNameQueryString | null; - path: sitePageConnectionPathQueryString_2 | null; - component: sitePageConnectionComponentQueryString | null; - componentChunkName: sitePageConnectionComponentChunkNameQueryString | null; - context: sitePageConnectionContextInputObject | null; - pluginCreator: sitePageConnectionPluginCreatorInputObject | null; - pluginCreatorId: sitePageConnectionPluginCreatorIdQueryString_2 | null; - componentPath: sitePageConnectionComponentPathQueryString | null; - id: sitePageConnectionIdQueryString_2 | null; - internal: sitePageConnectionInternalInputObject_2 | null; -} - -export interface sitePageConnectionJsonNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionInternalComponentNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionComponentQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionComponentChunkNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionContextInputObject { - slug: sitePageConnectionContextSlugQueryString | null; -} - -export interface sitePageConnectionContextSlugQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorInputObject { - resolve: sitePageConnectionPluginCreatorResolveQueryString | null; - id: sitePageConnectionPluginCreatorIdQueryString | null; - name: sitePageConnectionPluginCreatorNameQueryString | null; - version: sitePageConnectionPluginCreatorVersionQueryString | null; - pluginOptions: sitePageConnectionPluginCreatorPluginOptionsInputObject | null; - nodeAPIs: sitePageConnectionPluginCreatorNodeApIsQueryList | null; - browserAPIs: sitePageConnectionPluginCreatorBrowserApIsQueryList | null; - ssrAPIs: sitePageConnectionPluginCreatorSsrApIsQueryList | null; - pluginFilepath: sitePageConnectionPluginCreatorPluginFilepathQueryString | null; - packageJson: sitePageConnectionPluginCreatorPackageJsonInputObject | null; - internal: sitePageConnectionPluginCreatorInternalInputObject | null; -} - -export interface sitePageConnectionPluginCreatorResolveQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorIdQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsInputObject { - plugins: sitePageConnectionPluginCreatorPluginOptionsPluginsQueryList | null; - name: sitePageConnectionPluginCreatorPluginOptionsNameQueryString | null; - path: sitePageConnectionPluginCreatorPluginOptionsPathQueryString | null; - pathToConfigModule: sitePageConnectionPluginCreatorPluginOptionsPathToConfigModuleQueryString | null; - blocks: sitePageConnectionPluginCreatorPluginOptionsBlocksInputObject | null; - pathCheck: sitePageConnectionPluginCreatorPluginOptionsPathCheckQueryBoolean | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsQueryList { - elemMatch: sitePageConnectionPluginCreatorPluginOptionsPluginsInputObject | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsInputObject { - resolve: sitePageConnectionPluginCreatorPluginOptionsPluginsResolveQueryString | null; - id: sitePageConnectionPluginCreatorPluginOptionsPluginsIdQueryString | null; - name: sitePageConnectionPluginCreatorPluginOptionsPluginsNameQueryString | null; - version: sitePageConnectionPluginCreatorPluginOptionsPluginsVersionQueryString | null; - pluginOptions: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsInputObject | null; - pluginFilepath: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginFilepathQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsResolveQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsIdQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsInputObject { - blocks: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksInputObject | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksInputObject { - danger: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksDangerQueryString | null; - warning: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksWarningQueryString | null; - info: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksInfoQueryString | null; - success: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString | null; - collapse: sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksDangerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksWarningQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksInfoQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPluginsPluginFilepathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPathToConfigModuleQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksInputObject { - danger: sitePageConnectionPluginCreatorPluginOptionsBlocksDangerQueryString | null; - warning: sitePageConnectionPluginCreatorPluginOptionsBlocksWarningQueryString | null; - info: sitePageConnectionPluginCreatorPluginOptionsBlocksInfoQueryString | null; - success: sitePageConnectionPluginCreatorPluginOptionsBlocksSuccessQueryString | null; - collapse: sitePageConnectionPluginCreatorPluginOptionsBlocksCollapseQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksDangerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksWarningQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksInfoQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksSuccessQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsBlocksCollapseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginOptionsPathCheckQueryBoolean { - eq: boolean | null; - ne: boolean | null; - in: Array<boolean> | null; - nin: Array<boolean> | null; -} - -export interface sitePageConnectionPluginCreatorNodeApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorBrowserApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorSsrApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPluginFilepathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonInputObject { - name: sitePageConnectionPluginCreatorPackageJsonNameQueryString | null; - description: sitePageConnectionPluginCreatorPackageJsonDescriptionQueryString | null; - version: sitePageConnectionPluginCreatorPackageJsonVersionQueryString | null; - main: sitePageConnectionPluginCreatorPackageJsonMainQueryString | null; - author: sitePageConnectionPluginCreatorPackageJsonAuthorQueryString | null; - license: sitePageConnectionPluginCreatorPackageJsonLicenseQueryString | null; - dependencies: sitePageConnectionPluginCreatorPackageJsonDependenciesQueryList | null; - devDependencies: sitePageConnectionPluginCreatorPackageJsonDevDependenciesQueryList | null; - peerDependencies: sitePageConnectionPluginCreatorPackageJsonPeerDependenciesQueryList | null; - keywords: sitePageConnectionPluginCreatorPackageJsonKeywordsQueryList | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDescriptionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonMainQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonAuthorQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonLicenseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDependenciesQueryList { - elemMatch: sitePageConnectionPluginCreatorPackageJsonDependenciesInputObject | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDependenciesInputObject { - name: sitePageConnectionPluginCreatorPackageJsonDependenciesNameQueryString | null; - version: sitePageConnectionPluginCreatorPackageJsonDependenciesVersionQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDevDependenciesQueryList { - elemMatch: sitePageConnectionPluginCreatorPackageJsonDevDependenciesInputObject | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDevDependenciesInputObject { - name: sitePageConnectionPluginCreatorPackageJsonDevDependenciesNameQueryString | null; - version: sitePageConnectionPluginCreatorPackageJsonDevDependenciesVersionQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDevDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonDevDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonPeerDependenciesQueryList { - elemMatch: sitePageConnectionPluginCreatorPackageJsonPeerDependenciesInputObject | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonPeerDependenciesInputObject { - name: sitePageConnectionPluginCreatorPackageJsonPeerDependenciesNameQueryString | null; - version: sitePageConnectionPluginCreatorPackageJsonPeerDependenciesVersionQueryString | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonPeerDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonPeerDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorPackageJsonKeywordsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorInternalInputObject { - contentDigest: sitePageConnectionPluginCreatorInternalContentDigestQueryString | null; - type: sitePageConnectionPluginCreatorInternalTypeQueryString | null; - owner: sitePageConnectionPluginCreatorInternalOwnerQueryString | null; -} - -export interface sitePageConnectionPluginCreatorInternalContentDigestQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorInternalTypeQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorInternalOwnerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionPluginCreatorIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionComponentPathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionInternalInputObject_2 { - type: sitePageConnectionInternalTypeQueryString_2 | null; - contentDigest: sitePageConnectionInternalContentDigestQueryString_2 | null; - description: sitePageConnectionInternalDescriptionQueryString | null; - owner: sitePageConnectionInternalOwnerQueryString_2 | null; -} - -export interface sitePageConnectionInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionInternalDescriptionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageConnectionInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface SitePageConnection { - pageInfo: PageInfo; - edges: Array<SitePageEdge> | null; - totalCount: number | null; - distinct: Array<string> | null; - group: Array<sitePageGroupConnectionConnection> | null; -} - -export interface DistinctSitePageConnectionArgs { - field: sitePageDistinctEnum | null; -} - -export interface GroupSitePageConnectionArgs { - skip: number | null; - limit: number | null; - field: sitePageGroupEnum | null; -} - -export interface PageInfo { - hasNextPage: boolean; -} - -export interface SitePageEdge { - node: SitePage | null; - next: SitePage | null; - previous: SitePage | null; -} - -export interface SitePage extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - jsonName: string | null; - internalComponentName: string | null; - path: string | null; - component: string | null; - componentChunkName: string | null; - context: context | null; - pluginCreator: SitePlugin | null; - pluginCreatorId: string | null; - componentPath: string | null; - internal: internal_7 | null; -} - -export interface Node { - id: string; - parent: Node | null; - children: Array<Node> | null; -} - -export interface context { - slug: string | null; -} - -export interface SitePlugin extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - resolve: string | null; - name: string | null; - version: string | null; - pluginOptions: pluginOptions_3 | null; - nodeAPIs: Array<string> | null; - browserAPIs: Array<string> | null; - ssrAPIs: Array<string> | null; - pluginFilepath: string | null; - packageJson: packageJson_2 | null; - internal: internal_8 | null; -} - -export interface pluginOptions_3 { - plugins: Array<plugins_2> | null; - name: string | null; - path: string | null; - pathToConfigModule: string | null; - blocks: blocks_4 | null; - pathCheck: boolean | null; -} - -export interface plugins_2 { - resolve: string | null; - id: string | null; - name: string | null; - version: string | null; - pluginOptions: pluginOptions_4 | null; - pluginFilepath: string | null; -} - -export interface pluginOptions_4 { - blocks: blocks_3 | null; -} - -export interface blocks_3 { - danger: string | null; - warning: string | null; - info: string | null; - success: string | null; - collapse: string | null; -} - -export interface blocks_4 { - danger: string | null; - warning: string | null; - info: string | null; - success: string | null; - collapse: string | null; -} - -export interface packageJson_2 { - name: string | null; - description: string | null; - version: string | null; - main: string | null; - author: string | null; - license: string | null; - dependencies: Array<dependencies_2> | null; - devDependencies: Array<devDependencies_2> | null; - peerDependencies: Array<peerDependencies_2> | null; - keywords: Array<string> | null; -} - -export interface dependencies_2 { - name: string | null; - version: string | null; -} - -export interface devDependencies_2 { - name: string | null; - version: string | null; -} - -export interface peerDependencies_2 { - name: string | null; - version: string | null; -} - -export interface internal_8 { - contentDigest: string | null; - type: string | null; - owner: string | null; -} - -export interface internal_7 { - type: string | null; - contentDigest: string | null; - description: string | null; - owner: string | null; -} - -export type sitePageDistinctEnum = - | 'jsonName' - | 'internalComponentName' - | 'path' - | 'component' - | 'componentChunkName' - | 'context___slug' - | 'pluginCreator___NODE' - | 'pluginCreatorId' - | 'componentPath' - | 'id' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___description' - | 'internal___owner'; - -export type sitePageGroupEnum = - | 'jsonName' - | 'internalComponentName' - | 'path' - | 'component' - | 'componentChunkName' - | 'context___slug' - | 'pluginCreator___NODE' - | 'pluginCreatorId' - | 'componentPath' - | 'id' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___description' - | 'internal___owner'; - -export interface sitePageGroupConnectionConnection { - pageInfo: PageInfo; - edges: Array<sitePageGroupConnectionEdge> | null; - field: string | null; - fieldValue: string | null; - totalCount: number | null; -} - -export interface sitePageGroupConnectionEdge { - node: SitePage | null; - next: SitePage | null; - previous: SitePage | null; -} - -export interface sitePluginConnectionSort { - fields: Array<SitePluginConnectionSortByFieldsEnum>; - order: sitePluginConnectionSortOrderValues | null; -} - -export type SitePluginConnectionSortByFieldsEnum = - | 'resolve' - | 'id' - | 'name' - | 'version' - | 'pluginOptions___plugins' - | 'pluginOptions___name' - | 'pluginOptions___path' - | 'pluginOptions___pathToConfigModule' - | 'pluginOptions___blocks___danger' - | 'pluginOptions___blocks___warning' - | 'pluginOptions___blocks___info' - | 'pluginOptions___blocks___success' - | 'pluginOptions___blocks___collapse' - | 'pluginOptions___pathCheck' - | 'nodeAPIs' - | 'browserAPIs' - | 'ssrAPIs' - | 'pluginFilepath' - | 'packageJson___name' - | 'packageJson___description' - | 'packageJson___version' - | 'packageJson___main' - | 'packageJson___author' - | 'packageJson___license' - | 'packageJson___dependencies' - | 'packageJson___devDependencies' - | 'packageJson___peerDependencies' - | 'packageJson___keywords' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___owner'; - -export type sitePluginConnectionSortOrderValues = 'ASC' | 'DESC'; - -export interface filterSitePlugin { - resolve: sitePluginConnectionResolveQueryString_2 | null; - id: sitePluginConnectionIdQueryString_2 | null; - name: sitePluginConnectionNameQueryString_2 | null; - version: sitePluginConnectionVersionQueryString_2 | null; - pluginOptions: sitePluginConnectionPluginOptionsInputObject_2 | null; - nodeAPIs: sitePluginConnectionNodeApIsQueryList_2 | null; - browserAPIs: sitePluginConnectionBrowserApIsQueryList_2 | null; - ssrAPIs: sitePluginConnectionSsrApIsQueryList_2 | null; - pluginFilepath: sitePluginConnectionPluginFilepathQueryString_2 | null; - packageJson: sitePluginConnectionPackageJsonInputObject_2 | null; - internal: sitePluginConnectionInternalInputObject_2 | null; -} - -export interface sitePluginConnectionResolveQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsInputObject_2 { - plugins: sitePluginConnectionPluginOptionsPluginsQueryList_2 | null; - name: sitePluginConnectionPluginOptionsNameQueryString_2 | null; - path: sitePluginConnectionPluginOptionsPathQueryString_2 | null; - pathToConfigModule: sitePluginConnectionPluginOptionsPathToConfigModuleQueryString_2 | null; - blocks: sitePluginConnectionPluginOptionsBlocksInputObject_2 | null; - pathCheck: sitePluginConnectionPluginOptionsPathCheckQueryBoolean_2 | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsQueryList_2 { - elemMatch: sitePluginConnectionPluginOptionsPluginsInputObject_2 | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsInputObject_2 { - resolve: sitePluginConnectionPluginOptionsPluginsResolveQueryString_2 | null; - id: sitePluginConnectionPluginOptionsPluginsIdQueryString_2 | null; - name: sitePluginConnectionPluginOptionsPluginsNameQueryString_2 | null; - version: sitePluginConnectionPluginOptionsPluginsVersionQueryString_2 | null; - pluginOptions: sitePluginConnectionPluginOptionsPluginsPluginOptionsInputObject_2 | null; - pluginFilepath: sitePluginConnectionPluginOptionsPluginsPluginFilepathQueryString_2 | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsResolveQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsInputObject_2 { - blocks: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksInputObject_2 | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksInputObject_2 { - danger: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksDangerQueryString_2 | null; - warning: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksWarningQueryString_2 | null; - info: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksInfoQueryString_2 | null; - success: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString_2 | null; - collapse: sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString_2 | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksDangerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksWarningQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksInfoQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPluginsPluginFilepathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPathToConfigModuleQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksInputObject_2 { - danger: sitePluginConnectionPluginOptionsBlocksDangerQueryString_2 | null; - warning: sitePluginConnectionPluginOptionsBlocksWarningQueryString_2 | null; - info: sitePluginConnectionPluginOptionsBlocksInfoQueryString_2 | null; - success: sitePluginConnectionPluginOptionsBlocksSuccessQueryString_2 | null; - collapse: sitePluginConnectionPluginOptionsBlocksCollapseQueryString_2 | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksDangerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksWarningQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksInfoQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksSuccessQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsBlocksCollapseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginOptionsPathCheckQueryBoolean_2 { - eq: boolean | null; - ne: boolean | null; - in: Array<boolean> | null; - nin: Array<boolean> | null; -} - -export interface sitePluginConnectionNodeApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionBrowserApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionSsrApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPluginFilepathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonInputObject_2 { - name: sitePluginConnectionPackageJsonNameQueryString_2 | null; - description: sitePluginConnectionPackageJsonDescriptionQueryString_2 | null; - version: sitePluginConnectionPackageJsonVersionQueryString_2 | null; - main: sitePluginConnectionPackageJsonMainQueryString_2 | null; - author: sitePluginConnectionPackageJsonAuthorQueryString_2 | null; - license: sitePluginConnectionPackageJsonLicenseQueryString_2 | null; - dependencies: sitePluginConnectionPackageJsonDependenciesQueryList_2 | null; - devDependencies: sitePluginConnectionPackageJsonDevDependenciesQueryList_2 | null; - peerDependencies: sitePluginConnectionPackageJsonPeerDependenciesQueryList_2 | null; - keywords: sitePluginConnectionPackageJsonKeywordsQueryList_2 | null; -} - -export interface sitePluginConnectionPackageJsonNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonMainQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonAuthorQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonLicenseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonDependenciesQueryList_2 { - elemMatch: sitePluginConnectionPackageJsonDependenciesInputObject_2 | null; -} - -export interface sitePluginConnectionPackageJsonDependenciesInputObject_2 { - name: sitePluginConnectionPackageJsonDependenciesNameQueryString_2 | null; - version: sitePluginConnectionPackageJsonDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginConnectionPackageJsonDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonDevDependenciesQueryList_2 { - elemMatch: sitePluginConnectionPackageJsonDevDependenciesInputObject_2 | null; -} - -export interface sitePluginConnectionPackageJsonDevDependenciesInputObject_2 { - name: sitePluginConnectionPackageJsonDevDependenciesNameQueryString_2 | null; - version: sitePluginConnectionPackageJsonDevDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginConnectionPackageJsonDevDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonDevDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonPeerDependenciesQueryList_2 { - elemMatch: sitePluginConnectionPackageJsonPeerDependenciesInputObject_2 | null; -} - -export interface sitePluginConnectionPackageJsonPeerDependenciesInputObject_2 { - name: sitePluginConnectionPackageJsonPeerDependenciesNameQueryString_2 | null; - version: sitePluginConnectionPackageJsonPeerDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginConnectionPackageJsonPeerDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonPeerDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionPackageJsonKeywordsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionInternalInputObject_2 { - contentDigest: sitePluginConnectionInternalContentDigestQueryString_2 | null; - type: sitePluginConnectionInternalTypeQueryString_2 | null; - owner: sitePluginConnectionInternalOwnerQueryString_2 | null; -} - -export interface sitePluginConnectionInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginConnectionInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface SitePluginConnection { - pageInfo: PageInfo; - edges: Array<SitePluginEdge> | null; - totalCount: number | null; - distinct: Array<string> | null; - group: Array<sitePluginGroupConnectionConnection> | null; -} - -export interface DistinctSitePluginConnectionArgs { - field: sitePluginDistinctEnum | null; -} - -export interface GroupSitePluginConnectionArgs { - skip: number | null; - limit: number | null; - field: sitePluginGroupEnum | null; -} - -export interface SitePluginEdge { - node: SitePlugin | null; - next: SitePlugin | null; - previous: SitePlugin | null; -} - -export type sitePluginDistinctEnum = - | 'resolve' - | 'id' - | 'name' - | 'version' - | 'pluginOptions___plugins' - | 'pluginOptions___name' - | 'pluginOptions___path' - | 'pluginOptions___pathToConfigModule' - | 'pluginOptions___blocks___danger' - | 'pluginOptions___blocks___warning' - | 'pluginOptions___blocks___info' - | 'pluginOptions___blocks___success' - | 'pluginOptions___blocks___collapse' - | 'pluginOptions___pathCheck' - | 'nodeAPIs' - | 'browserAPIs' - | 'ssrAPIs' - | 'pluginFilepath' - | 'packageJson___name' - | 'packageJson___description' - | 'packageJson___version' - | 'packageJson___main' - | 'packageJson___author' - | 'packageJson___license' - | 'packageJson___dependencies' - | 'packageJson___devDependencies' - | 'packageJson___peerDependencies' - | 'packageJson___keywords' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___owner'; - -export type sitePluginGroupEnum = - | 'resolve' - | 'id' - | 'name' - | 'version' - | 'pluginOptions___plugins' - | 'pluginOptions___name' - | 'pluginOptions___path' - | 'pluginOptions___pathToConfigModule' - | 'pluginOptions___blocks___danger' - | 'pluginOptions___blocks___warning' - | 'pluginOptions___blocks___info' - | 'pluginOptions___blocks___success' - | 'pluginOptions___blocks___collapse' - | 'pluginOptions___pathCheck' - | 'nodeAPIs' - | 'browserAPIs' - | 'ssrAPIs' - | 'pluginFilepath' - | 'packageJson___name' - | 'packageJson___description' - | 'packageJson___version' - | 'packageJson___main' - | 'packageJson___author' - | 'packageJson___license' - | 'packageJson___dependencies' - | 'packageJson___devDependencies' - | 'packageJson___peerDependencies' - | 'packageJson___keywords' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___owner'; - -export interface sitePluginGroupConnectionConnection { - pageInfo: PageInfo; - edges: Array<sitePluginGroupConnectionEdge> | null; - field: string | null; - fieldValue: string | null; - totalCount: number | null; -} - -export interface sitePluginGroupConnectionEdge { - node: SitePlugin | null; - next: SitePlugin | null; - previous: SitePlugin | null; -} - -export interface directoryConnectionSort { - fields: Array<DirectoryConnectionSortByFieldsEnum>; - order: directoryConnectionSortOrderValues | null; -} - -export type DirectoryConnectionSortByFieldsEnum = - | 'id' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime'; - -export type directoryConnectionSortOrderValues = 'ASC' | 'DESC'; - -export interface filterDirectory { - id: directoryConnectionIdQueryString_2 | null; - internal: directoryConnectionInternalInputObject_2 | null; - sourceInstanceName: directoryConnectionSourceInstanceNameQueryString_2 | null; - absolutePath: directoryConnectionAbsolutePathQueryString_2 | null; - relativePath: directoryConnectionRelativePathQueryString_2 | null; - extension: directoryConnectionExtensionQueryString_2 | null; - size: directoryConnectionSizeQueryInteger_2 | null; - prettySize: directoryConnectionPrettySizeQueryString_2 | null; - modifiedTime: directoryConnectionModifiedTimeQueryString_2 | null; - accessTime: directoryConnectionAccessTimeQueryString_2 | null; - changeTime: directoryConnectionChangeTimeQueryString_2 | null; - birthTime: directoryConnectionBirthTimeQueryString_2 | null; - root: directoryConnectionRootQueryString_2 | null; - dir: directoryConnectionDirQueryString_2 | null; - base: directoryConnectionBaseQueryString_2 | null; - ext: directoryConnectionExtQueryString_2 | null; - name: directoryConnectionNameQueryString_2 | null; - relativeDirectory: directoryConnectionRelativeDirectoryQueryString_2 | null; - dev: directoryConnectionDevQueryInteger_2 | null; - mode: directoryConnectionModeQueryInteger_2 | null; - nlink: directoryConnectionNlinkQueryInteger_2 | null; - uid: directoryConnectionUidQueryInteger_2 | null; - gid: directoryConnectionGidQueryInteger_2 | null; - rdev: directoryConnectionRdevQueryInteger_2 | null; - blksize: directoryConnectionBlksizeQueryInteger_2 | null; - ino: directoryConnectionInoQueryInteger_2 | null; - blocks: directoryConnectionBlocksQueryInteger_2 | null; - atimeMs: directoryConnectionAtimeMsQueryFloat_2 | null; - mtimeMs: directoryConnectionMtimeMsQueryFloat_2 | null; - ctimeMs: directoryConnectionCtimeMsQueryFloat_2 | null; - birthtimeMs: directoryConnectionBirthtimeMsQueryFloat_2 | null; - atime: directoryConnectionAtimeQueryString_2 | null; - mtime: directoryConnectionMtimeQueryString_2 | null; - ctime: directoryConnectionCtimeQueryString_2 | null; - birthtime: directoryConnectionBirthtimeQueryString_2 | null; -} - -export interface directoryConnectionIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionInternalInputObject_2 { - contentDigest: directoryConnectionInternalContentDigestQueryString_2 | null; - type: directoryConnectionInternalTypeQueryString_2 | null; - description: directoryConnectionInternalDescriptionQueryString_2 | null; - owner: directoryConnectionInternalOwnerQueryString_2 | null; -} - -export interface directoryConnectionInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionInternalDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionSourceInstanceNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionRelativePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionExtensionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionSizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionPrettySizeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionModifiedTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionAccessTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionChangeTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionBirthTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionRootQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionDirQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionBaseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionExtQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionRelativeDirectoryQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionDevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionModeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionNlinkQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionUidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionGidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionRdevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionBlksizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionInoQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionBlocksQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionAtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionMtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionCtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionBirthtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryConnectionAtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionMtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionCtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryConnectionBirthtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface DirectoryConnection { - pageInfo: PageInfo; - edges: Array<DirectoryEdge> | null; - totalCount: number | null; - distinct: Array<string> | null; - group: Array<directoryGroupConnectionConnection> | null; -} - -export interface DistinctDirectoryConnectionArgs { - field: directoryDistinctEnum | null; -} - -export interface GroupDirectoryConnectionArgs { - skip: number | null; - limit: number | null; - field: directoryGroupEnum | null; -} - -export interface DirectoryEdge { - node: Directory | null; - next: Directory | null; - previous: Directory | null; -} - -export interface Directory extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - internal: internal_9 | null; - sourceInstanceName: string | null; - absolutePath: string | null; - relativePath: string | null; - extension: string | null; - size: number | null; - prettySize: string | null; - modifiedTime: Date | null; - accessTime: Date | null; - changeTime: Date | null; - birthTime: Date | null; - root: string | null; - dir: string | null; - base: string | null; - ext: string | null; - name: string | null; - relativeDirectory: string | null; - dev: number | null; - mode: number | null; - nlink: number | null; - uid: number | null; - gid: number | null; - rdev: number | null; - blksize: number | null; - ino: number | null; - blocks: number | null; - atimeMs: number | null; - mtimeMs: number | null; - ctimeMs: number | null; - birthtimeMs: number | null; - atime: Date | null; - mtime: Date | null; - ctime: Date | null; - birthtime: Date | null; -} - -export interface ModifiedTimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface AccessTimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface ChangeTimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface BirthTimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface AtimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface MtimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface CtimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface BirthtimeDirectoryArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface internal_9 { - contentDigest: string | null; - type: string | null; - description: string | null; - owner: string | null; -} - -export type Date = any; - -export type directoryDistinctEnum = - | 'id' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime'; - -export type directoryGroupEnum = - | 'id' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime'; - -export interface directoryGroupConnectionConnection { - pageInfo: PageInfo; - edges: Array<directoryGroupConnectionEdge> | null; - field: string | null; - fieldValue: string | null; - totalCount: number | null; -} - -export interface directoryGroupConnectionEdge { - node: Directory | null; - next: Directory | null; - previous: Directory | null; -} - -export interface fileConnectionSort { - fields: Array<FileConnectionSortByFieldsEnum>; - order: fileConnectionSortOrderValues | null; -} - -export type FileConnectionSortByFieldsEnum = - | 'id' - | 'children' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___mediaType' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime' - | 'publicURL'; - -export type fileConnectionSortOrderValues = 'ASC' | 'DESC'; - -export interface filterFile { - id: fileConnectionIdQueryString_2 | null; - internal: fileConnectionInternalInputObject_2 | null; - sourceInstanceName: fileConnectionSourceInstanceNameQueryString_2 | null; - absolutePath: fileConnectionAbsolutePathQueryString_2 | null; - relativePath: fileConnectionRelativePathQueryString_2 | null; - extension: fileConnectionExtensionQueryString_2 | null; - size: fileConnectionSizeQueryInteger_2 | null; - prettySize: fileConnectionPrettySizeQueryString_2 | null; - modifiedTime: fileConnectionModifiedTimeQueryString_2 | null; - accessTime: fileConnectionAccessTimeQueryString_2 | null; - changeTime: fileConnectionChangeTimeQueryString_2 | null; - birthTime: fileConnectionBirthTimeQueryString_2 | null; - root: fileConnectionRootQueryString_2 | null; - dir: fileConnectionDirQueryString_2 | null; - base: fileConnectionBaseQueryString_2 | null; - ext: fileConnectionExtQueryString_2 | null; - name: fileConnectionNameQueryString_2 | null; - relativeDirectory: fileConnectionRelativeDirectoryQueryString_2 | null; - dev: fileConnectionDevQueryInteger_2 | null; - mode: fileConnectionModeQueryInteger_2 | null; - nlink: fileConnectionNlinkQueryInteger_2 | null; - uid: fileConnectionUidQueryInteger_2 | null; - gid: fileConnectionGidQueryInteger_2 | null; - rdev: fileConnectionRdevQueryInteger_2 | null; - blksize: fileConnectionBlksizeQueryInteger_2 | null; - ino: fileConnectionInoQueryInteger_2 | null; - blocks: fileConnectionBlocksQueryInteger_2 | null; - atimeMs: fileConnectionAtimeMsQueryFloat_2 | null; - mtimeMs: fileConnectionMtimeMsQueryFloat_2 | null; - ctimeMs: fileConnectionCtimeMsQueryFloat_2 | null; - birthtimeMs: fileConnectionBirthtimeMsQueryFloat_2 | null; - atime: fileConnectionAtimeQueryString_2 | null; - mtime: fileConnectionMtimeQueryString_2 | null; - ctime: fileConnectionCtimeQueryString_2 | null; - birthtime: fileConnectionBirthtimeQueryString_2 | null; - publicURL: publicUrlQueryString_4 | null; -} - -export interface fileConnectionIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionInternalInputObject_2 { - contentDigest: fileConnectionInternalContentDigestQueryString_2 | null; - type: fileConnectionInternalTypeQueryString_2 | null; - mediaType: fileConnectionInternalMediaTypeQueryString_2 | null; - description: fileConnectionInternalDescriptionQueryString_2 | null; - owner: fileConnectionInternalOwnerQueryString_2 | null; -} - -export interface fileConnectionInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionInternalMediaTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionInternalDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionSourceInstanceNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionRelativePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionExtensionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionSizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionPrettySizeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionModifiedTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionAccessTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionChangeTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionBirthTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionRootQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionDirQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionBaseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionExtQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionRelativeDirectoryQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionDevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionModeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionNlinkQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionUidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionGidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionRdevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionBlksizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionInoQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionBlocksQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionAtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionMtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionCtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionBirthtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileConnectionAtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionMtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionCtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileConnectionBirthtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface publicUrlQueryString_4 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface FileConnection { - pageInfo: PageInfo; - edges: Array<FileEdge> | null; - totalCount: number | null; - distinct: Array<string> | null; - group: Array<fileGroupConnectionConnection> | null; -} - -export interface DistinctFileConnectionArgs { - field: fileDistinctEnum | null; -} - -export interface GroupFileConnectionArgs { - skip: number | null; - limit: number | null; - field: fileGroupEnum | null; -} - -export interface FileEdge { - node: File | null; - next: File | null; - previous: File | null; -} - -export interface File extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - childMarkdownRemark: MarkdownRemark | null; - internal: internal_10 | null; - sourceInstanceName: string | null; - absolutePath: string | null; - relativePath: string | null; - extension: string | null; - size: number | null; - prettySize: string | null; - modifiedTime: Date | null; - accessTime: Date | null; - changeTime: Date | null; - birthTime: Date | null; - root: string | null; - dir: string | null; - base: string | null; - ext: string | null; - name: string | null; - relativeDirectory: string | null; - dev: number | null; - mode: number | null; - nlink: number | null; - uid: number | null; - gid: number | null; - rdev: number | null; - blksize: number | null; - ino: number | null; - blocks: number | null; - atimeMs: number | null; - mtimeMs: number | null; - ctimeMs: number | null; - birthtimeMs: number | null; - atime: Date | null; - mtime: Date | null; - ctime: Date | null; - birthtime: Date | null; - publicURL: string | null; -} - -export interface ModifiedTimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface AccessTimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface ChangeTimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface BirthTimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface AtimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface MtimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface CtimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface BirthtimeFileArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface MarkdownRemark extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - internal: internal_11 | null; - frontmatter: frontmatter_2 | null; - rawMarkdownBody: string | null; - fileAbsolutePath: string | null; - fields: fields_2 | null; - html: string | null; - htmlAst: JSON | null; - excerpt: string | null; - headings: Array<MarkdownHeading> | null; - timeToRead: number | null; - tableOfContents: string | null; - wordCount: wordCount | null; -} - -export interface ExcerptMarkdownRemarkArgs { - pruneLength: number | null; - truncate: boolean | null; - format: ExcerptFormats | null; -} - -export interface HeadingsMarkdownRemarkArgs { - depth: HeadingLevels | null; -} - -export interface TableOfContentsMarkdownRemarkArgs { - pathToSlugField: string | null; -} - -export interface internal_11 { - content: string | null; - type: string | null; - contentDigest: string | null; - owner: string | null; - fieldOwners: fieldOwners_2 | null; -} - -export interface fieldOwners_2 { - slug: string | null; -} - -export interface frontmatter_2 { - title: string | null; - nav: string | null; - url: string | null; -} - -export interface fields_2 { - slug: string | null; -} - -export type JSON = any; - -export type ExcerptFormats = 'PLAIN' | 'HTML'; - -export type HeadingLevels = 'h1' | 'h2' | 'h3' | 'h4' | 'h5' | 'h6'; - -export interface MarkdownHeading { - value: string | null; - depth: number | null; -} - -export interface wordCount { - paragraphs: number | null; - sentences: number | null; - words: number | null; -} - -export interface internal_10 { - contentDigest: string | null; - type: string | null; - mediaType: string | null; - description: string | null; - owner: string | null; -} - -export type fileDistinctEnum = - | 'id' - | 'children' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___mediaType' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime'; - -export type fileGroupEnum = - | 'id' - | 'children' - | 'internal___contentDigest' - | 'internal___type' - | 'internal___mediaType' - | 'internal___description' - | 'internal___owner' - | 'sourceInstanceName' - | 'absolutePath' - | 'relativePath' - | 'extension' - | 'size' - | 'prettySize' - | 'modifiedTime' - | 'accessTime' - | 'changeTime' - | 'birthTime' - | 'root' - | 'dir' - | 'base' - | 'ext' - | 'name' - | 'relativeDirectory' - | 'dev' - | 'mode' - | 'nlink' - | 'uid' - | 'gid' - | 'rdev' - | 'blksize' - | 'ino' - | 'blocks' - | 'atimeMs' - | 'mtimeMs' - | 'ctimeMs' - | 'birthtimeMs' - | 'atime' - | 'mtime' - | 'ctime' - | 'birthtime'; - -export interface fileGroupConnectionConnection { - pageInfo: PageInfo; - edges: Array<fileGroupConnectionEdge> | null; - field: string | null; - fieldValue: string | null; - totalCount: number | null; -} - -export interface fileGroupConnectionEdge { - node: File | null; - next: File | null; - previous: File | null; -} - -export interface markdownRemarkConnectionSort { - fields: Array<MarkdownRemarkConnectionSortByFieldsEnum>; - order: markdownRemarkConnectionSortOrderValues | null; -} - -export type MarkdownRemarkConnectionSortByFieldsEnum = - | 'id' - | 'parent' - | 'internal___content' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___owner' - | 'internal___fieldOwners___slug' - | 'frontmatter___title' - | 'frontmatter___nav' - | 'frontmatter___url' - | 'rawMarkdownBody' - | 'fileAbsolutePath' - | 'fields___slug' - | 'html' - | 'excerpt' - | 'headings' - | 'timeToRead' - | 'tableOfContents' - | 'wordCount___paragraphs' - | 'wordCount___sentences' - | 'wordCount___words'; - -export type markdownRemarkConnectionSortOrderValues = 'ASC' | 'DESC'; - -export interface filterMarkdownRemark { - id: markdownRemarkConnectionIdQueryString_2 | null; - internal: markdownRemarkConnectionInternalInputObject_2 | null; - frontmatter: markdownRemarkConnectionFrontmatterInputObject_2 | null; - rawMarkdownBody: markdownRemarkConnectionRawMarkdownBodyQueryString_2 | null; - fileAbsolutePath: markdownRemarkConnectionFileAbsolutePathQueryString_2 | null; - fields: markdownRemarkConnectionFieldsInputObject_2 | null; - html: htmlQueryString_4 | null; - excerpt: excerptQueryString_4 | null; - headings: headingsQueryList_4 | null; - timeToRead: timeToReadQueryInt_4 | null; - tableOfContents: tableOfContentsQueryString_4 | null; - wordCount: wordCountTypeName_4 | null; -} - -export interface markdownRemarkConnectionIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionInternalInputObject_2 { - content: markdownRemarkConnectionInternalContentQueryString_2 | null; - type: markdownRemarkConnectionInternalTypeQueryString_2 | null; - contentDigest: markdownRemarkConnectionInternalContentDigestQueryString_2 | null; - owner: markdownRemarkConnectionInternalOwnerQueryString_2 | null; - fieldOwners: markdownRemarkConnectionInternalFieldOwnersInputObject_2 | null; -} - -export interface markdownRemarkConnectionInternalContentQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionInternalFieldOwnersInputObject_2 { - slug: markdownRemarkConnectionInternalFieldOwnersSlugQueryString_2 | null; -} - -export interface markdownRemarkConnectionInternalFieldOwnersSlugQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionFrontmatterInputObject_2 { - title: markdownRemarkConnectionFrontmatterTitleQueryString_2 | null; - nav: markdownRemarkConnectionFrontmatterNavQueryString_2 | null; - url: markdownRemarkConnectionFrontmatterUrlQueryString_2 | null; -} - -export interface markdownRemarkConnectionFrontmatterTitleQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionFrontmatterNavQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionFrontmatterUrlQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionRawMarkdownBodyQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionFileAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkConnectionFieldsInputObject_2 { - slug: markdownRemarkConnectionFieldsSlugQueryString_2 | null; -} - -export interface markdownRemarkConnectionFieldsSlugQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface htmlQueryString_4 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface excerptQueryString_4 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface headingsQueryList_4 { - elemMatch: headingsListElemTypeName_4 | null; -} - -export interface headingsListElemTypeName_4 { - value: headingsListElemValueQueryString_4 | null; - depth: headingsListElemDepthQueryInt_4 | null; -} - -export interface headingsListElemValueQueryString_4 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface headingsListElemDepthQueryInt_4 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface timeToReadQueryInt_4 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface tableOfContentsQueryString_4 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface wordCountTypeName_4 { - paragraphs: wordCountParagraphsQueryInt_4 | null; - sentences: wordCountSentencesQueryInt_4 | null; - words: wordCountWordsQueryInt_4 | null; -} - -export interface wordCountParagraphsQueryInt_4 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface wordCountSentencesQueryInt_4 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface wordCountWordsQueryInt_4 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface MarkdownRemarkConnection { - pageInfo: PageInfo; - edges: Array<MarkdownRemarkEdge> | null; - totalCount: number | null; - distinct: Array<string> | null; - group: Array<markdownRemarkGroupConnectionConnection> | null; -} - -export interface DistinctMarkdownRemarkConnectionArgs { - field: markdownRemarkDistinctEnum | null; -} - -export interface GroupMarkdownRemarkConnectionArgs { - skip: number | null; - limit: number | null; - field: markdownRemarkGroupEnum | null; -} - -export interface MarkdownRemarkEdge { - node: MarkdownRemark | null; - next: MarkdownRemark | null; - previous: MarkdownRemark | null; -} - -export type markdownRemarkDistinctEnum = - | 'id' - | 'parent' - | 'internal___content' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___owner' - | 'internal___fieldOwners___slug' - | 'frontmatter___title' - | 'frontmatter___nav' - | 'frontmatter___url' - | 'rawMarkdownBody' - | 'fileAbsolutePath' - | 'fields___slug'; - -export type markdownRemarkGroupEnum = - | 'id' - | 'parent' - | 'internal___content' - | 'internal___type' - | 'internal___contentDigest' - | 'internal___owner' - | 'internal___fieldOwners___slug' - | 'frontmatter___title' - | 'frontmatter___nav' - | 'frontmatter___url' - | 'rawMarkdownBody' - | 'fileAbsolutePath' - | 'fields___slug'; - -export interface markdownRemarkGroupConnectionConnection { - pageInfo: PageInfo; - edges: Array<markdownRemarkGroupConnectionEdge> | null; - field: string | null; - fieldValue: string | null; - totalCount: number | null; -} - -export interface markdownRemarkGroupConnectionEdge { - node: MarkdownRemark | null; - next: MarkdownRemark | null; - previous: MarkdownRemark | null; -} - -export interface sitePageJsonNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageInternalComponentNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageComponentQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageComponentChunkNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageContextInputObject { - slug: sitePageContextSlugQueryString | null; -} - -export interface sitePageContextSlugQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorInputObject { - resolve: sitePagePluginCreatorResolveQueryString | null; - id: sitePagePluginCreatorIdQueryString | null; - name: sitePagePluginCreatorNameQueryString | null; - version: sitePagePluginCreatorVersionQueryString | null; - pluginOptions: sitePagePluginCreatorPluginOptionsInputObject | null; - nodeAPIs: sitePagePluginCreatorNodeApIsQueryList | null; - browserAPIs: sitePagePluginCreatorBrowserApIsQueryList | null; - ssrAPIs: sitePagePluginCreatorSsrApIsQueryList | null; - pluginFilepath: sitePagePluginCreatorPluginFilepathQueryString | null; - packageJson: sitePagePluginCreatorPackageJsonInputObject | null; - internal: sitePagePluginCreatorInternalInputObject | null; -} - -export interface sitePagePluginCreatorResolveQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorIdQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsInputObject { - plugins: sitePagePluginCreatorPluginOptionsPluginsQueryList | null; - name: sitePagePluginCreatorPluginOptionsNameQueryString | null; - path: sitePagePluginCreatorPluginOptionsPathQueryString | null; - pathToConfigModule: sitePagePluginCreatorPluginOptionsPathToConfigModuleQueryString | null; - blocks: sitePagePluginCreatorPluginOptionsBlocksInputObject | null; - pathCheck: sitePagePluginCreatorPluginOptionsPathCheckQueryBoolean | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsQueryList { - elemMatch: sitePagePluginCreatorPluginOptionsPluginsInputObject | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsInputObject { - resolve: sitePagePluginCreatorPluginOptionsPluginsResolveQueryString | null; - id: sitePagePluginCreatorPluginOptionsPluginsIdQueryString | null; - name: sitePagePluginCreatorPluginOptionsPluginsNameQueryString | null; - version: sitePagePluginCreatorPluginOptionsPluginsVersionQueryString | null; - pluginOptions: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsInputObject | null; - pluginFilepath: sitePagePluginCreatorPluginOptionsPluginsPluginFilepathQueryString | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsResolveQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsIdQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsInputObject { - blocks: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksInputObject | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksInputObject { - danger: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksDangerQueryString | null; - warning: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksWarningQueryString | null; - info: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksInfoQueryString | null; - success: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString | null; - collapse: sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksDangerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksWarningQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksInfoQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPluginsPluginFilepathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPathToConfigModuleQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksInputObject { - danger: sitePagePluginCreatorPluginOptionsBlocksDangerQueryString | null; - warning: sitePagePluginCreatorPluginOptionsBlocksWarningQueryString | null; - info: sitePagePluginCreatorPluginOptionsBlocksInfoQueryString | null; - success: sitePagePluginCreatorPluginOptionsBlocksSuccessQueryString | null; - collapse: sitePagePluginCreatorPluginOptionsBlocksCollapseQueryString | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksDangerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksWarningQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksInfoQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksSuccessQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsBlocksCollapseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginOptionsPathCheckQueryBoolean { - eq: boolean | null; - ne: boolean | null; - in: Array<boolean> | null; - nin: Array<boolean> | null; -} - -export interface sitePagePluginCreatorNodeApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorBrowserApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorSsrApIsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPluginFilepathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonInputObject { - name: sitePagePluginCreatorPackageJsonNameQueryString | null; - description: sitePagePluginCreatorPackageJsonDescriptionQueryString | null; - version: sitePagePluginCreatorPackageJsonVersionQueryString | null; - main: sitePagePluginCreatorPackageJsonMainQueryString | null; - author: sitePagePluginCreatorPackageJsonAuthorQueryString | null; - license: sitePagePluginCreatorPackageJsonLicenseQueryString | null; - dependencies: sitePagePluginCreatorPackageJsonDependenciesQueryList | null; - devDependencies: sitePagePluginCreatorPackageJsonDevDependenciesQueryList | null; - peerDependencies: sitePagePluginCreatorPackageJsonPeerDependenciesQueryList | null; - keywords: sitePagePluginCreatorPackageJsonKeywordsQueryList | null; -} - -export interface sitePagePluginCreatorPackageJsonNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonDescriptionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonMainQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonAuthorQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonLicenseQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonDependenciesQueryList { - elemMatch: sitePagePluginCreatorPackageJsonDependenciesInputObject | null; -} - -export interface sitePagePluginCreatorPackageJsonDependenciesInputObject { - name: sitePagePluginCreatorPackageJsonDependenciesNameQueryString | null; - version: sitePagePluginCreatorPackageJsonDependenciesVersionQueryString | null; -} - -export interface sitePagePluginCreatorPackageJsonDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonDevDependenciesQueryList { - elemMatch: sitePagePluginCreatorPackageJsonDevDependenciesInputObject | null; -} - -export interface sitePagePluginCreatorPackageJsonDevDependenciesInputObject { - name: sitePagePluginCreatorPackageJsonDevDependenciesNameQueryString | null; - version: sitePagePluginCreatorPackageJsonDevDependenciesVersionQueryString | null; -} - -export interface sitePagePluginCreatorPackageJsonDevDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonDevDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonPeerDependenciesQueryList { - elemMatch: sitePagePluginCreatorPackageJsonPeerDependenciesInputObject | null; -} - -export interface sitePagePluginCreatorPackageJsonPeerDependenciesInputObject { - name: sitePagePluginCreatorPackageJsonPeerDependenciesNameQueryString | null; - version: sitePagePluginCreatorPackageJsonPeerDependenciesVersionQueryString | null; -} - -export interface sitePagePluginCreatorPackageJsonPeerDependenciesNameQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonPeerDependenciesVersionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorPackageJsonKeywordsQueryList { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorInternalInputObject { - contentDigest: sitePagePluginCreatorInternalContentDigestQueryString | null; - type: sitePagePluginCreatorInternalTypeQueryString | null; - owner: sitePagePluginCreatorInternalOwnerQueryString | null; -} - -export interface sitePagePluginCreatorInternalContentDigestQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorInternalTypeQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorInternalOwnerQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePagePluginCreatorIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageComponentPathQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageInternalInputObject_2 { - type: sitePageInternalTypeQueryString_2 | null; - contentDigest: sitePageInternalContentDigestQueryString_2 | null; - description: sitePageInternalDescriptionQueryString | null; - owner: sitePageInternalOwnerQueryString_2 | null; -} - -export interface sitePageInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageInternalDescriptionQueryString { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePageInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginResolveQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsInputObject_2 { - plugins: sitePluginPluginOptionsPluginsQueryList_2 | null; - name: sitePluginPluginOptionsNameQueryString_2 | null; - path: sitePluginPluginOptionsPathQueryString_2 | null; - pathToConfigModule: sitePluginPluginOptionsPathToConfigModuleQueryString_2 | null; - blocks: sitePluginPluginOptionsBlocksInputObject_2 | null; - pathCheck: sitePluginPluginOptionsPathCheckQueryBoolean_2 | null; -} - -export interface sitePluginPluginOptionsPluginsQueryList_2 { - elemMatch: sitePluginPluginOptionsPluginsInputObject_2 | null; -} - -export interface sitePluginPluginOptionsPluginsInputObject_2 { - resolve: sitePluginPluginOptionsPluginsResolveQueryString_2 | null; - id: sitePluginPluginOptionsPluginsIdQueryString_2 | null; - name: sitePluginPluginOptionsPluginsNameQueryString_2 | null; - version: sitePluginPluginOptionsPluginsVersionQueryString_2 | null; - pluginOptions: sitePluginPluginOptionsPluginsPluginOptionsInputObject_2 | null; - pluginFilepath: sitePluginPluginOptionsPluginsPluginFilepathQueryString_2 | null; -} - -export interface sitePluginPluginOptionsPluginsResolveQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsInputObject_2 { - blocks: sitePluginPluginOptionsPluginsPluginOptionsBlocksInputObject_2 | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksInputObject_2 { - danger: sitePluginPluginOptionsPluginsPluginOptionsBlocksDangerQueryString_2 | null; - warning: sitePluginPluginOptionsPluginsPluginOptionsBlocksWarningQueryString_2 | null; - info: sitePluginPluginOptionsPluginsPluginOptionsBlocksInfoQueryString_2 | null; - success: sitePluginPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString_2 | null; - collapse: sitePluginPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString_2 | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksDangerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksWarningQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksInfoQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksSuccessQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginOptionsBlocksCollapseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPluginsPluginFilepathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPathToConfigModuleQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsBlocksInputObject_2 { - danger: sitePluginPluginOptionsBlocksDangerQueryString_2 | null; - warning: sitePluginPluginOptionsBlocksWarningQueryString_2 | null; - info: sitePluginPluginOptionsBlocksInfoQueryString_2 | null; - success: sitePluginPluginOptionsBlocksSuccessQueryString_2 | null; - collapse: sitePluginPluginOptionsBlocksCollapseQueryString_2 | null; -} - -export interface sitePluginPluginOptionsBlocksDangerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsBlocksWarningQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsBlocksInfoQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsBlocksSuccessQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsBlocksCollapseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginOptionsPathCheckQueryBoolean_2 { - eq: boolean | null; - ne: boolean | null; - in: Array<boolean> | null; - nin: Array<boolean> | null; -} - -export interface sitePluginNodeApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginBrowserApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginSsrApIsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPluginFilepathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonInputObject_2 { - name: sitePluginPackageJsonNameQueryString_2 | null; - description: sitePluginPackageJsonDescriptionQueryString_2 | null; - version: sitePluginPackageJsonVersionQueryString_2 | null; - main: sitePluginPackageJsonMainQueryString_2 | null; - author: sitePluginPackageJsonAuthorQueryString_2 | null; - license: sitePluginPackageJsonLicenseQueryString_2 | null; - dependencies: sitePluginPackageJsonDependenciesQueryList_2 | null; - devDependencies: sitePluginPackageJsonDevDependenciesQueryList_2 | null; - peerDependencies: sitePluginPackageJsonPeerDependenciesQueryList_2 | null; - keywords: sitePluginPackageJsonKeywordsQueryList_2 | null; -} - -export interface sitePluginPackageJsonNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonMainQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonAuthorQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonLicenseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonDependenciesQueryList_2 { - elemMatch: sitePluginPackageJsonDependenciesInputObject_2 | null; -} - -export interface sitePluginPackageJsonDependenciesInputObject_2 { - name: sitePluginPackageJsonDependenciesNameQueryString_2 | null; - version: sitePluginPackageJsonDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginPackageJsonDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonDevDependenciesQueryList_2 { - elemMatch: sitePluginPackageJsonDevDependenciesInputObject_2 | null; -} - -export interface sitePluginPackageJsonDevDependenciesInputObject_2 { - name: sitePluginPackageJsonDevDependenciesNameQueryString_2 | null; - version: sitePluginPackageJsonDevDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginPackageJsonDevDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonDevDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonPeerDependenciesQueryList_2 { - elemMatch: sitePluginPackageJsonPeerDependenciesInputObject_2 | null; -} - -export interface sitePluginPackageJsonPeerDependenciesInputObject_2 { - name: sitePluginPackageJsonPeerDependenciesNameQueryString_2 | null; - version: sitePluginPackageJsonPeerDependenciesVersionQueryString_2 | null; -} - -export interface sitePluginPackageJsonPeerDependenciesNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonPeerDependenciesVersionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginPackageJsonKeywordsQueryList_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginInternalInputObject_2 { - contentDigest: sitePluginInternalContentDigestQueryString_2 | null; - type: sitePluginInternalTypeQueryString_2 | null; - owner: sitePluginInternalOwnerQueryString_2 | null; -} - -export interface sitePluginInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePluginInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteSiteMetadataInputObject_2 { - title: siteSiteMetadataTitleQueryString_2 | null; -} - -export interface siteSiteMetadataTitleQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePortQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteHostQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePathPrefixQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface sitePolyfillQueryBoolean_2 { - eq: boolean | null; - ne: boolean | null; - in: Array<boolean> | null; - nin: Array<boolean> | null; -} - -export interface siteBuildTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteInternalInputObject_2 { - contentDigest: siteInternalContentDigestQueryString_2 | null; - type: siteInternalTypeQueryString_2 | null; - owner: siteInternalOwnerQueryString_2 | null; -} - -export interface siteInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface siteInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface Site extends Node { - id: string; - parent: Node | null; - children: Array<Node> | null; - siteMetadata: siteMetadata_2 | null; - port: Date | null; - host: string | null; - pathPrefix: string | null; - polyfill: boolean | null; - buildTime: Date | null; - internal: internal_12 | null; -} - -export interface PortSiteArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface BuildTimeSiteArgs { - formatString: string | null; - fromNow: boolean | null; - difference: string | null; - locale: string | null; -} - -export interface siteMetadata_2 { - title: string | null; -} - -export interface internal_12 { - contentDigest: string | null; - type: string | null; - owner: string | null; -} - -export interface directoryIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryInternalInputObject_2 { - contentDigest: directoryInternalContentDigestQueryString_2 | null; - type: directoryInternalTypeQueryString_2 | null; - description: directoryInternalDescriptionQueryString_2 | null; - owner: directoryInternalOwnerQueryString_2 | null; -} - -export interface directoryInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryInternalDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directorySourceInstanceNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryRelativePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryExtensionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directorySizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryPrettySizeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryModifiedTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryAccessTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryChangeTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryBirthTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryRootQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryDirQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryBaseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryExtQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryRelativeDirectoryQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryDevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryModeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryNlinkQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryUidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryGidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryRdevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryBlksizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryInoQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryBlocksQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryAtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryMtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryCtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryBirthtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface directoryAtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryMtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryCtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface directoryBirthtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileInternalInputObject_2 { - contentDigest: fileInternalContentDigestQueryString_2 | null; - type: fileInternalTypeQueryString_2 | null; - mediaType: fileInternalMediaTypeQueryString_2 | null; - description: fileInternalDescriptionQueryString_2 | null; - owner: fileInternalOwnerQueryString_2 | null; -} - -export interface fileInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileInternalMediaTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileInternalDescriptionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileSourceInstanceNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileRelativePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileExtensionQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileSizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface filePrettySizeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileModifiedTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileAccessTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileChangeTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileBirthTimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileRootQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileDirQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileBaseQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileExtQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileNameQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileRelativeDirectoryQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileDevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileModeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileNlinkQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileUidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileGidQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileRdevQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileBlksizeQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileInoQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileBlocksQueryInteger_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileAtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileMtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileCtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileBirthtimeMsQueryFloat_2 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface fileAtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileMtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileCtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface fileBirthtimeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface publicUrlQueryString_3 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkIdQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkInternalInputObject_2 { - content: markdownRemarkInternalContentQueryString_2 | null; - type: markdownRemarkInternalTypeQueryString_2 | null; - contentDigest: markdownRemarkInternalContentDigestQueryString_2 | null; - owner: markdownRemarkInternalOwnerQueryString_2 | null; - fieldOwners: markdownRemarkInternalFieldOwnersInputObject_2 | null; -} - -export interface markdownRemarkInternalContentQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkInternalTypeQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkInternalContentDigestQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkInternalOwnerQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkInternalFieldOwnersInputObject_2 { - slug: markdownRemarkInternalFieldOwnersSlugQueryString_2 | null; -} - -export interface markdownRemarkInternalFieldOwnersSlugQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkFrontmatterInputObject_2 { - title: markdownRemarkFrontmatterTitleQueryString_2 | null; - nav: markdownRemarkFrontmatterNavQueryString_2 | null; - url: markdownRemarkFrontmatterUrlQueryString_2 | null; -} - -export interface markdownRemarkFrontmatterTitleQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkFrontmatterNavQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkFrontmatterUrlQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkRawMarkdownBodyQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkFileAbsolutePathQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface markdownRemarkFieldsInputObject_2 { - slug: markdownRemarkFieldsSlugQueryString_2 | null; -} - -export interface markdownRemarkFieldsSlugQueryString_2 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface htmlQueryString_3 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface excerptQueryString_3 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface headingsQueryList_3 { - elemMatch: headingsListElemTypeName_3 | null; -} - -export interface headingsListElemTypeName_3 { - value: headingsListElemValueQueryString_3 | null; - depth: headingsListElemDepthQueryInt_3 | null; -} - -export interface headingsListElemValueQueryString_3 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface headingsListElemDepthQueryInt_3 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface timeToReadQueryInt_3 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface tableOfContentsQueryString_3 { - eq: string | null; - ne: string | null; - regex: string | null; - glob: string | null; - in: Array<string> | null; - nin: Array<string> | null; -} - -export interface wordCountTypeName_3 { - paragraphs: wordCountParagraphsQueryInt_3 | null; - sentences: wordCountSentencesQueryInt_3 | null; - words: wordCountWordsQueryInt_3 | null; -} - -export interface wordCountParagraphsQueryInt_3 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface wordCountSentencesQueryInt_3 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} - -export interface wordCountWordsQueryInt_3 { - eq: number | null; - ne: number | null; - gt: number | null; - gte: number | null; - lt: number | null; - lte: number | null; - in: Array<number> | null; - nin: Array<number> | null; -} diff --git a/server/sonar-docs/src/@types/hast-util-select.d.ts b/server/sonar-docs/src/@types/hast-util-select.d.ts deleted file mode 100644 index 41af2419a3f..00000000000 --- a/server/sonar-docs/src/@types/hast-util-select.d.ts +++ /dev/null @@ -1,26 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { HtmlAST, HtmlASTNode } from '../types/hast'; - -declare module 'hast-util-select' { - export function matches(selector: string, ode: HtmlASTNode): boolean; - export function selectAll(selector: string, tree: HtmlAST): HtmlASTNode[]; - export function select(selector: string, tree: HtmlAST): HtmlASTNode; -} diff --git a/server/sonar-docs/src/@types/lunr.d.ts b/server/sonar-docs/src/@types/lunr.d.ts deleted file mode 100644 index dd32e770928..00000000000 --- a/server/sonar-docs/src/@types/lunr.d.ts +++ /dev/null @@ -1,60 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -declare module 'lunr' { - export interface Lunr { - add(doc: any): void; - - field(field: string, options?: { boost?: number }): void; - - ref(field: string): void; - - use(fn: Function): void; - - metadataWhitelist?: string[]; - } - - export interface LunrBuilder { - pipeline: any; - metadataWhitelist: string[]; - } - - export interface LunrIndex { - search(query: string): LunrMatch[]; - } - - export interface LunrInit { - (this: Lunr): void; - } - - export interface LunrMatch { - ref: string; - score: number; - matchData: { metadata: any }; - } - - export interface LunrToken { - str: string; - metadata: any; - } - - function lunr(initializer: LunrInit): LunrIndex; - - export default lunr; -} diff --git a/server/sonar-docs/src/@types/types.d.ts b/server/sonar-docs/src/@types/types.d.ts deleted file mode 100644 index a3387e9c3e1..00000000000 --- a/server/sonar-docs/src/@types/types.d.ts +++ /dev/null @@ -1,51 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -export type Dict<T> = { [key: string]: T }; - -export interface DocVersion { - current: boolean; - lts?: boolean; - value: string; -} - -export type DocNavigationItem = string | DocsNavigationBlock | DocsNavigationExternalLink; - -export interface DocsNavigationBlock { - title: string; - children: DocNavigationItem[]; -} - -export interface DocsNavigationExternalLink { - title: string; - url: string; -} - -export interface SearchResult { - exactMatch?: boolean; - highlights: { [field: string]: [number, number][] }; - longestTerm: string; - page: { - id: string; - text: string; - title: string; - url: string; - }; - query: string; -} diff --git a/server/sonar-docs/src/__tests__/BrokenLinkSafetyNet.test.js b/server/sonar-docs/src/__tests__/BrokenLinkSafetyNet.test.js deleted file mode 100644 index 7b3f96553b5..00000000000 --- a/server/sonar-docs/src/__tests__/BrokenLinkSafetyNet.test.js +++ /dev/null @@ -1,202 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -const fs = require('fs'); -const path = require('path'); -const remark = require('remark'); -const glob = require('glob-promise'); -const visit = require('unist-util-visit'); - -const rootPath = path.resolve(path.join(__dirname, '/..')); -let files; -let parsedFiles; - -beforeAll(async () => { - files = await loadGlobFiles('/pages/**/*.md'); - parsedFiles = files.map(file => { - return { ...separateFrontMatter(file.content), path: file.path }; - }); -}); - -it('should have at least one instance of all possible frontmatter fields', () => { - const pageWithTitle = parsedFiles.find(file => file.frontmatter.title !== undefined); - const pageWithNav = parsedFiles.find(file => file.frontmatter.nav !== undefined); - const pageWithUrl = parsedFiles.find(file => file.frontmatter.url !== undefined); - expect(pageWithTitle).toBeDefined(); - expect(pageWithNav).toBeDefined(); - expect(pageWithUrl).toBeDefined(); -}); - -/* eslint-disable no-console */ -it('should have valid links in trees files', () => { - const trees = ['StaticNavigationTree.json']; - let hasErrors = false; - trees.forEach(file => { - const tree = JSON.parse(fs.readFileSync(path.join(rootPath, '..', 'static', file), 'utf8')); - const walk = leaf => { - if (typeof leaf === 'object') { - if (leaf.children) { - leaf.children.forEach(walk); - } - } else if (!urlExists(parsedFiles, leaf)) { - // Check markdown file path validity - console.log(`[${leaf}] is not a valid link, in ${file}`); - hasErrors = true; - } - }; - tree.forEach(walk); - }); - expect(hasErrors).toBe(false); -}); - -function collectErrors() { - let urlLists = []; - let hasErrors = false; - parsedFiles.forEach(file => { - if (!file.frontmatter.url) { - console.log(`[${file.path}] has no url metadata`); - hasErrors = true; - } else if (!checkUrlFormat(file.frontmatter.url, file.path)) { - hasErrors = true; - } else if (urlLists.includes(file.frontmatter.url)) { - console.log(`[${file.path}] has an url that is not unique ${file.frontmatter.url}`); - hasErrors = true; - } - - urlLists = [...urlLists, file.frontmatter.url]; - }); - return hasErrors; -} - -it('should have valid and uniq links in url metadata field', () => { - const hasErrors = collectErrors(); - expect(hasErrors).toBe(false); -}); - -it('should have valid links pointing to documentation inside pages', () => { - checkContentUrl(parsedFiles); -}); - -it('should have valid links inside tooltips', async () => { - const files = await loadGlobFiles('/tooltips/**/*.md'); - checkContentUrl(files); -}); - -function handleIncludes(content, rootPath) { - return content.replace(/@include (.+)/, (match, p) => { - const filePath = path.join(rootPath, '..', `${p}.md`); - return fs.readFileSync(filePath, 'utf8'); - }); -} - -function checkContentUrl(files) { - let hasErrors = false; - files.forEach(file => { - visit(remark().parse(file.content), node => { - if (node.type === 'image' && !node.url.startsWith('http')) { - // Check image path validity - if (!fs.existsSync(path.join(rootPath, node.url))) { - console.log('[', node.url, '] is not a valid image path, in', file.path + '.md'); - hasErrors = true; - } - } else if ( - node.type === 'link' && - !node.url.startsWith('http') && - !node.url.startsWith('/#') - ) { - // Check markdown file path validity, and ignore anchors - const url = node.url.split('#')[0]; - if (!urlExists(parsedFiles, url)) { - console.log('[', node.url, '] is not a valid link, in', file.path + '.md'); - hasErrors = true; - } - } - }); - }); - expect(hasErrors).toBe(false); -} - -function urlExists(files, url) { - return files.find(f => f.frontmatter.url === url) !== undefined; -} - -function checkUrlFormat(url, file) { - let noError = true; - - if (!url.startsWith('/')) { - console.log('[', file, '] should starts with a slash', url); - noError = false; - } - if (!url.endsWith('/')) { - console.log('[', file, '] should ends with a slash', url); - noError = false; - } - return noError; -} - -function loadGlobFiles(globPath) { - return glob(path.join(rootPath, globPath)) - .then(files => files.map(file => file.substr(rootPath.length + 1))) - .then(files => - files.map(file => ({ - path: file.slice(0, -3), - content: handleIncludes(fs.readFileSync(path.join(rootPath, file), 'utf8'), rootPath) - })) - ); -} - -function getFrontMatterPosition(lines) { - let firstLine; - let lastLine; - for (let i = 0; i < lines.length; i++) { - const line = lines[i]; - if (line.trim() === '---') { - if (firstLine === undefined) { - firstLine = i; - } else { - lastLine = i; - break; - } - } - } - return lastLine !== undefined ? { firstLine, lastLine } : undefined; -} - -function parseFrontMatter(lines) { - const data = {}; - for (let i = 0; i < lines.length; i++) { - const tokens = lines[i].split(':').map(x => x.trim()); - if (tokens.length === 2) { - data[tokens[0]] = tokens[1]; - } - } - return data; -} - -function separateFrontMatter(content) { - const lines = content.split('\n'); - const position = getFrontMatterPosition(lines); - if (position) { - const frontmatter = parseFrontMatter(lines.slice(position.firstLine + 1, position.lastLine)); - const content = lines.slice(position.lastLine + 1).join('\n'); - return { frontmatter, content }; - } else { - return { frontmatter: {}, content }; - } -} diff --git a/server/sonar-docs/src/components/CategoryBlockLink.tsx b/server/sonar-docs/src/components/CategoryBlockLink.tsx deleted file mode 100644 index c095412c7ff..00000000000 --- a/server/sonar-docs/src/components/CategoryBlockLink.tsx +++ /dev/null @@ -1,98 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import classNames from 'classnames'; -import * as React from 'react'; -import { MarkdownRemark } from '../@types/graphql-types'; -import ChevronDownIcon from './icons/ChevronDownIcon'; -import ChevronUpIcon from './icons/ChevronUpIcon'; -import PageLink from './PageLink'; - -interface Props { - children: (MarkdownRemark | JSX.Element)[]; - location: Location; - openByDefault: boolean; - title: string; -} - -interface State { - open: boolean; -} - -export default class CategoryLink extends React.PureComponent<Props, State> { - state: State; - - static defaultProps = { - openByDefault: false - }; - - constructor(props: Props) { - super(props); - - this.state = { - open: props.openByDefault - }; - } - - handleToggle = (event: React.MouseEvent<HTMLAnchorElement>) => { - event.preventDefault(); - event.stopPropagation(); - this.setState(prevState => ({ - open: !prevState.open - })); - }; - - isMarkdownRemark = (child: any): child is MarkdownRemark => { - return child.id !== undefined; - }; - - render() { - const { children, location, title } = this.props; - const { open } = this.state; - return ( - <div> - <a - className={classNames('page-indexes-link', { active: open })} - href="#" - onClick={this.handleToggle}> - {open ? <ChevronUpIcon /> : <ChevronDownIcon />} - {title} - </a> - {children && open && ( - <div className="sub-menu"> - {children.map((child, i) => { - if (this.isMarkdownRemark(child)) { - return ( - <PageLink - className="sub-menu-link" - key={child.id} - location={location} - node={child} - /> - ); - } else { - return <React.Fragment key={`child-${i}`}>{child}</React.Fragment>; - } - })} - </div> - )} - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/ExternalLink.tsx b/server/sonar-docs/src/components/ExternalLink.tsx deleted file mode 100644 index c749f5c4d67..00000000000 --- a/server/sonar-docs/src/components/ExternalLink.tsx +++ /dev/null @@ -1,35 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import DetachIcon from './icons/DetachIcon'; - -interface Props { - external: string; - title: string; -} - -export default function ExternalLink({ external, title }: Props) { - return ( - <a className="page-indexes-link" href={external} rel="noopener noreferrer" target="_blank"> - <DetachIcon /> - {title} - </a> - ); -} diff --git a/server/sonar-docs/src/components/Footer.tsx b/server/sonar-docs/src/components/Footer.tsx deleted file mode 100644 index a5d5247abb8..00000000000 --- a/server/sonar-docs/src/components/Footer.tsx +++ /dev/null @@ -1,47 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; - -export default function Footer() { - return ( - <div className="page-footer"> - <a - href="https://creativecommons.org/licenses/by-nc/3.0/us/" - rel="noopener noreferrer" - target="_blank" - title="Creative Commons License"> - <img - alt="Creative Commons License" - src="https://licensebuttons.net/l/by-nc/3.0/us/88x31.png" - /> - </a> - © 2008-2022, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space - is licensed under a{' '} - <a - href="https://creativecommons.org/licenses/by-nc/3.0/us/" - rel="noopener noreferrer" - target="_blank"> - Creative Commons Attribution-NonCommercial 3.0 United States License. - </a>{' '} - SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the - property of their respective owners. - </div> - ); -} diff --git a/server/sonar-docs/src/components/HeaderList.tsx b/server/sonar-docs/src/components/HeaderList.tsx deleted file mode 100644 index f8f5e353a16..00000000000 --- a/server/sonar-docs/src/components/HeaderList.tsx +++ /dev/null @@ -1,46 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import PropTypes from 'prop-types'; -import * as React from 'react'; -import { MarkdownHeading } from '../@types/graphql-types'; - -interface Props { - headers: MarkdownHeading[]; -} - -export default class HeaderList extends React.PureComponent<Props> { - static contextTypes = { - headers: PropTypes.object.isRequired - }; - - componentDidMount() { - this.context.headers.setHeaders(this.props.headers); - } - - componentDidUpdate(prevProps: Props) { - if (prevProps.headers.length !== this.props.headers.length) { - this.context.headers.setHeaders(prevProps.headers); - } - } - - render() { - return null; - } -} diff --git a/server/sonar-docs/src/components/HeaderListProvider.tsx b/server/sonar-docs/src/components/HeaderListProvider.tsx deleted file mode 100644 index 0a22c4744ce..00000000000 --- a/server/sonar-docs/src/components/HeaderListProvider.tsx +++ /dev/null @@ -1,55 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import PropTypes from 'prop-types'; -import * as React from 'react'; -import { MarkdownHeading } from '../@types/graphql-types'; - -interface Props { - children: (props: { headers: MarkdownHeading[] }) => React.ReactNode; -} - -interface State { - headers: MarkdownHeading[]; -} - -export default class HeaderListProvider extends React.Component<Props, State> { - state = { headers: [] }; - - static childContextTypes = { - headers: PropTypes.object - }; - - getChildContext() { - return { - headers: { - setHeaders: this.setHeaders - } - }; - } - - setHeaders = (headers: MarkdownHeading[]) => { - this.setState({ headers }); - }; - - render() { - const { headers } = this.state; - return this.props.children({ headers }); - } -} diff --git a/server/sonar-docs/src/components/HeadingAnchor.tsx b/server/sonar-docs/src/components/HeadingAnchor.tsx deleted file mode 100644 index 129c4786f32..00000000000 --- a/server/sonar-docs/src/components/HeadingAnchor.tsx +++ /dev/null @@ -1,47 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import classNames from 'classnames'; -import * as React from 'react'; - -interface Props { - active: boolean; - children: React.ReactNode; - clickHandler: (index: number) => void; - index: number; -} - -export default class HeadingAnchor extends React.PureComponent<Props> { - handleClick = (event: React.MouseEvent<HTMLAnchorElement>) => { - event.stopPropagation(); - event.preventDefault(); - this.props.clickHandler(this.props.index); - }; - - render() { - const { active, children, index } = this.props; - return ( - <li> - <a className={classNames({ active })} href={'#header-' + index} onClick={this.handleClick}> - {children} - </a> - </li> - ); - } -} diff --git a/server/sonar-docs/src/components/HeadingsLink.tsx b/server/sonar-docs/src/components/HeadingsLink.tsx deleted file mode 100644 index b105a02446d..00000000000 --- a/server/sonar-docs/src/components/HeadingsLink.tsx +++ /dev/null @@ -1,136 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import { MarkdownHeading } from '../@types/graphql-types'; -import HeadingAnchor from './HeadingAnchor'; - -const HEADER_SCROLL_MARGIN = 100; - -interface Props { - headers: MarkdownHeading[]; -} - -interface State { - activeIndex: number; - headers: MarkdownHeading[]; -} - -export default class HeadingsLink extends React.PureComponent<Props, State> { - skipScrollingHandler = false; - - constructor(props: Props) { - super(props); - this.state = { - activeIndex: -1, - headers: props.headers.filter( - h => h.depth === 2 && h.value && h.value.toLowerCase() !== 'table of contents' - ) - }; - } - - componentDidMount() { - document.addEventListener('scroll', this.scrollHandler, true); - } - - componentWillReceiveProps(nextProps: Props) { - this.setState({ - activeIndex: -1, - headers: nextProps.headers.filter( - h => h.depth === 2 && h.value && h.value.toLowerCase() !== 'table of contents' - ) - }); - } - - componentWillUnmount() { - document.removeEventListener('scroll', this.scrollHandler, true); - } - - scrollHandler = () => { - if (this.skipScrollingHandler) { - this.skipScrollingHandler = false; - return; - } - - const scrollTop = window.pageYOffset || document.body.scrollTop; - this.highlightHeading(scrollTop); - }; - - highlightHeading = (scrollTop: number) => { - let headingIndex = 0; - for (let i = 0; i < this.state.headers.length; i++) { - const headerItem = document.querySelector<HTMLElement>(`#header-${i + 1}`); - if (headerItem && headerItem.offsetTop > scrollTop + HEADER_SCROLL_MARGIN) { - break; - } - headingIndex = i; - } - this.setState({ activeIndex: headingIndex }); - this.markH2(headingIndex + 1, false); - }; - - markH2 = (index: number, scrollTo: boolean) => { - const previousNode = document.querySelector('.targetted-heading'); - if (previousNode) { - previousNode.classList.remove('targetted-heading'); - } - - const node = document.querySelector<HTMLElement>('#header-' + index); - if (node) { - node.classList.add('targetted-heading'); - if (scrollTo) { - this.skipScrollingHandler = true; - window.scrollTo(0, node.offsetTop - HEADER_SCROLL_MARGIN); - this.highlightHeading(node.offsetTop - HEADER_SCROLL_MARGIN); - } - } - }; - - clickHandler = (index: number) => { - this.markH2(index, true); - }; - - render() { - const { headers } = this.state; - if (headers.length < 2) { - return null; - } - - return ( - <div className="headings-container"> - <div className="headings-container-fixed"> - <span>On this page</span> - <ul> - {headers.map((header, index) => { - return ( - <HeadingAnchor - active={this.state.activeIndex === index} - clickHandler={this.clickHandler} - index={index + 1} - key={index}> - {header.value} - </HeadingAnchor> - ); - })} - </ul> - </div> - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/MetaData.css b/server/sonar-docs/src/components/MetaData.css deleted file mode 100644 index a9fccf0f95d..00000000000 --- a/server/sonar-docs/src/components/MetaData.css +++ /dev/null @@ -1,101 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -.update-center-meta-data { - margin: 16px 0; - padding: 16px 16px 8px 16px; - background: #f9f9fb; - border: 1px solid #e6e6e6; - border-radius: 3px; -} - -.update-center-meta-data a svg { - margin-right: 8px; -} - -.update-center-meta-data-header { - border-bottom: 1px solid #cfd3d7; - padding-bottom: 16px; -} - -.update-center-meta-data-header, -.update-center-meta-data-version-release-info, -.update-center-meta-data-version-links { - display: flex; -} - -.update-center-meta-data-header > * + *, -.update-center-meta-data-version-release-info > * + * { - margin-left: 16px; -} - -.update-center-meta-data-header > * + * { - padding-left: 16px; - border-left: 1px solid #cfd3d7; -} - -.update-center-meta-data-versions { - margin-top: 16px; -} - -.update-center-meta-data-versions-show-more { - font-size: 14px; - float: right; - color: #51575a; - border-color: #7b8184; - border-width: 0 0 1px 0; - padding-left: 0; - padding-right: 0; - background: transparent; - cursor: pointer; -} - -.update-center-meta-data-versions-show-more:hover { - color: #2d3032; - border-color: #2d3032; -} - -.update-center-meta-data-version { - margin-bottom: 16px; -} - -.update-center-meta-data-version + .update-center-meta-data-version { - padding-top: 8px; - border-top: 1px dashed #cfd3d7; -} - -.update-center-meta-data-version-version { - font-weight: bold; - font-size: 18px; -} - -.update-center-meta-data-version-release-info { - margin-top: 8px; - font-style: italic; -} - -.update-center-meta-data-version-release-description { - margin-top: 8px; -} - -.update-center-meta-data-version-download > a, -.update-center-meta-data-version-release-notes > a { - display: inline-block; - margin: 8px 16px 0 0; -} diff --git a/server/sonar-docs/src/components/MetaData.tsx b/server/sonar-docs/src/components/MetaData.tsx deleted file mode 100644 index bdb42ae198b..00000000000 --- a/server/sonar-docs/src/components/MetaData.tsx +++ /dev/null @@ -1,124 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import './MetaData.css'; -import MetaDataVersions from './MetaDataVersions'; -import { MetaDataInformation } from './update-center-metadata'; - -interface Props { - updateCenterKey?: string; -} - -interface State { - data?: MetaDataInformation; -} - -export default class MetaData extends React.Component<Props, State> { - mounted = false; - state: State = {}; - - componentDidMount() { - this.mounted = true; - this.fetchData(); - } - - componentDidUpdate(prevProps: Props) { - if (prevProps.updateCenterKey !== this.props.updateCenterKey) { - this.fetchData(); - } - } - - componentWillUnmount() { - this.mounted = false; - } - - isSuccessStatus = (status: number) => { - return status >= 200 && status < 300; - }; - - fetchData() { - const { updateCenterKey } = this.props; - - if (updateCenterKey) { - window - .fetch(`https://update.sonarsource.org/${updateCenterKey}.json`) - .then((response: Response) => { - if (this.isSuccessStatus(response.status)) { - return response.json(); - } - return Promise.reject(response); - }) - .then(data => { - if (this.mounted) { - this.setState({ data }); - } - }) - .catch(() => { - if (this.mounted) { - this.setState({ data: undefined }); - } - }); - } else { - this.setState({ data: undefined }); - } - } - - render() { - const { data } = this.state; - - if (!data) { - return null; - } - - const { isSonarSourceCommercial, issueTrackerURL, license, organization, versions } = data; - - let vendor; - if (organization) { - vendor = organization.name; - if (organization.url) { - vendor = ( - <a href={organization.url} rel="noopener noreferrer" target="_blank"> - {vendor} - </a> - ); - } - } - - return ( - <div className="update-center-meta-data"> - <div className="update-center-meta-data-header"> - {vendor && <span className="update-center-meta-data-vendor">By {vendor}</span>} - {license && <span className="update-center-meta-data-license">{license}</span>} - {issueTrackerURL && ( - <span className="update-center-meta-data-issue-tracker"> - <a href={issueTrackerURL} rel="noopener noreferrer" target="_blank"> - Issue Tracker - </a> - </span> - )} - {isSonarSourceCommercial && ( - <span className="update-center-meta-data-supported">Supported by SonarSource</span> - )} - </div> - {versions && versions.length > 0 && <MetaDataVersions versions={versions} />} - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/MetaDataVersion.tsx b/server/sonar-docs/src/components/MetaDataVersion.tsx deleted file mode 100644 index 4163e319f66..00000000000 --- a/server/sonar-docs/src/components/MetaDataVersion.tsx +++ /dev/null @@ -1,98 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import classNames from 'classnames'; -import * as React from 'react'; -import { AdvancedDownloadUrl, MetaDataVersionInformation } from './update-center-metadata'; - -export interface MetaDataVersionProps { - versionInformation: MetaDataVersionInformation; -} - -export default function MetaDataVersion(props: MetaDataVersionProps) { - const { - versionInformation: { - archived, - changeLogUrl, - compatibility, - date, - description, - downloadURL, - version - } - } = props; - - const fallbackLabel = 'Download'; - - const advancedDownloadUrls = isAdvancedDownloadUrlArray(downloadURL) - ? downloadURL.map(url => ({ ...url, label: url.label || fallbackLabel })) - : [{ label: fallbackLabel, url: downloadURL }]; - - return ( - <div - className={classNames('update-center-meta-data-version', { - 'update-center-meta-data-version-archived': archived - })}> - <div className="update-center-meta-data-version-version">{version}</div> - - <div className="update-center-meta-data-version-release-info"> - {date && <time className="update-center-meta-data-version-release-date">{date}</time>} - - {compatibility && ( - <span className="update-center-meta-data-version-compatibility">{compatibility}</span> - )} - </div> - - {description && ( - <div className="update-center-meta-data-version-release-description">{description}</div> - )} - - {(advancedDownloadUrls.length > 0 || changeLogUrl) && ( - <div className="update-center-meta-data-version-release-links"> - {advancedDownloadUrls.length > 0 && - advancedDownloadUrls.map( - (advancedDownloadUrl, i) => - advancedDownloadUrl.url && ( - // eslint-disable-next-line react/no-array-index-key - <span className="update-center-meta-data-version-download" key={i}> - <a href={advancedDownloadUrl.url} rel="noopener noreferrer" target="_blank"> - {advancedDownloadUrl.label} - </a> - </span> - ) - )} - - {changeLogUrl && ( - <span className="update-center-meta-data-version-release-notes"> - <a href={changeLogUrl} rel="noopener noreferrer" target="_blank"> - Release notes - </a> - </span> - )} - </div> - )} - </div> - ); -} - -function isAdvancedDownloadUrlArray( - downloadUrl: string | AdvancedDownloadUrl[] | undefined -): downloadUrl is AdvancedDownloadUrl[] { - return !!downloadUrl && typeof downloadUrl !== 'string'; -} diff --git a/server/sonar-docs/src/components/MetaDataVersions.tsx b/server/sonar-docs/src/components/MetaDataVersions.tsx deleted file mode 100644 index dc0c442bb52..00000000000 --- a/server/sonar-docs/src/components/MetaDataVersions.tsx +++ /dev/null @@ -1,84 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import MetaDataVersion from './MetaDataVersion'; -import { MetaDataVersionInformation } from './update-center-metadata'; - -interface Props { - versions: MetaDataVersionInformation[]; -} - -interface State { - collapsed: boolean; -} - -export default class MetaDataVersions extends React.Component<Props, State> { - state: State = { - collapsed: true - }; - - componentDidUpdate(prevProps: Props) { - if (prevProps.versions !== this.props.versions) { - this.setState({ collapsed: true }); - } - } - - handleClick = (event: React.SyntheticEvent<HTMLButtonElement>) => { - event.preventDefault(); - event.currentTarget.blur(); - this.setState(({ collapsed }) => ({ collapsed: !collapsed })); - }; - - render() { - const { versions } = this.props; - const { collapsed } = this.state; - - const archivedVersions = versions.filter(version => version.archived); - const currentVersions = versions.filter(version => !version.archived); - - return ( - <div className="update-center-meta-data-versions"> - {archivedVersions.length > 0 && ( - <button - className="update-center-meta-data-versions-show-more" - onClick={this.handleClick} - type="button"> - {collapsed ? 'Show more versions' : 'Show fewer versions'} - </button> - )} - - {currentVersions.map(versionInformation => ( - <MetaDataVersion - key={versionInformation.version} - versionInformation={versionInformation} - /> - ))} - - {!collapsed && - archivedVersions.map(archivedVersionInformation => ( - <MetaDataVersion - key={archivedVersionInformation.version} - versionInformation={archivedVersionInformation} - /> - ))} - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/OutsideClickHandler.tsx b/server/sonar-docs/src/components/OutsideClickHandler.tsx deleted file mode 100644 index 3799ac3c855..00000000000 --- a/server/sonar-docs/src/components/OutsideClickHandler.tsx +++ /dev/null @@ -1,60 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import { findDOMNode } from 'react-dom'; - -interface Props { - children: React.ReactNode; - onClickOutside: () => void; -} - -export default class OutsideClickHandler extends React.Component<Props> { - element?: Element | null; - - componentDidMount() { - setTimeout(() => { - this.addClickHandler(); - }, 0); - } - - componentWillUnmount() { - this.removeClickHandler(); - } - - addClickHandler = () => { - window.addEventListener('click', this.handleWindowClick); - }; - - removeClickHandler = () => { - window.removeEventListener('click', this.handleWindowClick); - }; - - handleWindowClick = (event: MouseEvent) => { - // eslint-disable-next-line react/no-find-dom-node - const node = findDOMNode(this); - if (!node || !node.contains(event.target as Node)) { - this.props.onClickOutside(); - } - }; - - render() { - return this.props.children; - } -} diff --git a/server/sonar-docs/src/components/PageLink.tsx b/server/sonar-docs/src/components/PageLink.tsx deleted file mode 100644 index 61e547368b8..00000000000 --- a/server/sonar-docs/src/components/PageLink.tsx +++ /dev/null @@ -1,52 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import classNames from 'classnames'; -import { Link } from 'gatsby'; -import * as React from 'react'; -import { MarkdownRemark } from '../@types/graphql-types'; -import { getMarkdownRemarkTitle, getMarkdownRemarkUrl } from './utils'; - -interface Props { - className?: string; - location: Location; - node?: MarkdownRemark; -} - -const PREFIX = process.env.GATSBY_DOCS_VERSION ? '/' + process.env.GATSBY_DOCS_VERSION : ''; - -export default function PageLink({ className, location, node }: Props) { - const title = getMarkdownRemarkTitle(node); - const url = getMarkdownRemarkUrl(node); - - if (!url || !title) { - return null; - } - - return ( - <div> - <Link - className={classNames(className, { active: location.pathname === PREFIX + url })} - to={url} - title={title}> - {title} - </Link> - </div> - ); -} diff --git a/server/sonar-docs/src/components/Search.tsx b/server/sonar-docs/src/components/Search.tsx deleted file mode 100644 index 7665578edcd..00000000000 --- a/server/sonar-docs/src/components/Search.tsx +++ /dev/null @@ -1,214 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { sortBy } from 'lodash'; -import lunr, { LunrBuilder, LunrIndex, LunrMatch, LunrToken } from 'lunr'; -import * as React from 'react'; -import { MarkdownRemark } from '../@types/graphql-types'; -import { DocNavigationItem, SearchResult } from '../@types/types'; -import ClearIcon from './icons/ClearIcon'; -import { getUrlsList } from './navTreeUtils'; -import { getMarkdownRemarkTitle, getMarkdownRemarkUrl, isDefined } from './utils'; - -interface Props { - navigation: DocNavigationItem[]; - onResultsChange: (results: SearchResult[], query: string) => void; - pages: MarkdownRemark[]; -} - -interface State { - value: string; -} - -export default class Search extends React.PureComponent<Props, State> { - index?: LunrIndex; - input?: HTMLInputElement | null; - - constructor(props: Props) { - super(props); - this.state = { value: '' }; - this.index = lunr(function() { - this.use(tokenContextPlugin); - this.ref('id'); - this.field('title', { boost: 10 }); - this.field('text'); - - this.metadataWhitelist = ['position', 'tokenContext']; - - props.pages - .filter(page => getUrlsList(props.navigation).includes(getMarkdownRemarkUrl(page) || '')) - .forEach(page => { - if (page.html) { - this.add({ - id: page.id, - text: page.html.replace(/<(?:.|\n)*?>/gm, '').replace(/<(?:.|\n)*?>/gm, ''), - title: getMarkdownRemarkTitle(page) - }); - } - }); - }); - } - - getFormattedResults = (query: string, results: LunrMatch[]) => { - const formattedResults: SearchResult[] = results - .map(match => { - const page = this.props.pages.find(page => page.id === match.ref); - if (!page) { - return undefined; - } - - const searchResultPage: SearchResult['page'] = { - id: page.id, - text: (page.html || '').replace(/<(?:.|\n)*?>/gm, '').replace(/<(?:.|\n)*?>/gm, ''), - title: getMarkdownRemarkTitle(page) || '', - url: getMarkdownRemarkUrl(page) || '' - }; - - const highlights: { [field: string]: [number, number][] } = {}; - let longestTerm = ''; - let exactMatch = false; - - // Loop over all matching terms/tokens. - Object.keys(match.matchData.metadata).forEach(term => { - // Remember the longest term that matches the query as close as possible. - if (query.includes(term.toLowerCase()) && longestTerm.length < term.length) { - longestTerm = term; - } - - Object.keys(match.matchData.metadata[term]).forEach(fieldName => { - const { position: positions, tokenContext: tokenContexts } = match.matchData.metadata[ - term - ][fieldName]; - - highlights[fieldName] = [...(highlights[fieldName] || []), ...positions]; - - // Check if we have an *exact match*. - if (!exactMatch && tokenContexts) { - tokenContexts.forEach((tokenContext: string) => { - if (!exactMatch && tokenContext.includes(query)) { - exactMatch = true; - } - }); - } - }); - }); - - return { - page: searchResultPage, - exactMatch, - highlights, - query, - longestTerm - }; - }) - .filter(isDefined); - - // Re-order results by the length of the longest matched term and by exact - // match (if applicable). The longer the matched term is, the higher the - // chance the result is more relevant. - return sortBy( - // Sort by longest term. - sortBy(formattedResults, result => -result.longestTerm.length), - // Sort by exact match. - result => result.exactMatch && -1 - ); - }; - - handleClear = () => { - this.setState({ value: '' }); - this.props.onResultsChange([], ''); - if (this.input) { - this.input.focus(); - } - }; - - handleChange = (event: React.ChangeEvent<HTMLInputElement>) => { - const { value } = event.currentTarget; - this.setState({ value }); - if (value !== '' && this.index) { - const results = this.getFormattedResults( - value, - this.index.search( - value - .replace(/[\^\-+:~*]/g, '') - .split(/\s+/) - .map(s => `${s}~1 ${s}*`) - .join(' ') - ) - ); - this.props.onResultsChange(results, value); - } else { - this.props.onResultsChange([], value); - } - }; - - render() { - return ( - <div className="search-container"> - <input - aria-label="Search" - className="search-input" - onChange={this.handleChange} - placeholder="Search..." - ref={node => (this.input = node)} - type="search" - value={this.state.value} - /> - {this.state.value && ( - <button onClick={this.handleClear} type="button"> - <ClearIcon size={8} /> - </button> - )} - </div> - ); - } -} - -// Lunr doesn't support exact multiple-term matching. Meaning "foo bar" will not -// boost a sentence like "Foo bar baz" more than "Baz bar foo". In order to -// provide more accurate results, we store the token context, to see if we can -// perform an "exact match". Unfortunately, we cannot extend the search logic, -// only the tokenizer at *index time*. This is why we store the context as -// meta-data, and post-process the matches before rendering (see above). For -// performance reasons, we only add 2 extra tokens, one in front, one after. -// This means we support "exact macthing" for up to 3 terms. More search terms -// would fallback to the regular matching algorithm, which is OK: the more terms -// searched for, the better the standard algorithm will perform anyway. In the -// end, the best would be for Lunr to support multi-term matching, as extending -// the search algorithm for this would be way too complicated. -function tokenContextPlugin(builder: LunrBuilder) { - const label = 'tokenContext'; - const pipelineFunction = (token: LunrToken, index: number, tokens: LunrToken[]) => { - const prevToken = tokens[index - 1] || ''; - const nextToken = tokens[index + 1] || ''; - token.metadata[label] = [prevToken.toString(), token.toString(), nextToken.toString()] - .filter(s => s.length) - .join(' ') - .toLowerCase(); - return token; - }; - - if (label in (lunr as any).Pipeline.registeredFunctions) { - return; - } - - (lunr as any).Pipeline.registerFunction(pipelineFunction, label); - builder.pipeline.before((lunr as any).stemmer, pipelineFunction); - builder.metadataWhitelist.push(label); -} diff --git a/server/sonar-docs/src/components/SearchEntryResult.tsx b/server/sonar-docs/src/components/SearchEntryResult.tsx deleted file mode 100644 index 70d4f6eee9a..00000000000 --- a/server/sonar-docs/src/components/SearchEntryResult.tsx +++ /dev/null @@ -1,114 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { Link } from 'gatsby'; -import * as React from 'react'; -import { SearchResult } from '../@types/types'; -import { cutWords, highlightMarks } from './utils'; - -interface ResultProps { - result: SearchResult; -} - -interface Props extends ResultProps { - active: boolean; -} - -export default function SearchResultEntry({ active, result }: Props) { - return ( - <Link className={active ? 'active search-result' : 'search-result'} to={result.page.url}> - <SearchResultTitle result={result} /> - <SearchResultText result={result} /> - </Link> - ); -} - -export function SearchResultTitle({ result }: ResultProps) { - let titleWithMarks; - - const titleHighlights = result.highlights.title; - if (titleHighlights && titleHighlights.length > 0) { - const { title } = result.page; - const tokens = highlightMarks( - title, - titleHighlights.map(h => ({ from: h[0], to: h[0] + h[1] })) - ); - titleWithMarks = <SearchResultTokens tokens={tokens} />; - } else { - titleWithMarks = result.page.title; - } - - return <div className="search-result">{titleWithMarks}</div>; -} - -export function SearchResultText({ result }: ResultProps) { - const textHighlights = result.highlights.text; - const { text } = result.page; - let tokens: { text: string; marked: boolean }[] = []; - - if (result.exactMatch) { - const pageText = result.page.text.toLowerCase(); - const highlights = []; - let start = 0; - let index = pageText.indexOf(result.query, start); - let loopCount = 0; - - while (index > -1 && loopCount < 10) { - loopCount++; - highlights.push({ from: index, to: index + result.query.length }); - start = index + 1; - index = pageText.indexOf(result.query, start); - } - - if (highlights.length) { - tokens = highlightMarks(text, highlights); - } - } - - if (tokens.length === 0 && textHighlights && textHighlights.length > 0) { - tokens = highlightMarks( - text, - textHighlights.map(h => ({ from: h[0], to: h[0] + h[1] })) - ); - } - - if (tokens.length) { - return ( - <div className="note"> - <SearchResultTokens tokens={cutWords(tokens)} /> - </div> - ); - } else { - return null; - } -} - -export function SearchResultTokens({ - tokens -}: { - tokens: Array<{ text: string; marked: boolean }>; -}) { - return ( - <span> - {tokens.map((token, index) => ( - <span key={index}>{token.marked ? <mark key={index}>{token.text}</mark> : token.text}</span> - ))} - </span> - ); -} diff --git a/server/sonar-docs/src/components/Sidebar.tsx b/server/sonar-docs/src/components/Sidebar.tsx deleted file mode 100644 index 506bf32d6b0..00000000000 --- a/server/sonar-docs/src/components/Sidebar.tsx +++ /dev/null @@ -1,240 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { Link } from 'gatsby'; -import * as React from 'react'; -import { MarkdownRemark } from '../@types/graphql-types'; -import { DocNavigationItem, DocVersion, SearchResult } from '../@types/types'; -import CategoryBlockLink from './CategoryBlockLink'; -import ExternalLink from './ExternalLink'; -import DownloadIcon from './icons/DownloadIcon'; -import { - getNavTree, - getOpenChainFromPath, - isDocsNavigationBlock, - isDocsNavigationExternalLink, - testPathAgainstUrl -} from './navTreeUtils'; -import PageLink from './PageLink'; -import Search from './Search'; -import SearchEntryResult from './SearchEntryResult'; -import VersionSelect from './VersionSelect'; - -interface Props { - location: Location; - pages: MarkdownRemark[]; - version: string; -} - -interface State { - loaded: boolean; - navTree: DocNavigationItem[]; - openChain?: DocNavigationItem[]; - query: string; - results: SearchResult[]; - versions: DocVersion[]; -} - -export default class Sidebar extends React.PureComponent<Props, State> { - constructor(props: Props) { - super(props); - const navTree = getNavTree(); - this.state = { - loaded: false, - navTree, - openChain: getOpenChainFromPath(this.props.location.pathname, navTree), - query: '', - results: [], - versions: [] - }; - } - - componentDidMount() { - this.loadVersions(); - } - - componentDidUpdate(prevProps: Props) { - if (this.props.location.pathname !== prevProps.location.pathname) { - this.setState(({ navTree }) => ({ - openChain: getOpenChainFromPath(this.props.location.pathname, navTree) - })); - } - } - - loadVersions() { - const headers = new Headers([ - ['Cache-Control', 'no-cache'], - ['Pragma', 'no-cache'] - ]); - fetch('/DocsVersions.json', { headers }) - .then(response => response.json()) - .then(json => { - this.setState({ loaded: true, versions: json }); - }) - .catch(() => {}); - } - - getNodeFromUrl = (url: string) => { - return this.props.pages.find(p => { - if (p.fields && p.fields.slug && testPathAgainstUrl(p.fields.slug, url)) { - return true; - } - - if (p.frontmatter && p.frontmatter.url && testPathAgainstUrl(p.frontmatter.url, url)) { - return true; - } - - return false; - }); - }; - - handleSearch = (results: SearchResult[], query: string) => { - this.setState({ results, query }); - }; - - renderCategory = (leaf: DocNavigationItem) => { - if (isDocsNavigationBlock(leaf)) { - let children: (MarkdownRemark | JSX.Element)[] = []; - leaf.children.forEach(child => { - if (typeof child === 'string') { - const node = this.getNodeFromUrl(child); - if (node) { - children.push(node); - } - } else { - children = children.concat(this.renderCategory(child)); - } - }); - return ( - <CategoryBlockLink - key={leaf.title} - location={this.props.location} - openByDefault={this.state.openChain && this.state.openChain.includes(leaf)} - title={leaf.title}> - {children} - </CategoryBlockLink> - ); - } - - if (isDocsNavigationExternalLink(leaf)) { - return <ExternalLink external={leaf.url} key={leaf.title} title={leaf.title} />; - } - - return ( - <PageLink - className="page-indexes-link" - key={leaf} - location={this.props.location} - node={this.getNodeFromUrl(leaf)} - /> - ); - }; - - renderCategories = () => { - return <nav>{this.state.navTree.map(this.renderCategory)}</nav>; - }; - - renderResults = () => { - return ( - <div> - {this.state.results.map(result => ( - <SearchEntryResult - active={ - (this.props.location.pathname === result.page.url && result.page.url === '/') || - (result.page.url !== '/' && this.props.location.pathname.endsWith(result.page.url)) - } - key={result.page.id} - result={result} - /> - ))} - </div> - ); - }; - - render() { - const { versions } = this.state; - const { version } = this.props; - - const currentVersion = versions.find(v => v.current); - const ltsVersion = versions.find(v => v.lts); - - const selectedVersionValue = - currentVersion && version === 'latest' ? currentVersion.value : version; - const isOnCurrentVersion = !currentVersion || selectedVersionValue === currentVersion.value; - const isOnLTSVersion = ltsVersion && version === ltsVersion.value; - - return ( - <div className="page-sidebar"> - <div className="sidebar-header"> - <Link to="/"> - <img - alt="Continuous Code Quality" - className="sidebar-logo" - src={`/${version}/images/SonarQubeIcon.svg`} - title="Continuous Code Quality" - width="160" - /> - </Link> - <VersionSelect - isOnCurrentVersion={isOnCurrentVersion} - selectedVersionValue={selectedVersionValue} - versions={versions} - /> - {this.state.loaded && !isOnCurrentVersion && !isOnLTSVersion && ( - <div className="alert alert-warning"> - This is an archived version of the doc for <b>SonarQube version {version}</b>.{' '} - <a href="/">See Documentation</a> for current functionality. - </div> - )} - </div> - <div className="page-indexes"> - <Search - navigation={this.state.navTree} - onResultsChange={this.handleSearch} - pages={this.props.pages} - /> - {this.state.query !== '' ? this.renderResults() : this.renderCategories()} - </div> - <div className="sidebar-footer"> - <a href="https://www.sonarqube.org/" rel="noopener noreferrer" target="_blank"> - <DownloadIcon /> SonarQube - </a> - <a href="https://community.sonarsource.com/" rel="noopener noreferrer" target="_blank"> - <img alt="Community" src={`/${version}/images/community.svg`} /> Community - </a> - <a - className="icon-only" - href="https://twitter.com/SonarQube" - rel="noopener noreferrer" - target="_blank"> - <img alt="Twitter" src={`/${version}/images/twitter.svg`} /> - </a> - <a - className="icon-only" - href="https://www.sonarqube.org/whats-new/" - rel="noopener noreferrer" - target="_blank"> - <img alt="Product News" src={`/${version}/images/newspaper.svg`} /> - <span className="tooltip">Product News</span> - </a> - </div> - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/VersionSelect.tsx b/server/sonar-docs/src/components/VersionSelect.tsx deleted file mode 100644 index 5968a1a8f29..00000000000 --- a/server/sonar-docs/src/components/VersionSelect.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import { DocVersion } from '../@types/types'; -import ChevronDownIcon from './icons/ChevronDownIcon'; -import ChevronUpIcon from './icons/ChevronUpIcon'; -import OutsideClickHandler from './OutsideClickHandler'; - -interface Props { - isOnCurrentVersion: boolean; - selectedVersionValue: string; - versions: DocVersion[]; -} - -interface State { - open: boolean; -} - -export default class VersionSelect extends React.PureComponent<Props, State> { - state = { open: false }; - - handleClick = () => { - this.setState(state => ({ open: !state.open })); - }; - - handleClickOutside = () => { - this.setState({ open: false }); - }; - - render() { - const { isOnCurrentVersion, selectedVersionValue, versions } = this.props; - const hasVersions = versions.length > 1; - - return ( - <div className="version-select"> - <button onClick={this.handleClick} type="button"> - Docs <span className={isOnCurrentVersion ? 'current' : ''}>{selectedVersionValue}</span> - {hasVersions && !this.state.open && <ChevronDownIcon size={10} />} - {hasVersions && this.state.open && <ChevronUpIcon size={10} />} - </button> - {this.state.open && hasVersions && ( - <OutsideClickHandler onClickOutside={this.handleClickOutside}> - <ul> - {versions.map(version => { - return ( - <li key={version.value}> - <a href={version.current ? '/' : '/' + version.value}> - <span className={version.current || version.lts ? 'current' : ''}> - {version.value + (version.lts ? ' LTS' : '')} - </span> - </a> - </li> - ); - })} - </ul> - </OutsideClickHandler> - )} - </div> - ); - } -} diff --git a/server/sonar-docs/src/components/__tests__/CategoryBlockLink-test.tsx b/server/sonar-docs/src/components/__tests__/CategoryBlockLink-test.tsx deleted file mode 100644 index 82d1c01a275..00000000000 --- a/server/sonar-docs/src/components/__tests__/CategoryBlockLink-test.tsx +++ /dev/null @@ -1,43 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import { MarkdownRemark } from '../../@types/graphql-types'; -import CategoryBlockLink from '../CategoryBlockLink'; - -it('should render correctly', () => { - expect(shallowRender({})).toMatchSnapshot(); -}); - -it('should render correctly when closed', () => { - expect(shallowRender({ openByDefault: false })).toMatchSnapshot(); -}); - -function shallowRender(props: Partial<CategoryBlockLink['props']> = {}) { - return shallow( - <CategoryBlockLink - location={{} as Location} - openByDefault={true} - title="My category" - {...props}> - {[{ id: '1' }, { id: '2' }] as MarkdownRemark[]} - </CategoryBlockLink> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/ExternalLink-test.tsx b/server/sonar-docs/src/components/__tests__/ExternalLink-test.tsx deleted file mode 100644 index 4f98b696be9..00000000000 --- a/server/sonar-docs/src/components/__tests__/ExternalLink-test.tsx +++ /dev/null @@ -1,28 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import ExternalLink from '../ExternalLink'; - -it('should render correctly', () => { - expect( - shallow(<ExternalLink external="https://external.link" title="My link" />) - ).toMatchSnapshot(); -}); diff --git a/server/sonar-docs/src/components/__tests__/HeadingsLink-test.tsx b/server/sonar-docs/src/components/__tests__/HeadingsLink-test.tsx deleted file mode 100644 index db46b96d33a..00000000000 --- a/server/sonar-docs/src/components/__tests__/HeadingsLink-test.tsx +++ /dev/null @@ -1,39 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import HeadingsLink from '../HeadingsLink'; - -it('should render correctly', () => { - expect(shallowRender()).toMatchSnapshot(); -}); - -function shallowRender(props: Partial<HeadingsLink['props']> = {}) { - return shallow( - <HeadingsLink - headers={[ - { value: 'Table of Contents', depth: 2 }, - { value: 'Foo', depth: 2 }, - { value: 'Br', depth: 2 } - ]} - {...props} - /> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/MetaData-test.tsx b/server/sonar-docs/src/components/__tests__/MetaData-test.tsx deleted file mode 100644 index e238c799653..00000000000 --- a/server/sonar-docs/src/components/__tests__/MetaData-test.tsx +++ /dev/null @@ -1,85 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import { waitAndUpdate } from '../../utils/testUtils'; -import MetaData from '../MetaData'; -import { mockMetaDataInformation } from '../mocks/update-center-metadata'; -import { MetaDataInformation } from '../update-center-metadata'; - -beforeAll(() => { - window.fetch = jest.fn(); -}); - -beforeEach(() => { - jest.resetAllMocks(); -}); - -it('should render correctly', async () => { - const metaDataInfo = mockMetaDataInformation(); - mockFetchReturnValue(metaDataInfo); - - const wrapper = shallowRender(); - await waitAndUpdate(wrapper); - expect(wrapper).toMatchSnapshot(); -}); - -it('should render correctly with organization', async () => { - const metaDataInfo = mockMetaDataInformation({ - organization: { name: 'test-org', url: 'test-org-url' } - }); - mockFetchReturnValue(metaDataInfo); - - const wrapper = shallowRender(); - await waitAndUpdate(wrapper); - expect(wrapper).toMatchSnapshot(); -}); - -it('should not render anything if call for metadata fails', async () => { - const metaDataInfo = mockMetaDataInformation(); - mockFetchReturnValue(metaDataInfo, '404'); - - const wrapper = shallowRender(); - await waitAndUpdate(wrapper); - expect(wrapper.type()).toBeNull(); -}); - -it('should fetch metadata again if the update center key if modified', async () => { - const metaDataInfo = mockMetaDataInformation(); - mockFetchReturnValue(metaDataInfo); - - const wrapper = shallowRender(); - await waitAndUpdate(wrapper); - - expect(window.fetch).toHaveBeenCalledTimes(1); - - mockFetchReturnValue(metaDataInfo); - wrapper.setProps({ updateCenterKey: 'abap' }); - - expect(window.fetch).toHaveBeenCalledTimes(2); -}); - -function shallowRender(props?: Partial<MetaData['props']>) { - return shallow<MetaData>(<MetaData updateCenterKey="apex" {...props} />); -} - -function mockFetchReturnValue(metaDataInfo: MetaDataInformation, status = '200') { - (window.fetch as jest.Mock).mockResolvedValueOnce({ status, json: () => metaDataInfo }); -} diff --git a/server/sonar-docs/src/components/__tests__/MetaDataVersion-test.tsx b/server/sonar-docs/src/components/__tests__/MetaDataVersion-test.tsx deleted file mode 100644 index ecf8aba4d8b..00000000000 --- a/server/sonar-docs/src/components/__tests__/MetaDataVersion-test.tsx +++ /dev/null @@ -1,45 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import MetaDataVersion, { MetaDataVersionProps } from '../MetaDataVersion'; -import { mockMetaDataVersionInformation } from '../mocks/update-center-metadata'; - -it('should render correctly', () => { - expect(shallowRender()).toMatchSnapshot(); - expect( - shallowRender({ - versionInformation: mockMetaDataVersionInformation({ - downloadURL: [{ label: 'macos 64 bits', url: '' }] - }) - }) - ).toMatchSnapshot('with advanced downloadUrl'); - expect( - shallowRender({ - versionInformation: { version: '2.0' } - }) - ).toMatchSnapshot('with very few info'); -}); - -function shallowRender(props?: Partial<MetaDataVersionProps>) { - return shallow( - <MetaDataVersion versionInformation={mockMetaDataVersionInformation()} {...props} /> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/MetaDataVersions-test.tsx b/server/sonar-docs/src/components/__tests__/MetaDataVersions-test.tsx deleted file mode 100644 index 4c1f7fd84ef..00000000000 --- a/server/sonar-docs/src/components/__tests__/MetaDataVersions-test.tsx +++ /dev/null @@ -1,51 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import { click } from '../../utils/testUtils'; -import MetaDataVersion from '../MetaDataVersion'; -import MetaDataVersions from '../MetaDataVersions'; -import { mockMetaDataVersionInformation } from '../mocks/update-center-metadata'; - -it('should render correctly', () => { - const wrapper = shallowRender(); - expect(wrapper).toMatchSnapshot(); -}); - -it('should properly handle show more / show less', () => { - const wrapper = shallowRender(); - expect(wrapper.find(MetaDataVersion).length).toBe(1); - - click(wrapper.find('.update-center-meta-data-versions-show-more')); - expect(wrapper.find(MetaDataVersion).length).toBe(3); -}); - -function shallowRender(props?: Partial<MetaDataVersions['props']>) { - return shallow<MetaDataVersions>( - <MetaDataVersions - versions={[ - mockMetaDataVersionInformation({ version: '3.0' }), - mockMetaDataVersionInformation({ version: '2.0', archived: true }), - mockMetaDataVersionInformation({ version: '1.0', archived: true }) - ]} - {...props} - /> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/PageLink-test.tsx b/server/sonar-docs/src/components/__tests__/PageLink-test.tsx deleted file mode 100644 index 83ca95a8a32..00000000000 --- a/server/sonar-docs/src/components/__tests__/PageLink-test.tsx +++ /dev/null @@ -1,31 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import { MarkdownRemark } from '../../@types/graphql-types'; -import PageLink from '../PageLink'; - -const page = { frontmatter: { title: 'Foo', url: '/foo' } } as MarkdownRemark; - -it('should render correctly', () => { - expect( - shallow(<PageLink location={{ pathname: '/foo' } as Location} node={page} />) - ).toMatchSnapshot(); -}); diff --git a/server/sonar-docs/src/components/__tests__/Search-test.tsx b/server/sonar-docs/src/components/__tests__/Search-test.tsx deleted file mode 100644 index 989e494e14e..00000000000 --- a/server/sonar-docs/src/components/__tests__/Search-test.tsx +++ /dev/null @@ -1,126 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import lunr from 'lunr'; -import * as React from 'react'; -import { MarkdownRemark } from '../../@types/graphql-types'; -import Search from '../Search'; - -jest.mock('lunr', () => ({ - __esModule: true, - default: jest.fn(() => ({ - search: jest.fn(() => [ - { - ref: 'lorem/origin', - matchData: { - metadata: { - simply: { - title: { position: [[19, 5]] }, - text: { - position: [ - [15, 6], - [28, 4] - ], - tokenContext: ['is simply dummy', 'simply dummy text'] - } - } - } - } - }, - { - ref: 'foobar', - matchData: { - metadata: { - simply: { - title: { position: [[23, 4]] }, - text: { - position: [ - [111, 6], - [118, 4] - ], - tokenContext: ['keywords simply text'] - } - } - } - } - } - ]) - })) -})); - -function mockMarkdownRemark(override: Partial<MarkdownRemark>): MarkdownRemark { - return { - id: 'id', - parent: null, - children: null, - internal: null, - frontmatter: null, - rawMarkdownBody: null, - fileAbsolutePath: null, - fields: null, - html: null, - htmlAst: null, - excerpt: null, - headings: null, - timeToRead: null, - tableOfContents: null, - wordCount: null, - ...override - }; -} - -const pages = [ - mockMarkdownRemark({ - html: - 'Lorem Ipsum is simply dummy text of the printing and typesetting ' + - "industry. Lorem Ipsum has been the industry's standard dummy text ever " + - 'since the 1500s, when an unknown printer took a galley of type and ' + - 'scrambled it to make a type specimen book.' - }), - mockMarkdownRemark({ - html: - 'Contrary to popular belief, Lorem Ipsum is not simply random text. ' + - 'It has roots in a piece of classical Latin literature from 45 BC, making' + - ' it over 2000 years old. Richard McClintock, a Latin professor at Hampden-Sydney' + - ' College in Virginia, looked up one of the more obscure Latin words.' - }), - mockMarkdownRemark({ - html: - 'Foobar is a universal variable understood to represent whatever is ' + - 'being discussed. Now we need some keywords: simply text.' - }) -]; - -it('should search', () => { - const wrapper = shallow<Search>( - <Search - navigation={['lorem/index', 'lorem/origin', 'foobar']} - pages={pages} - onResultsChange={jest.fn()} - /> - ); - wrapper.instance().handleChange({ currentTarget: { value: 'simply text+:' } } as any); - expect(wrapper).toMatchSnapshot(); - expect(lunr).toHaveBeenCalled(); - expect(wrapper.instance().index).toBeDefined(); - expect((wrapper.instance().index as any).search).toHaveBeenCalledWith( - 'simply~1 simply* text~1 text*' - ); -}); diff --git a/server/sonar-docs/src/components/__tests__/Sidebar-test.tsx b/server/sonar-docs/src/components/__tests__/Sidebar-test.tsx deleted file mode 100644 index 2de12b57778..00000000000 --- a/server/sonar-docs/src/components/__tests__/Sidebar-test.tsx +++ /dev/null @@ -1,112 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import { FetchMock } from 'jest-fetch-mock'; -import * as React from 'react'; -import { setImmediate } from 'timers'; -import { MarkdownRemark } from '../../@types/graphql-types'; -import Sidebar from '../Sidebar'; - -jest.mock('../navTreeUtils', () => { - return { - ...jest.requireActual('../navTreeUtils'), - getNavTree: jest.fn().mockReturnValue([ - '/foo/', - { - title: 'Foo subs', - children: [ - '/foo/bar/', - '/foo/baz/', - { - title: 'Foo Baz subs', - children: [ - '/foo/baz/bar/', - '/foo/baz/foo/', - { - title: 'Foo Baz Foo subs', - children: ['/foo/baz/foo/bar/', '/foo/baz/foo/baz'] - } - ] - } - ] - }, - '/bar/', - { - title: 'Bar subs', - children: [{ title: 'External link 1', url: 'http://example.com/1' }, '/bar/foo/'] - }, - { title: 'External link 2', url: 'http://example.com/2' } - ]) - }; -}); - -beforeEach(() => { - (fetch as FetchMock).resetMocks(); - (fetch as FetchMock).mockResponse(`[ - { "value": "3.0", "current": true }, - { "value": "2.0", "current": false, "lts": true }, - { "value": "1.0", "current": false } - ]`); -}); - -it('should render correctly', async () => { - const wrapper = shallowRender(); - await new Promise(setImmediate); - - expect(wrapper).toMatchSnapshot('default'); - expect(wrapper.setProps({ version: '1.0' })).toMatchSnapshot('show warning'); - expect(wrapper.setProps({ version: '2.0' })).toMatchSnapshot('lts'); -}); - -function shallowRender(props: Partial<Sidebar['props']> = {}) { - return shallow<Sidebar>( - <Sidebar - location={{ pathname: '/2.0/foo/baz/foo/bar' } as Location} - pages={[ - { - fields: { - slug: '/foo/' - }, - frontmatter: { - title: 'Foo' - } - } as MarkdownRemark, - { - fields: { - slug: '/foo/baz/bar' - }, - frontmatter: { - title: 'Foo Baz Bar' - } - } as MarkdownRemark, - { - fields: { - slug: '/bar/' - }, - frontmatter: { - title: 'Bar' - } - } as MarkdownRemark - ]} - version="3.0" - {...props} - /> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/VersionSelect-test.tsx b/server/sonar-docs/src/components/__tests__/VersionSelect-test.tsx deleted file mode 100644 index 61a8a86bcc3..00000000000 --- a/server/sonar-docs/src/components/__tests__/VersionSelect-test.tsx +++ /dev/null @@ -1,62 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { shallow } from 'enzyme'; -import * as React from 'react'; -import { click } from '../../utils/testUtils'; -import OutsideClickHandler from '../OutsideClickHandler'; -import VersionSelect from '../VersionSelect'; - -it('should render correctly', () => { - expect(shallowRender()).toMatchSnapshot('default'); - - const wrapper = shallowRender(); - wrapper.setState({ open: true }); - expect(wrapper).toMatchSnapshot('open'); - - expect(shallowRender({ isOnCurrentVersion: true })).toMatchSnapshot('on current version'); -}); - -it('should handle open/closing the list', () => { - const wrapper = shallowRender(); - - click(wrapper.find('button')); - expect(wrapper.state().open).toBe(true); - click(wrapper.find('button')); - expect(wrapper.state().open).toBe(false); - - wrapper.setState({ open: true }); - wrapper.find(OutsideClickHandler).prop('onClickOutside')(); - expect(wrapper.state().open).toBe(false); -}); - -function shallowRender(props: Partial<VersionSelect['props']> = {}) { - return shallow<VersionSelect>( - <VersionSelect - isOnCurrentVersion={false} - selectedVersionValue="1.0" - versions={[ - { value: '3.0', current: true }, - { value: '2.0', current: false, lts: true }, - { value: '1.0', current: false } - ]} - {...props} - /> - ); -} diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/CategoryBlockLink-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/CategoryBlockLink-test.tsx.snap deleted file mode 100644 index 2c48ac2cf62..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/CategoryBlockLink-test.tsx.snap +++ /dev/null @@ -1,51 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div> - <a - className="page-indexes-link active" - href="#" - onClick={[Function]} - > - <ChevronUpIcon /> - My category - </a> - <div - className="sub-menu" - > - <PageLink - className="sub-menu-link" - key="1" - location={Object {}} - node={ - Object { - "id": "1", - } - } - /> - <PageLink - className="sub-menu-link" - key="2" - location={Object {}} - node={ - Object { - "id": "2", - } - } - /> - </div> -</div> -`; - -exports[`should render correctly when closed 1`] = ` -<div> - <a - className="page-indexes-link" - href="#" - onClick={[Function]} - > - <ChevronDownIcon /> - My category - </a> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/ExternalLink-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/ExternalLink-test.tsx.snap deleted file mode 100644 index 12cbc3d95c5..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/ExternalLink-test.tsx.snap +++ /dev/null @@ -1,13 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<a - className="page-indexes-link" - href="https://external.link" - rel="noopener noreferrer" - target="_blank" -> - <DetachIcon /> - My link -</a> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/HeadingsLink-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/HeadingsLink-test.tsx.snap deleted file mode 100644 index 3449ded4537..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/HeadingsLink-test.tsx.snap +++ /dev/null @@ -1,33 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div - className="headings-container" -> - <div - className="headings-container-fixed" - > - <span> - On this page - </span> - <ul> - <HeadingAnchor - active={false} - clickHandler={[Function]} - index={1} - key="0" - > - Foo - </HeadingAnchor> - <HeadingAnchor - active={false} - clickHandler={[Function]} - index={2} - key="1" - > - Br - </HeadingAnchor> - </ul> - </div> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaData-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/MetaData-test.tsx.snap deleted file mode 100644 index 89e8d74a6d1..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaData-test.tsx.snap +++ /dev/null @@ -1,133 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div - className="update-center-meta-data" -> - <div - className="update-center-meta-data-header" - > - <span - className="update-center-meta-data-vendor" - > - By - <a - href="http://www.sonarsource.com/" - rel="noopener noreferrer" - target="_blank" - > - SonarSource - </a> - </span> - <span - className="update-center-meta-data-license" - > - SonarSource - </span> - <span - className="update-center-meta-data-issue-tracker" - > - <a - href="https://jira.sonarsource.com/browse/SONARJAVA" - rel="noopener noreferrer" - target="_blank" - > - Issue Tracker - </a> - </span> - <span - className="update-center-meta-data-supported" - > - Supported by SonarSource - </span> - </div> - <MetaDataVersions - versions={ - Array [ - Object { - "archived": false, - "changeLogUrl": "https://example.com/sonar-java-plugin/release", - "compatibility": "6.7", - "date": "2019-05-31", - "downloadURL": "https://example.com/sonar-java-plugin-5.13.0.18197.jar", - "version": "2.0", - }, - Object { - "archived": true, - "changeLogUrl": "https://example.com/sonar-java-plugin/release", - "compatibility": "6.7", - "date": "2019-05-31", - "downloadURL": "https://example.com/sonar-java-plugin-5.13.0.18197.jar", - "version": "1.0", - }, - ] - } - /> -</div> -`; - -exports[`should render correctly with organization 1`] = ` -<div - className="update-center-meta-data" -> - <div - className="update-center-meta-data-header" - > - <span - className="update-center-meta-data-vendor" - > - By - <a - href="test-org-url" - rel="noopener noreferrer" - target="_blank" - > - test-org - </a> - </span> - <span - className="update-center-meta-data-license" - > - SonarSource - </span> - <span - className="update-center-meta-data-issue-tracker" - > - <a - href="https://jira.sonarsource.com/browse/SONARJAVA" - rel="noopener noreferrer" - target="_blank" - > - Issue Tracker - </a> - </span> - <span - className="update-center-meta-data-supported" - > - Supported by SonarSource - </span> - </div> - <MetaDataVersions - versions={ - Array [ - Object { - "archived": false, - "changeLogUrl": "https://example.com/sonar-java-plugin/release", - "compatibility": "6.7", - "date": "2019-05-31", - "downloadURL": "https://example.com/sonar-java-plugin-5.13.0.18197.jar", - "version": "2.0", - }, - Object { - "archived": true, - "changeLogUrl": "https://example.com/sonar-java-plugin/release", - "compatibility": "6.7", - "date": "2019-05-31", - "downloadURL": "https://example.com/sonar-java-plugin-5.13.0.18197.jar", - "version": "1.0", - }, - ] - } - /> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersion-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersion-test.tsx.snap deleted file mode 100644 index 7fd964fe2ab..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersion-test.tsx.snap +++ /dev/null @@ -1,113 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div - className="update-center-meta-data-version" -> - <div - className="update-center-meta-data-version-version" - > - 5.13 - </div> - <div - className="update-center-meta-data-version-release-info" - > - <time - className="update-center-meta-data-version-release-date" - > - 2019-05-31 - </time> - <span - className="update-center-meta-data-version-compatibility" - > - 6.7 - </span> - </div> - <div - className="update-center-meta-data-version-release-links" - > - <span - className="update-center-meta-data-version-download" - key="0" - > - <a - href="https://example.com/sonar-java-plugin-5.13.0.18197.jar" - rel="noopener noreferrer" - target="_blank" - > - Download - </a> - </span> - <span - className="update-center-meta-data-version-release-notes" - > - <a - href="https://example.com/sonar-java-plugin/release" - rel="noopener noreferrer" - target="_blank" - > - Release notes - </a> - </span> - </div> -</div> -`; - -exports[`should render correctly: with advanced downloadUrl 1`] = ` -<div - className="update-center-meta-data-version" -> - <div - className="update-center-meta-data-version-version" - > - 5.13 - </div> - <div - className="update-center-meta-data-version-release-info" - > - <time - className="update-center-meta-data-version-release-date" - > - 2019-05-31 - </time> - <span - className="update-center-meta-data-version-compatibility" - > - 6.7 - </span> - </div> - <div - className="update-center-meta-data-version-release-links" - > - <span - className="update-center-meta-data-version-release-notes" - > - <a - href="https://example.com/sonar-java-plugin/release" - rel="noopener noreferrer" - target="_blank" - > - Release notes - </a> - </span> - </div> -</div> -`; - -exports[`should render correctly: with very few info 1`] = ` -<div - className="update-center-meta-data-version" -> - <div - className="update-center-meta-data-version-version" - > - 2.0 - </div> - <div - className="update-center-meta-data-version-release-info" - /> - <div - className="update-center-meta-data-version-release-links" - /> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersions-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersions-test.tsx.snap deleted file mode 100644 index 109fe964473..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/MetaDataVersions-test.tsx.snap +++ /dev/null @@ -1,28 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div - className="update-center-meta-data-versions" -> - <button - className="update-center-meta-data-versions-show-more" - onClick={[Function]} - type="button" - > - Show more versions - </button> - <MetaDataVersion - key="3.0" - versionInformation={ - Object { - "archived": false, - "changeLogUrl": "https://example.com/sonar-java-plugin/release", - "compatibility": "6.7", - "date": "2019-05-31", - "downloadURL": "https://example.com/sonar-java-plugin-5.13.0.18197.jar", - "version": "3.0", - } - } - /> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/PageLink-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/PageLink-test.tsx.snap deleted file mode 100644 index 173cb10ba75..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/PageLink-test.tsx.snap +++ /dev/null @@ -1,13 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly 1`] = ` -<div> - <ForwardRef - className="active" - title="Foo" - to="/foo" - > - Foo - </ForwardRef> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/Search-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/Search-test.tsx.snap deleted file mode 100644 index 4a1bb57abf8..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/Search-test.tsx.snap +++ /dev/null @@ -1,24 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should search 1`] = ` -<div - className="search-container" -> - <input - aria-label="Search" - className="search-input" - onChange={[Function]} - placeholder="Search..." - type="search" - value="simply text+:" - /> - <button - onClick={[Function]} - type="button" - > - <ClearIcon - size={8} - /> - </button> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/Sidebar-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/Sidebar-test.tsx.snap deleted file mode 100644 index fb380af98c2..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/Sidebar-test.tsx.snap +++ /dev/null @@ -1,807 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly: default 1`] = ` -<div - className="page-sidebar" -> - <div - className="sidebar-header" - > - <ForwardRef - to="/" - > - <img - alt="Continuous Code Quality" - className="sidebar-logo" - src="/3.0/images/SonarQubeIcon.svg" - title="Continuous Code Quality" - width="160" - /> - </ForwardRef> - <VersionSelect - isOnCurrentVersion={true} - selectedVersionValue="3.0" - versions={ - Array [ - Object { - "current": true, - "value": "3.0", - }, - Object { - "current": false, - "lts": true, - "value": "2.0", - }, - Object { - "current": false, - "value": "1.0", - }, - ] - } - /> - </div> - <div - className="page-indexes" - > - <Search - navigation={ - Array [ - "/foo/", - Object { - "children": Array [ - "/foo/bar/", - "/foo/baz/", - Object { - "children": Array [ - "/foo/baz/bar/", - "/foo/baz/foo/", - Object { - "children": Array [ - "/foo/baz/foo/bar/", - "/foo/baz/foo/baz", - ], - "title": "Foo Baz Foo subs", - }, - ], - "title": "Foo Baz subs", - }, - ], - "title": "Foo subs", - }, - "/bar/", - Object { - "children": Array [ - Object { - "title": "External link 1", - "url": "http://example.com/1", - }, - "/bar/foo/", - ], - "title": "Bar subs", - }, - Object { - "title": "External link 2", - "url": "http://example.com/2", - }, - ] - } - onResultsChange={[Function]} - pages={ - Array [ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - }, - Object { - "fields": Object { - "slug": "/foo/baz/bar", - }, - "frontmatter": Object { - "title": "Foo Baz Bar", - }, - }, - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - }, - ] - } - /> - <nav> - <PageLink - className="page-indexes-link" - key="/foo/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - } - } - /> - <CategoryLink - key="Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo subs" - > - <CategoryLink - key="Foo Baz subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz subs" - > - <Component /> - <CategoryLink - key="Foo Baz Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz Foo subs" - /> - </CategoryLink> - </CategoryLink> - <PageLink - className="page-indexes-link" - key="/bar/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - } - } - /> - <CategoryLink - key="Bar subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={false} - title="Bar subs" - > - <ExternalLink - external="http://example.com/1" - key="External link 1" - title="External link 1" - /> - </CategoryLink> - <ExternalLink - external="http://example.com/2" - key="External link 2" - title="External link 2" - /> - </nav> - </div> - <div - className="sidebar-footer" - > - <a - href="https://www.sonarqube.org/" - rel="noopener noreferrer" - target="_blank" - > - <DownloadIcon /> - SonarQube - </a> - <a - href="https://community.sonarsource.com/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Community" - src="/3.0/images/community.svg" - /> - Community - </a> - <a - className="icon-only" - href="https://twitter.com/SonarQube" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Twitter" - src="/3.0/images/twitter.svg" - /> - </a> - <a - className="icon-only" - href="https://www.sonarqube.org/whats-new/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Product News" - src="/3.0/images/newspaper.svg" - /> - <span - className="tooltip" - > - Product News - </span> - </a> - </div> -</div> -`; - -exports[`should render correctly: lts 1`] = ` -<div - className="page-sidebar" -> - <div - className="sidebar-header" - > - <ForwardRef - to="/" - > - <img - alt="Continuous Code Quality" - className="sidebar-logo" - src="/2.0/images/SonarQubeIcon.svg" - title="Continuous Code Quality" - width="160" - /> - </ForwardRef> - <VersionSelect - isOnCurrentVersion={false} - selectedVersionValue="2.0" - versions={ - Array [ - Object { - "current": true, - "value": "3.0", - }, - Object { - "current": false, - "lts": true, - "value": "2.0", - }, - Object { - "current": false, - "value": "1.0", - }, - ] - } - /> - </div> - <div - className="page-indexes" - > - <Search - navigation={ - Array [ - "/foo/", - Object { - "children": Array [ - "/foo/bar/", - "/foo/baz/", - Object { - "children": Array [ - "/foo/baz/bar/", - "/foo/baz/foo/", - Object { - "children": Array [ - "/foo/baz/foo/bar/", - "/foo/baz/foo/baz", - ], - "title": "Foo Baz Foo subs", - }, - ], - "title": "Foo Baz subs", - }, - ], - "title": "Foo subs", - }, - "/bar/", - Object { - "children": Array [ - Object { - "title": "External link 1", - "url": "http://example.com/1", - }, - "/bar/foo/", - ], - "title": "Bar subs", - }, - Object { - "title": "External link 2", - "url": "http://example.com/2", - }, - ] - } - onResultsChange={[Function]} - pages={ - Array [ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - }, - Object { - "fields": Object { - "slug": "/foo/baz/bar", - }, - "frontmatter": Object { - "title": "Foo Baz Bar", - }, - }, - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - }, - ] - } - /> - <nav> - <PageLink - className="page-indexes-link" - key="/foo/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - } - } - /> - <CategoryLink - key="Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo subs" - > - <CategoryLink - key="Foo Baz subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz subs" - > - <Component /> - <CategoryLink - key="Foo Baz Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz Foo subs" - /> - </CategoryLink> - </CategoryLink> - <PageLink - className="page-indexes-link" - key="/bar/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - } - } - /> - <CategoryLink - key="Bar subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={false} - title="Bar subs" - > - <ExternalLink - external="http://example.com/1" - key="External link 1" - title="External link 1" - /> - </CategoryLink> - <ExternalLink - external="http://example.com/2" - key="External link 2" - title="External link 2" - /> - </nav> - </div> - <div - className="sidebar-footer" - > - <a - href="https://www.sonarqube.org/" - rel="noopener noreferrer" - target="_blank" - > - <DownloadIcon /> - SonarQube - </a> - <a - href="https://community.sonarsource.com/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Community" - src="/2.0/images/community.svg" - /> - Community - </a> - <a - className="icon-only" - href="https://twitter.com/SonarQube" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Twitter" - src="/2.0/images/twitter.svg" - /> - </a> - <a - className="icon-only" - href="https://www.sonarqube.org/whats-new/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Product News" - src="/2.0/images/newspaper.svg" - /> - <span - className="tooltip" - > - Product News - </span> - </a> - </div> -</div> -`; - -exports[`should render correctly: show warning 1`] = ` -<div - className="page-sidebar" -> - <div - className="sidebar-header" - > - <ForwardRef - to="/" - > - <img - alt="Continuous Code Quality" - className="sidebar-logo" - src="/1.0/images/SonarQubeIcon.svg" - title="Continuous Code Quality" - width="160" - /> - </ForwardRef> - <VersionSelect - isOnCurrentVersion={false} - selectedVersionValue="1.0" - versions={ - Array [ - Object { - "current": true, - "value": "3.0", - }, - Object { - "current": false, - "lts": true, - "value": "2.0", - }, - Object { - "current": false, - "value": "1.0", - }, - ] - } - /> - <div - className="alert alert-warning" - > - This is an archived version of the doc for - <b> - SonarQube version - 1.0 - </b> - . - - <a - href="/" - > - See Documentation - </a> - for current functionality. - </div> - </div> - <div - className="page-indexes" - > - <Search - navigation={ - Array [ - "/foo/", - Object { - "children": Array [ - "/foo/bar/", - "/foo/baz/", - Object { - "children": Array [ - "/foo/baz/bar/", - "/foo/baz/foo/", - Object { - "children": Array [ - "/foo/baz/foo/bar/", - "/foo/baz/foo/baz", - ], - "title": "Foo Baz Foo subs", - }, - ], - "title": "Foo Baz subs", - }, - ], - "title": "Foo subs", - }, - "/bar/", - Object { - "children": Array [ - Object { - "title": "External link 1", - "url": "http://example.com/1", - }, - "/bar/foo/", - ], - "title": "Bar subs", - }, - Object { - "title": "External link 2", - "url": "http://example.com/2", - }, - ] - } - onResultsChange={[Function]} - pages={ - Array [ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - }, - Object { - "fields": Object { - "slug": "/foo/baz/bar", - }, - "frontmatter": Object { - "title": "Foo Baz Bar", - }, - }, - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - }, - ] - } - /> - <nav> - <PageLink - className="page-indexes-link" - key="/foo/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/foo/", - }, - "frontmatter": Object { - "title": "Foo", - }, - } - } - /> - <CategoryLink - key="Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo subs" - > - <CategoryLink - key="Foo Baz subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz subs" - > - <Component /> - <CategoryLink - key="Foo Baz Foo subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={true} - title="Foo Baz Foo subs" - /> - </CategoryLink> - </CategoryLink> - <PageLink - className="page-indexes-link" - key="/bar/" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - node={ - Object { - "fields": Object { - "slug": "/bar/", - }, - "frontmatter": Object { - "title": "Bar", - }, - } - } - /> - <CategoryLink - key="Bar subs" - location={ - Object { - "pathname": "/2.0/foo/baz/foo/bar", - } - } - openByDefault={false} - title="Bar subs" - > - <ExternalLink - external="http://example.com/1" - key="External link 1" - title="External link 1" - /> - </CategoryLink> - <ExternalLink - external="http://example.com/2" - key="External link 2" - title="External link 2" - /> - </nav> - </div> - <div - className="sidebar-footer" - > - <a - href="https://www.sonarqube.org/" - rel="noopener noreferrer" - target="_blank" - > - <DownloadIcon /> - SonarQube - </a> - <a - href="https://community.sonarsource.com/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Community" - src="/1.0/images/community.svg" - /> - Community - </a> - <a - className="icon-only" - href="https://twitter.com/SonarQube" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Twitter" - src="/1.0/images/twitter.svg" - /> - </a> - <a - className="icon-only" - href="https://www.sonarqube.org/whats-new/" - rel="noopener noreferrer" - target="_blank" - > - <img - alt="Product News" - src="/1.0/images/newspaper.svg" - /> - <span - className="tooltip" - > - Product News - </span> - </a> - </div> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/__snapshots__/VersionSelect-test.tsx.snap b/server/sonar-docs/src/components/__tests__/__snapshots__/VersionSelect-test.tsx.snap deleted file mode 100644 index b91c29e7a44..00000000000 --- a/server/sonar-docs/src/components/__tests__/__snapshots__/VersionSelect-test.tsx.snap +++ /dev/null @@ -1,109 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`should render correctly: default 1`] = ` -<div - className="version-select" -> - <button - onClick={[Function]} - type="button" - > - Docs - <span - className="" - > - 1.0 - </span> - <ChevronDownIcon - size={10} - /> - </button> -</div> -`; - -exports[`should render correctly: on current version 1`] = ` -<div - className="version-select" -> - <button - onClick={[Function]} - type="button" - > - Docs - <span - className="current" - > - 1.0 - </span> - <ChevronDownIcon - size={10} - /> - </button> -</div> -`; - -exports[`should render correctly: open 1`] = ` -<div - className="version-select" -> - <button - onClick={[Function]} - type="button" - > - Docs - <span - className="" - > - 1.0 - </span> - <ChevronUpIcon - size={10} - /> - </button> - <OutsideClickHandler - onClickOutside={[Function]} - > - <ul> - <li - key="3.0" - > - <a - href="/" - > - <span - className="current" - > - 3.0 - </span> - </a> - </li> - <li - key="2.0" - > - <a - href="/2.0" - > - <span - className="current" - > - 2.0 LTS - </span> - </a> - </li> - <li - key="1.0" - > - <a - href="/1.0" - > - <span - className="" - > - 1.0 - </span> - </a> - </li> - </ul> - </OutsideClickHandler> -</div> -`; diff --git a/server/sonar-docs/src/components/__tests__/navTreeUtils-test.ts b/server/sonar-docs/src/components/__tests__/navTreeUtils-test.ts deleted file mode 100644 index 107b0baf998..00000000000 --- a/server/sonar-docs/src/components/__tests__/navTreeUtils-test.ts +++ /dev/null @@ -1,90 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { getOpenChainFromPath, getUrlsList, testPathAgainstUrl } from '../navTreeUtils'; - -const navTree = [ - 'path/value', - { - title: 'My paths', - children: [ - 'child/path/1', - { - title: 'Child paths', - children: [ - 'sub/child/path/1', - { - title: 'External link 2', - url: 'http://example.com/2' - }, - { - title: 'Last ones, promised', - children: ['sub/sub/child/path/1'] - }, - 'sub/child/path/3' - ] - }, - 'child/path/2' - ] - }, - { - title: 'External link', - url: 'http://example.com' - } -]; - -describe('getUrlsList', () => { - it('should return the correct values for a list of paths', () => { - expect(getUrlsList(navTree)).toEqual([ - 'path/value', - 'child/path/1', - 'sub/child/path/1', - 'http://example.com/2', - 'sub/sub/child/path/1', - 'sub/child/path/3', - 'child/path/2', - 'http://example.com' - ]); - }); -}); - -describe('getOpenChainFromPath', () => { - it('should correctly fetch the chain of open elements for a given path', () => { - expect(getOpenChainFromPath('path/value/', navTree)).toEqual([navTree[0]]); - expect(getOpenChainFromPath('latest/path/value/', navTree)).toEqual([navTree[0]]); - expect(getOpenChainFromPath('sub/child/path/3', navTree)).toEqual([ - navTree[1], - (navTree as any)[1].children[1], - (navTree as any)[1].children[1].children[3] - ]); - }); -}); - -describe('testPathAgainstUrl', () => { - it('should handle paths with trailing and/or leading slashes', () => { - expect(testPathAgainstUrl('path/foo/', 'path/bar')).toBe(false); - expect(testPathAgainstUrl('/path/foo/', '/path/bar/')).toBe(false); - expect(testPathAgainstUrl('path/foo/', 'path/foo')).toBe(true); - expect(testPathAgainstUrl('path/foo', 'path/foo/')).toBe(true); - expect(testPathAgainstUrl('/path/foo/', 'path/foo')).toBe(true); - expect(testPathAgainstUrl('path/foo', '/path/foo/')).toBe(true); - expect(testPathAgainstUrl('/path/foo', '/1.0/path/foo/')).toBe(true); - expect(testPathAgainstUrl('/path/foo', '/latest/path/foo/')).toBe(true); - }); -}); diff --git a/server/sonar-docs/src/components/icons/AlertWarnIcon.tsx b/server/sonar-docs/src/components/icons/AlertWarnIcon.tsx deleted file mode 100644 index cdfbb80edb9..00000000000 --- a/server/sonar-docs/src/components/icons/AlertWarnIcon.tsx +++ /dev/null @@ -1,32 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function AlertWarnIcon({ className, fill = '#ed7d20', size }: IconProps) { - return ( - <Icon className={className} size={size}> - <path - d="M8 1.143q1.866 0 3.442.92t2.496 2.496.92 3.442-.92 3.442-2.496 2.496-3.442.92-3.442-.92-2.496-2.496-.92-3.442.92-3.442 2.496-2.496T8 1.143zm1.143 11.134v-1.696q0-.125-.08-.21t-.196-.085H7.153q-.116 0-.205.089t-.089.205v1.696q0 .116.089.205t.205.089h1.714q.116 0 .196-.085t.08-.21zm-.018-3.072l.161-5.545q0-.107-.089-.161-.089-.071-.214-.071H7.019q-.125 0-.214.071-.089.054-.089.161l.152 5.545q0 .089.089.156t.214.067h1.652q.125 0 .21-.067t.094-.156z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/ChevronDownIcon.tsx b/server/sonar-docs/src/components/icons/ChevronDownIcon.tsx deleted file mode 100644 index bae5cba4c7e..00000000000 --- a/server/sonar-docs/src/components/icons/ChevronDownIcon.tsx +++ /dev/null @@ -1,32 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function ChevronDownIcon({ className, fill = 'currentColor', size }: IconProps) { - return ( - <Icon className={className} size={size}> - <path - d="M3.2,5.6c0-0.1,0-0.2,0.1-0.3c0.2-0.2,0.5-0.2,0.6,0l4.1,4.1l4.1-4.1c0.2-0.2,0.5-0.2,0.6,0 c0.2,0.2,0.2,0.5,0,0.6c0,0,0,0,0,0l0,0l-4.5,4.5c-0.2,0.2-0.5,0.2-0.6,0l0,0L3.3,5.9C3.2,5.9,3.2,5.7,3.2,5.6z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/ChevronUpIcon.tsx b/server/sonar-docs/src/components/icons/ChevronUpIcon.tsx deleted file mode 100644 index bee6154791a..00000000000 --- a/server/sonar-docs/src/components/icons/ChevronUpIcon.tsx +++ /dev/null @@ -1,32 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function ChevronUpIcon({ className, fill = 'currentColor', size }: IconProps) { - return ( - <Icon className={className} size={size}> - <path - d="M13,10c0,0.1,0,0.2-0.1,0.3c-0.2,0.2-0.5,0.2-0.6,0L8.1,6.2L4,10.3c-0.2,0.2-0.5,0.2-0.6,0 c-0.2-0.2-0.2-0.5,0-0.6c0,0,0,0,0,0l0,0l4.5-4.5c0.2-0.2,0.5-0.2,0.6,0l0,0l4.4,4.4C13,9.7,13,9.8,13,10z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/ClearIcon.tsx b/server/sonar-docs/src/components/icons/ClearIcon.tsx deleted file mode 100644 index 59ce8095f07..00000000000 --- a/server/sonar-docs/src/components/icons/ClearIcon.tsx +++ /dev/null @@ -1,32 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function ClearIcon({ className, fill = 'currentColor', size }: IconProps) { - return ( - <Icon className={className} size={size} viewBox="0 0 48 48"> - <path - d="M28.24 24L47.07 5.16A3 3 0 1 0 42.93.83l-.09.1L24 19.76 5.16.93A3 3 0 0 0 .93 5.16L19.76 24 .93 42.84a3 3 0 1 0 4.14 4.33l.09-.1L24 28.24l18.84 18.83a3 3 0 1 0 4.33-4.14l-.1-.09z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/DetachIcon.tsx b/server/sonar-docs/src/components/icons/DetachIcon.tsx deleted file mode 100644 index 2dccc09ea01..00000000000 --- a/server/sonar-docs/src/components/icons/DetachIcon.tsx +++ /dev/null @@ -1,32 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function DetachIcon({ className, fill = 'currentColor', size }: IconProps) { - return ( - <Icon className={className} size={size}> - <path - d="M12 9.25v2.5A2.25 2.25 0 0 1 9.75 14h-6.5A2.25 2.25 0 0 1 1 11.75v-6.5A2.25 2.25 0 0 1 3.25 3h5.5c.14 0 .25.11.25.25v.5c0 .14-.11.25-.25.25h-5.5C2.562 4 2 4.563 2 5.25v6.5c0 .688.563 1.25 1.25 1.25h6.5c.688 0 1.25-.563 1.25-1.25v-2.5c0-.14.11-.25.25-.25h.5c.14 0 .25.11.25.25zm3-6.75v4c0 .273-.227.5-.5.5a.497.497 0 0 1-.352-.148l-1.375-1.375L7.68 10.57a.27.27 0 0 1-.18.078.27.27 0 0 1-.18-.078l-.89-.89a.27.27 0 0 1-.078-.18.27.27 0 0 1 .078-.18l5.093-5.093-1.375-1.375A.497.497 0 0 1 10 2.5c0-.273.227-.5.5-.5h4c.273 0 .5.227.5.5z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/DownloadIcon.tsx b/server/sonar-docs/src/components/icons/DownloadIcon.tsx deleted file mode 100644 index 0daa700fffb..00000000000 --- a/server/sonar-docs/src/components/icons/DownloadIcon.tsx +++ /dev/null @@ -1,36 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; -import Icon, { IconProps } from './Icon'; - -export default function DownloadIcon({ className, fill = 'currentColor', size }: IconProps) { - return ( - <Icon className={className} size={size} viewBox="0 0 48 48"> - <path - d="M45.68 22.86a1.31 1.31 0 0 0-1.32 1.32v12a5.91 5.91 0 0 1-5.9 5.91H9.54a5.91 5.91 0 0 1-5.9-5.91V24A1.32 1.32 0 0 0 1 24v12.16a8.56 8.56 0 0 0 8.54 8.55h28.92A8.56 8.56 0 0 0 47 36.16v-12a1.32 1.32 0 0 0-1.32-1.3z" - style={{ fill }} - /> - <path - d="M23.07 34.24a1.36 1.36 0 0 0 .93.39 1.32 1.32 0 0 0 .93-.39l8.37-8.38A1.32 1.32 0 0 0 31.44 24l-6.12 6.13V3.39a1.32 1.32 0 0 0-2.64 0v26.74L16.55 24a1.32 1.32 0 0 0-1.86 1.86z" - style={{ fill }} - /> - </Icon> - ); -} diff --git a/server/sonar-docs/src/components/icons/Icon.tsx b/server/sonar-docs/src/components/icons/Icon.tsx deleted file mode 100644 index 4ebf7c84b9f..00000000000 --- a/server/sonar-docs/src/components/icons/Icon.tsx +++ /dev/null @@ -1,70 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import * as React from 'react'; - -export interface IconProps { - className?: string; - fill?: string; - size?: number; -} - -interface Props { - children: React.ReactNode; - className?: string; - size?: number; - style?: React.CSSProperties; - - // try to avoid using these: - width?: number; - height?: number; - viewBox?: string; -} - -export default function Icon({ - children, - className, - size = 16, - style, - height = size, - width = size, - viewBox = '0 0 16 16', - ...other -}: Props) { - return ( - <svg - className={className} - height={height} - style={{ - fillRule: 'evenodd', - clipRule: 'evenodd', - strokeLinejoin: 'round', - strokeMiterlimit: 1.41421, - ...style - }} - version="1.1" - viewBox={viewBox} - width={width} - xmlSpace="preserve" - xmlnsXlink="http://www.w3.org/1999/xlink" - {...other}> - {children} - </svg> - ); -} diff --git a/server/sonar-docs/src/components/mocks/update-center-metadata.ts b/server/sonar-docs/src/components/mocks/update-center-metadata.ts deleted file mode 100644 index b0561a49d66..00000000000 --- a/server/sonar-docs/src/components/mocks/update-center-metadata.ts +++ /dev/null @@ -1,57 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { MetaDataInformation, MetaDataVersionInformation } from '../update-center-metadata'; - -export function mockMetaDataVersionInformation( - overrides?: Partial<MetaDataVersionInformation> -): MetaDataVersionInformation { - return { - version: '5.13', - date: '2019-05-31', - compatibility: '6.7', - archived: false, - downloadURL: 'https://example.com/sonar-java-plugin-5.13.0.18197.jar', - changeLogUrl: 'https://example.com/sonar-java-plugin/release', - ...overrides - }; -} - -export function mockMetaDataInformation( - overrides?: Partial<MetaDataInformation> -): MetaDataInformation { - return { - name: 'SonarJava', - key: 'java', - isSonarSourceCommercial: true, - organization: { - name: 'SonarSource', - url: 'http://www.sonarsource.com/' - }, - category: 'Languages', - license: 'SonarSource', - issueTrackerURL: 'https://jira.sonarsource.com/browse/SONARJAVA', - sourcesURL: 'https://github.com/SonarSource/sonar-java', - versions: [ - mockMetaDataVersionInformation({ version: '2.0' }), - mockMetaDataVersionInformation({ version: '1.0', archived: true }) - ], - ...overrides - }; -} diff --git a/server/sonar-docs/src/components/navTreeUtils.ts b/server/sonar-docs/src/components/navTreeUtils.ts deleted file mode 100644 index 034e383d586..00000000000 --- a/server/sonar-docs/src/components/navTreeUtils.ts +++ /dev/null @@ -1,95 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { flatten } from 'lodash'; -import NavigationTree from '../../static/StaticNavigationTree.json'; -import { - DocNavigationItem, - DocsNavigationBlock, - DocsNavigationExternalLink -} from '../@types/types'; - -export function getNavTree() { - return NavigationTree as DocNavigationItem[]; -} - -export function getUrlsList(navTree: DocNavigationItem[]): string[] { - return flatten( - navTree.map(leaf => { - if (isDocsNavigationBlock(leaf)) { - return getUrlsList(leaf.children); - } - if (isDocsNavigationExternalLink(leaf)) { - return [leaf.url]; - } - return [leaf]; - }) - ); -} - -export function getOpenChainFromPath(pathname: string, navTree: DocNavigationItem[]) { - let chain: DocNavigationItem[] = []; - - let found = false; - const walk = (leaf: DocNavigationItem, parents: DocNavigationItem[] = []) => { - if (found) { - return; - } - - parents = parents.concat(leaf); - - if (isDocsNavigationBlock(leaf)) { - leaf.children.forEach(child => { - if (typeof child === 'string' && testPathAgainstUrl(child, pathname)) { - chain = parents.concat(child); - found = true; - } else { - walk(child, parents); - } - }); - } else if (typeof leaf === 'string' && testPathAgainstUrl(leaf, pathname)) { - chain = parents; - found = true; - } - }; - - navTree.forEach(leaf => walk(leaf)); - - return chain; -} - -export function isDocsNavigationBlock(leaf?: DocNavigationItem): leaf is DocsNavigationBlock { - return typeof leaf === 'object' && (leaf as DocsNavigationBlock).children !== undefined; -} - -export function isDocsNavigationExternalLink( - leaf?: DocNavigationItem -): leaf is DocsNavigationExternalLink { - return typeof leaf === 'object' && (leaf as DocsNavigationExternalLink).url !== undefined; -} - -export function testPathAgainstUrl(path: string, url: string) { - return trimSlashes(url).replace(/^(latest|\d+\.\d+)\//, '') === trimSlashes(path); -} - -function trimSlashes(string: string) { - const leadingRegEx = /^\//; - const trailingRegEx = /\/$/; - return string.replace(leadingRegEx, '').replace(trailingRegEx, ''); -} diff --git a/server/sonar-docs/src/components/update-center-metadata.ts b/server/sonar-docs/src/components/update-center-metadata.ts deleted file mode 100644 index bf514347767..00000000000 --- a/server/sonar-docs/src/components/update-center-metadata.ts +++ /dev/null @@ -1,48 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -export interface MetaDataInformation { - category?: string; - isSonarSourceCommercial?: boolean; - issueTrackerURL?: string; - key?: string; - license?: string; - name: string; - organization?: { - name: string; - url?: string; - }; - sourcesURL?: string; - versions?: MetaDataVersionInformation[]; -} - -export interface MetaDataVersionInformation { - archived?: boolean; - changeLogUrl?: string; - compatibility?: string; - date?: string; - description?: string; - downloadURL?: string | AdvancedDownloadUrl[]; - version: string; -} - -export interface AdvancedDownloadUrl { - label?: string; - url: string; -} diff --git a/server/sonar-docs/src/components/utils.tsx b/server/sonar-docs/src/components/utils.tsx deleted file mode 100644 index c4fe2dc5613..00000000000 --- a/server/sonar-docs/src/components/utils.tsx +++ /dev/null @@ -1,128 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { sortBy } from 'lodash'; -import { MarkdownRemark } from '../@types/graphql-types'; - -const WORDS = 6; - -function cutLeadingWords(str: string) { - let words = 0; - for (let i = str.length - 1; i >= 0; i--) { - if (/\s/.test(str[i])) { - words++; - } - if (words === WORDS) { - return i > 0 ? `...${str.substring(i + 1)}` : str; - } - } - return str; -} - -function cutTrailingWords(str: string) { - let words = 0; - for (let i = 0; i < str.length; i++) { - if (/\s/.test(str[i])) { - words++; - } - if (words === WORDS) { - return i < str.length - 1 ? `${str.substring(0, i)}...` : str; - } - } - return str; -} - -export function cutWords(tokens: Array<{ text: string; marked: boolean }>) { - const result = []; - let length = 0; - - const highlightPos = tokens.findIndex(token => token.marked); - if (highlightPos > 0) { - const text = cutLeadingWords(tokens[highlightPos - 1].text); - result.push({ text, marked: false }); - length += text.length; - } - - result.push(tokens[highlightPos]); - length += tokens[highlightPos].text.length; - - for (let i = highlightPos + 1; i < tokens.length; i++) { - if (length + tokens[i].text.length > 100) { - const text = cutTrailingWords(tokens[i].text); - result.push({ text, marked: false }); - return result; - } else { - result.push(tokens[i]); - length += tokens[i].text.length; - } - } - - return result; -} - -export function getMarkdownRemarkTitle(node?: MarkdownRemark) { - return node && node.frontmatter && (node.frontmatter.nav || node.frontmatter.title); -} - -export function getMarkdownRemarkUrl(node?: MarkdownRemark) { - return ( - (node && node.frontmatter && node.frontmatter.url) || (node && node.fields && node.fields.slug) - ); -} - -export function highlightMarks(str: string, marks: Array<{ from: number; to: number }>) { - const sortedMarks = sortBy( - [ - ...marks.map(mark => ({ pos: mark.from, start: true })), - ...marks.map(mark => ({ pos: mark.to, start: false })) - ], - mark => mark.pos, - mark => Number(!mark.start) - ); - - const cuts = []; - let start = 0; - let balance = 0; - - for (const mark of sortedMarks) { - if (mark.start) { - if (balance === 0 && start !== mark.pos) { - cuts.push({ text: str.substring(start, mark.pos), marked: false }); - start = mark.pos; - } - balance++; - } else { - balance--; - if (balance === 0 && start !== mark.pos) { - cuts.push({ text: str.substring(start, mark.pos), marked: true }); - start = mark.pos; - } - } - } - - if (start < str.length - 1) { - cuts.push({ text: str.substr(start), marked: false }); - } - - return cuts; -} - -export function isDefined<T>(x: T | undefined | null): x is T { - return x !== undefined && x !== null; -} diff --git a/server/sonar-docs/src/images/AzurePipelinesAnalysis.png b/server/sonar-docs/src/images/AzurePipelinesAnalysis.png Binary files differdeleted file mode 100644 index 127118b2e8e..00000000000 --- a/server/sonar-docs/src/images/AzurePipelinesAnalysis.png +++ /dev/null diff --git a/server/sonar-docs/src/images/SQ-instance-components.png b/server/sonar-docs/src/images/SQ-instance-components.png Binary files differdeleted file mode 100644 index 948dc3701a3..00000000000 --- a/server/sonar-docs/src/images/SQ-instance-components.png +++ /dev/null diff --git a/server/sonar-docs/src/images/SonarQubeIcon.svg b/server/sonar-docs/src/images/SonarQubeIcon.svg deleted file mode 100644 index b39bd4947da..00000000000 --- a/server/sonar-docs/src/images/SonarQubeIcon.svg +++ /dev/null @@ -1 +0,0 @@ -<svg id="Calque_1" data-name="Calque 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 540.33 156.33"><defs><style>.cls-1{fill:#1b171b}.cls-3{fill:#4e9bcd}</style></defs><path class="cls-1" d="M11.89 101.92a29.92 29.92 0 0 0 13.23 3.74c4.65 0 6.57-1.62 6.57-4.14s-1.51-3.74-7.27-5.66c-10.21-3.44-14.15-9-14-14.85 0-9.2 7.89-16.17 20.11-16.17a33.07 33.07 0 0 1 13.95 2.83l-2.78 10.6A24.24 24.24 0 0 0 31 75.44c-3.74 0-5.87 1.51-5.87 4 0 2.33 1.93 3.54 8 5.66 9.4 3.23 13.34 8 13.44 15.26 0 9.19-7.27 16-21.42 16-6.47 0-12.22-1.42-16-3.44zM100.63 90.09c0 18.09-12.83 26.38-26.08 26.38C60.11 116.48 49 107 49 91s10.5-26.17 26.37-26.17c15.16 0 25.26 10.41 25.26 25.26zm-35.78.51c0 8.49 3.54 14.85 10.11 14.85 6 0 9.8-6 9.8-14.85 0-7.38-2.83-14.87-9.8-14.87-7.37.01-10.11 7.59-10.11 14.87zM106.11 81.71c0-6.16-.2-11.42-.41-15.76H119l.7 6.76h.31a18.08 18.08 0 0 1 15.25-7.88c10.11 0 17.69 6.66 17.69 21.22v29.31h-15.31V88c0-6.37-2.22-10.71-7.78-10.71a8.18 8.18 0 0 0-7.78 5.71 10.41 10.41 0 0 0-.61 3.84v28.51h-15.36zM189.39 115.36l-.91-5h-.3c-3.23 3.95-8.3 6.07-14.15 6.07-10 0-16-7.29-16-15.16 0-12.83 11.52-19 29-18.91v-.7c0-2.63-1.42-6.37-9-6.37a27.8 27.8 0 0 0-13.64 3.73l-2.84-9.9c3.44-1.93 10.21-4.35 19.2-4.35 16.48 0 21.73 9.7 21.73 21.32v17.18a75.92 75.92 0 0 0 .71 12zM187.58 92c-8.08-.1-14.35 1.83-14.35 7.78 0 3.95 2.63 5.87 6.07 5.87a8.39 8.39 0 0 0 8-5.66 10.87 10.87 0 0 0 .31-2.63zM210.63 82.21c0-7.27-.2-12-.41-16.26h13.24L224 75h.4c2.53-7.17 8.59-10.2 13.34-10.2a16.56 16.56 0 0 1 3.26.2v14.48a21.82 21.82 0 0 0-4.14-.41c-5.66 0-9.5 3-10.52 7.78a18.94 18.94 0 0 0-.3 3.44v25.07h-15.41zM342.35 102c0 5 .1 9.5.41 13.34h-7.89l-.51-8h-.19a18.43 18.43 0 0 1-16.17 9.1c-7.68 0-16.89-4.24-16.89-21.42V66.44H310v27.09c0 9.29 2.83 15.57 10.92 15.57a12.88 12.88 0 0 0 11.72-8.1 13.15 13.15 0 0 0 .81-4.55v-30h8.9zM352.67 115.36c.2-3.34.4-8.3.4-12.64V43.6h8.79v30.73h.2c3.13-5.46 8.79-9 16.68-9 12.12 0 20.71 10.11 20.61 25 0 17.49-11 26.18-21.92 26.18-7.08 0-12.73-2.73-16.37-9.2h-.31l-.4 8.09zm9.19-19.61a16.48 16.48 0 0 0 .41 3.23 13.71 13.71 0 0 0 13.33 10.41c9.31 0 14.85-7.58 14.85-18.79 0-9.8-5-18.19-14.55-18.19a14.17 14.17 0 0 0-13.54 10.91 17.47 17.47 0 0 0-.51 3.64zM411.5 92.52c.19 12 7.88 17 16.77 17a32.24 32.24 0 0 0 13.54-2.52l1.52 6.37c-3.13 1.41-8.49 3-16.27 3-15.06 0-24.06-9.9-24.06-24.65s8.69-26.38 22.94-26.38c16 0 20.21 14 20.21 23a33.67 33.67 0 0 1-.3 4.14zm26.07-6.37c.1-5.66-2.31-14.46-12.32-14.46-9 0-12.94 8.3-13.65 14.46z"/><path d="M290.55 75.25a26.41 26.41 0 1 0-11.31 39.07l10.22 16.6 8.11-5.51-10.22-16.6a26.42 26.42 0 0 0 3.2-33.56M279.1 105.4a18.5 18.5 0 1 1 4.9-25.7 18.52 18.52 0 0 1-4.9 25.7" fill-rule="evenodd" fill="#1b171b"/><path class="cls-3" d="M506.94 115.57h-6.27c0-50.44-41.62-91.48-92.78-91.48v-6.26c54.62 0 99.05 43.84 99.05 97.74z"/><path class="cls-3" d="M511.27 81.93c-7.52-31.65-33.16-58.06-65.27-67.29l1.44-5c33.93 9.74 61 37.65 68.95 71.1zM516.09 52.23a96 96 0 0 0-37.17-41.49l2.17-3.57a100.24 100.24 0 0 1 38.8 43.31z"/></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/activate_rule_compare1.png b/server/sonar-docs/src/images/activate_rule_compare1.png Binary files differdeleted file mode 100644 index ce0d7cfebd7..00000000000 --- a/server/sonar-docs/src/images/activate_rule_compare1.png +++ /dev/null diff --git a/server/sonar-docs/src/images/add-ADO-project.png b/server/sonar-docs/src/images/add-ADO-project.png Binary files differdeleted file mode 100644 index 1c351b5dabe..00000000000 --- a/server/sonar-docs/src/images/add-ADO-project.png +++ /dev/null diff --git a/server/sonar-docs/src/images/add-bitbucket-project.png b/server/sonar-docs/src/images/add-bitbucket-project.png Binary files differdeleted file mode 100644 index 67ad29a2174..00000000000 --- a/server/sonar-docs/src/images/add-bitbucket-project.png +++ /dev/null diff --git a/server/sonar-docs/src/images/add-github-project.png b/server/sonar-docs/src/images/add-github-project.png Binary files differdeleted file mode 100644 index b85f41688f4..00000000000 --- a/server/sonar-docs/src/images/add-github-project.png +++ /dev/null diff --git a/server/sonar-docs/src/images/add-gitlab-project.png b/server/sonar-docs/src/images/add-gitlab-project.png Binary files differdeleted file mode 100644 index 2d3e6e78091..00000000000 --- a/server/sonar-docs/src/images/add-gitlab-project.png +++ /dev/null diff --git a/server/sonar-docs/src/images/alerts/danger.svg b/server/sonar-docs/src/images/alerts/danger.svg deleted file mode 100644 index b7967ce5e8a..00000000000 --- a/server/sonar-docs/src/images/alerts/danger.svg +++ /dev/null @@ -1 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23.36 20.088"><defs><style>.cls-1{fill:#cda251}</style></defs><g id="danger" transform="translate(0 -35.857)"><g id="Groupe_5722" data-name="Groupe 5722" transform="translate(0 35.857)"><g id="Groupe_5721" data-name="Groupe 5721"><path id="Tracé_9564" data-name="Tracé 9564" class="cls-1" d="M23.059 52.763l-9.582-15.891a2.1 2.1 0 0 0-3.594 0L.3 52.763a2.1 2.1 0 0 0 1.8 3.182h19.162a2.1 2.1 0 0 0 1.8-3.182zm-1.294 1.368a.579.579 0 0 1-.5.294H2.1a.578.578 0 0 1-.495-.876l9.582-15.891a.578.578 0 0 1 .989 0l9.582 15.891a.578.578 0 0 1 .007.582z" transform="translate(0 -35.857)"/></g></g><g id="Groupe_5724" data-name="Groupe 5724" transform="translate(10.657 42.114)"><g id="Groupe_5723" data-name="Groupe 5723"><path id="Tracé_9565" data-name="Tracé 9565" class="cls-1" d="M234.608 173.005c-.579 0-1.03.31-1.03.861 0 1.679.2 4.092.2 5.771 0 .437.381.621.833.621.339 0 .818-.183.818-.621 0-1.679.2-4.092.2-5.771a.907.907 0 0 0-1.021-.861z" transform="translate(-233.578 -173.005)"/></g></g><g id="Groupe_5726" data-name="Groupe 5726" transform="translate(10.614 50.341)"><g id="Groupe_5725" data-name="Groupe 5725"><path id="Tracé_9566" data-name="Tracé 9566" class="cls-1" d="M233.738 353.306a1.087 1.087 0 1 0 0 2.173 1.087 1.087 0 0 0 0-2.173z" transform="translate(-232.651 -353.306)"/></g></g></g></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/alerts/info.svg b/server/sonar-docs/src/images/alerts/info.svg deleted file mode 100644 index 53a51953e41..00000000000 --- a/server/sonar-docs/src/images/alerts/info.svg +++ /dev/null @@ -1 +0,0 @@ -<svg data-name="Calque 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><title>info</title><path d="M24 12.2a2.37 2.37 0 1 0 2.37 2.37A2.37 2.37 0 0 0 24 12.2zM24 20.49a1.78 1.78 0 0 0-1.78 1.78v10.66a1.78 1.78 0 1 0 3.55 0V22.27A1.78 1.78 0 0 0 24 20.49z"/><path d="M24 3.91a19.55 19.55 0 1 0 19.58 19.54A19.57 19.57 0 0 0 24 3.91zm0 35.54a16 16 0 1 1 16-16 16 16 0 0 1-16 16z"/></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/alerts/wrong.svg b/server/sonar-docs/src/images/alerts/wrong.svg deleted file mode 100644 index 528f1622012..00000000000 --- a/server/sonar-docs/src/images/alerts/wrong.svg +++ /dev/null @@ -1 +0,0 @@ -<svg data-name="Calque 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><title>wrong</title><path d="M14.39 33a1.77 1.77 0 0 0 2.51 0l7-7 7 7a1.78 1.78 0 0 0 1.25.52 1.8 1.8 0 0 0 1.3-.52 1.78 1.78 0 0 0 0-2.51l-7-7 7-7A1.77 1.77 0 0 0 30.94 14l-7 7-7-7a1.77 1.77 0 0 0-2.51 2.51l7 7-7 7a1.78 1.78 0 0 0-.04 2.49z"/><path d="M24 3.91a19.55 19.55 0 1 0 19.58 19.54A19.57 19.57 0 0 0 24 3.91zm0 35.54a16 16 0 1 1 16-16 16 16 0 0 1-16 16z"/></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/alm/azure.svg b/server/sonar-docs/src/images/alm/azure.svg deleted file mode 100644 index 821cb21e18f..00000000000 --- a/server/sonar-docs/src/images/alm/azure.svg +++ /dev/null @@ -1,2 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 22.009 22"><path fill="#0078d7" d="M2.916 15.015v-7.25l19.093-3.758v13.446L16.62 21.92l-8.226-2.757V22l-5.478-6.985 13.216 1.728V5.052L9.812 0l.044 2.3-7.516 3L0 8.1v6.3z"/></svg> - diff --git a/server/sonar-docs/src/images/alm/bitbucket.svg b/server/sonar-docs/src/images/alm/bitbucket.svg deleted file mode 100644 index c0d235a1546..00000000000 --- a/server/sonar-docs/src/images/alm/bitbucket.svg +++ /dev/null @@ -1,2 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="-361.924 -3545.014 58.441 52.551"><defs><linearGradient id="a" x1="1.086" x2=".469" y1=".138" y2=".788" gradientUnits="objectBoundingBox"><stop offset=".18" stop-color="#0052cc"/><stop offset="1" stop-color="#2684ff"/></linearGradient></defs><path fill="#2684ff" d="M-360.027-3545.013a1.872 1.872 0 0 0-1.871 2.172l7.947 48.253a2.547 2.547 0 0 0 2.49 2.125h38.133a1.872 1.872 0 0 0 1.872-1.573l7.949-48.8a1.872 1.872 0 0 0-1.872-2.172zm33.47 34.875h-12.171l-3.3-17.217h18.42z"/><path fill="url(#a)" d="M56.464 25.12H38.891l-2.949 17.217H23.771L9.4 59.4a2.537 2.537 0 0 0 1.638.618H49.18a1.872 1.872 0 0 0 1.872-1.573z" transform="translate(-362.499 -3552.476)"/></svg> - diff --git a/server/sonar-docs/src/images/alm/github.svg b/server/sonar-docs/src/images/alm/github.svg deleted file mode 100644 index 37d1b86c228..00000000000 --- a/server/sonar-docs/src/images/alm/github.svg +++ /dev/null @@ -1,2 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="-738.601 -3545.014 54.017 52.551"><path fill="#191717" fill-rule="evenodd" d="M-711.675-3545.014a26.975 26.975 0 0 0-8.59 52.53c1.322.165 1.817-.661 1.817-1.322v-4.625c-7.433 1.652-9.085-3.634-9.085-3.634-1.156-3.139-2.973-3.965-2.973-3.965-2.478-1.652.165-1.652.165-1.652 2.643.165 4.13 2.808 4.13 2.808 2.478 4.13 6.277 2.973 7.764 2.313a5.752 5.752 0 0 1 1.646-3.634c-5.947-.661-12.224-2.973-12.224-13.38a10.24 10.24 0 0 1 2.808-7.268 9.781 9.781 0 0 1 .33-6.938s2.313-.661 7.433 2.808a23.083 23.083 0 0 1 6.773-.826 30.4 30.4 0 0 1 6.773.826c5.121-3.469 7.433-2.808 7.433-2.808a10.343 10.343 0 0 1 .33 7.1 10.684 10.684 0 0 1 2.815 7.267c0 10.407-6.277 12.554-12.224 13.215.991.826 1.817 2.478 1.817 4.956v7.433c0 .661.5 1.487 1.817 1.322a26.976 26.976 0 0 0-8.755-52.526z"/></svg> - diff --git a/server/sonar-docs/src/images/alm/gitlab.svg b/server/sonar-docs/src/images/alm/gitlab.svg deleted file mode 100644 index 1f796f609de..00000000000 --- a/server/sonar-docs/src/images/alm/gitlab.svg +++ /dev/null @@ -1 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="90 95 200 190"><defs><style>.cls-1{fill:#e24329;}.cls-2{fill:#fc6d26;}.cls-3{fill:#fca326;}</style></defs><g id="LOGO"><path class="cls-1" d="M282.83,170.73l-.27-.69-26.14-68.22a6.81,6.81,0,0,0-2.69-3.24,7,7,0,0,0-8,.43,7,7,0,0,0-2.32,3.52l-17.65,54H154.29l-17.65-54A6.86,6.86,0,0,0,134.32,99a7,7,0,0,0-8-.43,6.87,6.87,0,0,0-2.69,3.24L97.44,170l-.26.69a48.54,48.54,0,0,0,16.1,56.1l.09.07.24.17,39.82,29.82,19.7,14.91,12,9.06a8.07,8.07,0,0,0,9.76,0l12-9.06,19.7-14.91,40.06-30,.1-.08A48.56,48.56,0,0,0,282.83,170.73Z"/><path class="cls-2" d="M282.83,170.73l-.27-.69a88.3,88.3,0,0,0-35.15,15.8L190,229.25c19.55,14.79,36.57,27.64,36.57,27.64l40.06-30,.1-.08A48.56,48.56,0,0,0,282.83,170.73Z"/><path class="cls-3" d="M153.43,256.89l19.7,14.91,12,9.06a8.07,8.07,0,0,0,9.76,0l12-9.06,19.7-14.91S209.55,244,190,229.25C170.45,244,153.43,256.89,153.43,256.89Z"/><path class="cls-2" d="M132.58,185.84A88.19,88.19,0,0,0,97.44,170l-.26.69a48.54,48.54,0,0,0,16.1,56.1l.09.07.24.17,39.82,29.82s17-12.85,36.57-27.64Z"/></g></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/architecture-integrate.png b/server/sonar-docs/src/images/architecture-integrate.png Binary files differdeleted file mode 100644 index 7cfddea1800..00000000000 --- a/server/sonar-docs/src/images/architecture-integrate.png +++ /dev/null diff --git a/server/sonar-docs/src/images/architecture-scanning.png b/server/sonar-docs/src/images/architecture-scanning.png Binary files differdeleted file mode 100644 index 6d6c835cb27..00000000000 --- a/server/sonar-docs/src/images/architecture-scanning.png +++ /dev/null diff --git a/server/sonar-docs/src/images/astSample.png b/server/sonar-docs/src/images/astSample.png Binary files differdeleted file mode 100644 index 8f71158e938..00000000000 --- a/server/sonar-docs/src/images/astSample.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-attributes.jpg b/server/sonar-docs/src/images/azure/saml-azure-attributes.jpg Binary files differdeleted file mode 100644 index 6f629a49acc..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-attributes.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-basic-saml.jpg b/server/sonar-docs/src/images/azure/saml-azure-basic-saml.jpg Binary files differdeleted file mode 100644 index ddf155190ae..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-basic-saml.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-certificate.jpg b/server/sonar-docs/src/images/azure/saml-azure-certificate.jpg Binary files differdeleted file mode 100644 index 3cfdd9156f3..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-certificate.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-create-application.jpg b/server/sonar-docs/src/images/azure/saml-azure-create-application.jpg Binary files differdeleted file mode 100644 index 39fe2ef36df..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-create-application.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-encryption.jpg b/server/sonar-docs/src/images/azure/saml-azure-encryption.jpg Binary files differdeleted file mode 100644 index 23ad86dceb6..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-encryption.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-group-claim.jpg b/server/sonar-docs/src/images/azure/saml-azure-group-claim.jpg Binary files differdeleted file mode 100644 index 401c181153c..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-group-claim.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-links.jpg b/server/sonar-docs/src/images/azure/saml-azure-links.jpg Binary files differdeleted file mode 100644 index e31e6516011..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-links.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-mapping.jpg b/server/sonar-docs/src/images/azure/saml-azure-mapping.jpg Binary files differdeleted file mode 100644 index ea28d052135..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-mapping.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-new.jpg b/server/sonar-docs/src/images/azure/saml-azure-new.jpg Binary files differdeleted file mode 100644 index 9c66238205c..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-new.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-role-claim.jpg b/server/sonar-docs/src/images/azure/saml-azure-role-claim.jpg Binary files differdeleted file mode 100644 index c22adadc87d..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-role-claim.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-signature.jpg b/server/sonar-docs/src/images/azure/saml-azure-signature.jpg Binary files differdeleted file mode 100644 index 8fa055c2771..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-signature.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-appid.png b/server/sonar-docs/src/images/azure/saml-azure-sq-appid.png Binary files differdeleted file mode 100644 index 71c6040bf01..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-appid.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-attributes.png b/server/sonar-docs/src/images/azure/saml-azure-sq-attributes.png Binary files differdeleted file mode 100644 index 37433ca7152..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-attributes.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-certificate.png b/server/sonar-docs/src/images/azure/saml-azure-sq-certificate.png Binary files differdeleted file mode 100644 index 819a1d1d923..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-certificate.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-certs.png b/server/sonar-docs/src/images/azure/saml-azure-sq-certs.png Binary files differdeleted file mode 100644 index 6c89d54bc78..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-certs.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-encryption.png b/server/sonar-docs/src/images/azure/saml-azure-sq-encryption.png Binary files differdeleted file mode 100644 index b7ab8529f5e..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-encryption.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-group-role.png b/server/sonar-docs/src/images/azure/saml-azure-sq-group-role.png Binary files differdeleted file mode 100644 index 1445923df1c..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-group-role.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-groups.png b/server/sonar-docs/src/images/azure/saml-azure-sq-groups.png Binary files differdeleted file mode 100644 index c7d7de342b2..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-groups.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-links.png b/server/sonar-docs/src/images/azure/saml-azure-sq-links.png Binary files differdeleted file mode 100644 index d592a1a9da9..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-links.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-login.png b/server/sonar-docs/src/images/azure/saml-azure-sq-login.png Binary files differdeleted file mode 100644 index c98abe8cdc7..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-login.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sq-saml.png b/server/sonar-docs/src/images/azure/saml-azure-sq-saml.png Binary files differdeleted file mode 100644 index 04ae001a8da..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sq-saml.png +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-sso.jpg b/server/sonar-docs/src/images/azure/saml-azure-sso.jpg Binary files differdeleted file mode 100644 index 7d6374f1cf5..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-sso.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/azure/saml-azure-users.jpg b/server/sonar-docs/src/images/azure/saml-azure-users.jpg Binary files differdeleted file mode 100644 index ec2312742b1..00000000000 --- a/server/sonar-docs/src/images/azure/saml-azure-users.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/backgroundTaskProcessingFailedIcon.jpeg b/server/sonar-docs/src/images/backgroundTaskProcessingFailedIcon.jpeg Binary files differdeleted file mode 100644 index 5b8bdc7e8a9..00000000000 --- a/server/sonar-docs/src/images/backgroundTaskProcessingFailedIcon.jpeg +++ /dev/null diff --git a/server/sonar-docs/src/images/backgroundTaskProcessingInProgress.jpeg b/server/sonar-docs/src/images/backgroundTaskProcessingInProgress.jpeg Binary files differdeleted file mode 100644 index cf48fdab57b..00000000000 --- a/server/sonar-docs/src/images/backgroundTaskProcessingInProgress.jpeg +++ /dev/null diff --git a/server/sonar-docs/src/images/check.svg b/server/sonar-docs/src/images/check.svg deleted file mode 100644 index 51435de4153..00000000000 --- a/server/sonar-docs/src/images/check.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M12.703 6.523a.593.593 0 0 0-.164-.419l-.83-.82a.58.58 0 0 0-.41-.173.58.58 0 0 0-.41.173l-3.718 3.71-2.06-2.06a.58.58 0 0 0-.41-.174.58.58 0 0 0-.41.174l-.83.82a.593.593 0 0 0-.164.42c0 .154.055.3.164.41l3.3 3.299c.109.11.264.173.41.173.155 0 .31-.064.419-.173l4.95-4.95a.571.571 0 0 0 .163-.41zM15 8c0 3.865-3.135 7-7 7s-7-3.135-7-7 3.135-7 7-7 7 3.135 7 7z" fill="#0a0" fill-rule="nonzero"/></svg> diff --git a/server/sonar-docs/src/images/close.svg b/server/sonar-docs/src/images/close.svg deleted file mode 100644 index 10b0b0a44f9..00000000000 --- a/server/sonar-docs/src/images/close.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M11.596 8.28l-4.604 4.602a.382.382 0 0 1-.279.118.382.382 0 0 1-.279-.118l-1.03-1.03a.382.382 0 0 1-.117-.278c0-.108.04-.201.117-.28L8.7 8 5.404 4.706a.382.382 0 0 1-.117-.28c0-.108.04-.2.117-.279l1.03-1.03A.382.382 0 0 1 6.714 3c.107 0 .2.04.278.118l4.604 4.603a.382.382 0 0 1 .117.279c0 .108-.04.201-.117.28z" fill="#236a97" /></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/cluster-dce.png b/server/sonar-docs/src/images/cluster-dce.png Binary files differdeleted file mode 100644 index fa403ab62eb..00000000000 --- a/server/sonar-docs/src/images/cluster-dce.png +++ /dev/null diff --git a/server/sonar-docs/src/images/commit-info-in-code-viewer.png b/server/sonar-docs/src/images/commit-info-in-code-viewer.png Binary files differdeleted file mode 100644 index 845daf699d6..00000000000 --- a/server/sonar-docs/src/images/commit-info-in-code-viewer.png +++ /dev/null diff --git a/server/sonar-docs/src/images/community.svg b/server/sonar-docs/src/images/community.svg deleted file mode 100644 index 25bbe950663..00000000000 --- a/server/sonar-docs/src/images/community.svg +++ /dev/null @@ -1 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 14.67 15.199"><defs><style>.cls-1{fill:#8a8c8f}</style></defs><g id="Groupe_5754" data-name="Groupe 5754" transform="translate(-152.652 -749)"><g id="user_5_" data-name="user (5)" transform="translate(152.652 753.42)"><g id="User"><g id="Groupe_5718" data-name="Groupe 5718"><path id="Tracé_9562" data-name="Tracé 9562" class="cls-1" d="M5.39 7.411c1.672 0 3.032-1.663 3.032-3.706S7.061 0 5.39 0a2.77 2.77 0 0 0-2.169 1.113 4.148 4.148 0 0 0-.863 2.593c0 2.042 1.36 3.705 3.032 3.705zm0-6.737c1.3 0 2.358 1.36 2.358 3.032S6.69 6.738 5.39 6.738 3.032 5.377 3.031 3.706 4.09.674 5.39.674zm2.358 6.063a.337.337 0 1 0 0 .674 2.361 2.361 0 0 1 2.358 2.358.337.337 0 0 1-.337.337H1.011a.337.337 0 0 1-.337-.337 2.361 2.361 0 0 1 2.358-2.358.337.337 0 1 0 0-.674A3.035 3.035 0 0 0 0 9.769a1.012 1.012 0 0 0 1.011 1.011h8.758a1.012 1.012 0 0 0 1.011-1.011 3.035 3.035 0 0 0-3.032-3.032z"/></g></g></g><g id="Groupe_5753" data-name="Groupe 5753" transform="translate(158.078 749)"><path id="Tracé_8533" data-name="Tracé 8533" class="cls-1" d="M299.414 15.715h-.506a7.469 7.469 0 0 0-7.508-7.409V7.8a7.974 7.974 0 0 1 8.014 7.915" transform="translate(-291.4 -6.943)"/><path id="Tracé_8534" data-name="Tracé 8534" class="cls-1" d="M324.687 7.659a7.63 7.63 0 0 0-5.287-5.452l.121-.407a8.071 8.071 0 0 1 5.584 5.76z" transform="translate(-316.322 -1.602)"/><path id="Tracé_8535" data-name="Tracé 8535" class="cls-1" d="M348.312 3.65A7.81 7.81 0 0 0 345.3.286l.176-.286a8.139 8.139 0 0 1 3.144 3.507z" transform="translate(-339.375)"/></g></g></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/complex.png b/server/sonar-docs/src/images/complex.png Binary files differdeleted file mode 100644 index cc87d6a67a6..00000000000 --- a/server/sonar-docs/src/images/complex.png +++ /dev/null diff --git a/server/sonar-docs/src/images/create_application.png b/server/sonar-docs/src/images/create_application.png Binary files differdeleted file mode 100644 index cf0210c4d28..00000000000 --- a/server/sonar-docs/src/images/create_application.png +++ /dev/null diff --git a/server/sonar-docs/src/images/creatingportfoliosandapps.png b/server/sonar-docs/src/images/creatingportfoliosandapps.png Binary files differdeleted file mode 100644 index 833480deea8..00000000000 --- a/server/sonar-docs/src/images/creatingportfoliosandapps.png +++ /dev/null diff --git a/server/sonar-docs/src/images/cross.svg b/server/sonar-docs/src/images/cross.svg deleted file mode 100644 index 57c6853ce4d..00000000000 --- a/server/sonar-docs/src/images/cross.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M11.473 10.06a.58.58 0 0 0-.174-.41L9.65 8l1.65-1.65a.58.58 0 0 0 0-.83l-.82-.82a.58.58 0 0 0-.83 0L8 6.35 6.35 4.7a.58.58 0 0 0-.83 0l-.82.82a.58.58 0 0 0 0 .83L6.35 8 4.7 9.65a.58.58 0 0 0 0 .83l.82.82c.11.109.265.173.42.173a.58.58 0 0 0 .41-.174L8 9.65l1.65 1.65a.58.58 0 0 0 .83 0l.82-.82a.601.601 0 0 0 .173-.42zM15 8c0 3.865-3.135 7-7 7s-7-3.135-7-7 3.135-7 7-7 7 3.135 7 7z" fill="#d4333f" fill-rule="nonzero"/></svg> diff --git a/server/sonar-docs/src/images/db-copy/copy-data.png b/server/sonar-docs/src/images/db-copy/copy-data.png Binary files differdeleted file mode 100644 index 4ba4dad9b87..00000000000 --- a/server/sonar-docs/src/images/db-copy/copy-data.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/copy-errors-shown.png b/server/sonar-docs/src/images/db-copy/copy-errors-shown.png Binary files differdeleted file mode 100644 index 397a02134da..00000000000 --- a/server/sonar-docs/src/images/db-copy/copy-errors-shown.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/missing-table-not-copied.png b/server/sonar-docs/src/images/db-copy/missing-table-not-copied.png Binary files differdeleted file mode 100644 index 39aebfac4cb..00000000000 --- a/server/sonar-docs/src/images/db-copy/missing-table-not-copied.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/missing-table-not-purged.png b/server/sonar-docs/src/images/db-copy/missing-table-not-purged.png Binary files differdeleted file mode 100644 index 4812bb920a9..00000000000 --- a/server/sonar-docs/src/images/db-copy/missing-table-not-purged.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/missing-table-warning.png b/server/sonar-docs/src/images/db-copy/missing-table-warning.png Binary files differdeleted file mode 100644 index 7a5816fa9a5..00000000000 --- a/server/sonar-docs/src/images/db-copy/missing-table-warning.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/search-tables.png b/server/sonar-docs/src/images/db-copy/search-tables.png Binary files differdeleted file mode 100644 index ce1eed90d3c..00000000000 --- a/server/sonar-docs/src/images/db-copy/search-tables.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/summary-of-differences.png b/server/sonar-docs/src/images/db-copy/summary-of-differences.png Binary files differdeleted file mode 100644 index 7cd71103dcb..00000000000 --- a/server/sonar-docs/src/images/db-copy/summary-of-differences.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/truncate-tables.png b/server/sonar-docs/src/images/db-copy/truncate-tables.png Binary files differdeleted file mode 100644 index 4812bb920a9..00000000000 --- a/server/sonar-docs/src/images/db-copy/truncate-tables.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/verify-urls.png b/server/sonar-docs/src/images/db-copy/verify-urls.png Binary files differdeleted file mode 100644 index 3a6b5a45417..00000000000 --- a/server/sonar-docs/src/images/db-copy/verify-urls.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/verify-versions.png b/server/sonar-docs/src/images/db-copy/verify-versions.png Binary files differdeleted file mode 100644 index dc30216d2b7..00000000000 --- a/server/sonar-docs/src/images/db-copy/verify-versions.png +++ /dev/null diff --git a/server/sonar-docs/src/images/db-copy/version0-ok.png b/server/sonar-docs/src/images/db-copy/version0-ok.png Binary files differdeleted file mode 100644 index e7d2436a87b..00000000000 --- a/server/sonar-docs/src/images/db-copy/version0-ok.png +++ /dev/null diff --git a/server/sonar-docs/src/images/dev-cycle.png b/server/sonar-docs/src/images/dev-cycle.png Binary files differdeleted file mode 100644 index 7716ac251df..00000000000 --- a/server/sonar-docs/src/images/dev-cycle.png +++ /dev/null diff --git a/server/sonar-docs/src/images/encrypt-value.png b/server/sonar-docs/src/images/encrypt-value.png Binary files differdeleted file mode 100644 index c71737322d4..00000000000 --- a/server/sonar-docs/src/images/encrypt-value.png +++ /dev/null diff --git a/server/sonar-docs/src/images/exclamation.svg b/server/sonar-docs/src/images/exclamation.svg deleted file mode 100644 index 7b1e8da8192..00000000000 --- a/server/sonar-docs/src/images/exclamation.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M9.006 11.114V9.651a.25.25 0 0 0-.247-.254H7.281a.25.25 0 0 0-.247.254v1.463a.25.25 0 0 0 .247.254h1.478a.25.25 0 0 0 .247-.254zm-.016-2.88l.14-3.535a.186.186 0 0 0-.078-.147c-.046-.038-.115-.084-.185-.084H7.173c-.07 0-.139.046-.185.084-.054.039-.077.116-.077.162l.13 3.52c0 .1.116.177.263.177h1.425c.138 0 .254-.077.261-.177zM8.883 1.04l5.915 10.844a.986.986 0 0 1-.863 1.456H2.105a.986.986 0 0 1-.863-1.456L7.157 1.04a.98.98 0 0 1 1.726 0z" fill="#ff9900" fill-rule="nonzero"/></svg> diff --git a/server/sonar-docs/src/images/exclusions.jpg b/server/sonar-docs/src/images/exclusions.jpg Binary files differdeleted file mode 100644 index a4c6bb63865..00000000000 --- a/server/sonar-docs/src/images/exclusions.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/executable-lines-python-exception.png b/server/sonar-docs/src/images/executable-lines-python-exception.png Binary files differdeleted file mode 100644 index 985e5c03e8c..00000000000 --- a/server/sonar-docs/src/images/executable-lines-python-exception.png +++ /dev/null diff --git a/server/sonar-docs/src/images/gear.png b/server/sonar-docs/src/images/gear.png Binary files differdeleted file mode 100644 index 21d0c85a420..00000000000 --- a/server/sonar-docs/src/images/gear.png +++ /dev/null diff --git a/server/sonar-docs/src/images/github-branch-decoration.png b/server/sonar-docs/src/images/github-branch-decoration.png Binary files differdeleted file mode 100644 index 25837cdf7c4..00000000000 --- a/server/sonar-docs/src/images/github-branch-decoration.png +++ /dev/null diff --git a/server/sonar-docs/src/images/http-header-authentication.png b/server/sonar-docs/src/images/http-header-authentication.png Binary files differdeleted file mode 100644 index 221ded008ca..00000000000 --- a/server/sonar-docs/src/images/http-header-authentication.png +++ /dev/null diff --git a/server/sonar-docs/src/images/inclusions.jpg b/server/sonar-docs/src/images/inclusions.jpg Binary files differdeleted file mode 100644 index 9641f2a5164..00000000000 --- a/server/sonar-docs/src/images/inclusions.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/info.svg b/server/sonar-docs/src/images/info.svg deleted file mode 100644 index c794429034a..00000000000 --- a/server/sonar-docs/src/images/info.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M10.333 12.375v-1.458a.288.288 0 0 0-.291-.292h-.875V5.958a.288.288 0 0 0-.292-.291H5.958a.288.288 0 0 0-.291.291v1.459c0 .164.127.291.291.291h.875v2.917h-.875a.288.288 0 0 0-.291.292v1.458c0 .164.127.292.291.292h4.084a.288.288 0 0 0 .291-.292zM9.167 4.208V2.75a.288.288 0 0 0-.292-.292h-1.75a.288.288 0 0 0-.292.292v1.458c0 .164.128.292.292.292h1.75a.288.288 0 0 0 .292-.292zM15 8c0 3.865-3.135 7-7 7s-7-3.135-7-7 3.135-7 7-7 7 3.135 7 7z" fill="#4b9fd5" fill-rule="nonzero"/></svg> diff --git a/server/sonar-docs/src/images/long-lived-branch-concept.png b/server/sonar-docs/src/images/long-lived-branch-concept.png Binary files differdeleted file mode 100644 index cc31705e524..00000000000 --- a/server/sonar-docs/src/images/long-lived-branch-concept.png +++ /dev/null diff --git a/server/sonar-docs/src/images/newspaper.svg b/server/sonar-docs/src/images/newspaper.svg deleted file mode 100644 index ae8027cce4c..00000000000 --- a/server/sonar-docs/src/images/newspaper.svg +++ /dev/null @@ -1 +0,0 @@ -<svg id="newspaper" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 13.45 12.543"><defs><style>.cls-1{fill:#8a8c8f}</style></defs><g id="Groupe_5746" data-name="Groupe 5746" transform="translate(5.348 3.34)"><g id="Groupe_5745" data-name="Groupe 5745"><path id="Tracé_9572" data-name="Tracé 9572" class="cls-1" d="M207.455 144.4h-3.34a.533.533 0 1 0 0 1.066h3.34a.533.533 0 1 0 0-1.066z" transform="translate(-203.582 -144.402)"/></g></g><g id="Groupe_5748" data-name="Groupe 5748" transform="translate(5.348 5.917)"><g id="Groupe_5747" data-name="Groupe 5747"><path id="Tracé_9573" data-name="Tracé 9573" class="cls-1" d="M208.735 242.473h-4.619a.533.533 0 0 0 0 1.066h4.619a.533.533 0 0 0 0-1.066z" transform="translate(-203.582 -242.473)"/></g></g><g id="Groupe_5750" data-name="Groupe 5750"><g id="Groupe_5749" data-name="Groupe 5749"><path id="Tracé_9574" data-name="Tracé 9574" class="cls-1" d="M12.917 17.247H3.482a.533.533 0 0 0-.533.533v5.028h-.941A2.01 2.01 0 0 0 0 24.816v2.967a2.008 2.008 0 0 0 2.275 1.99h8.794a2.384 2.384 0 0 0 2.381-2.381V17.78a.533.533 0 0 0-.533-.533zM2.949 27.783a.943.943 0 0 1-.759.924h-.182v.018a.943.943 0 0 1-.942-.942v-2.967a.943.943 0 0 1 .942-.942h.942v3.909zm9.434-.391a1.332 1.332 0 0 1-1.315 1.315H3.79a1.994 1.994 0 0 0 .225-.924v-9.47h8.368v9.079z" transform="translate(0 -17.247)"/></g></g><g id="Groupe_5752" data-name="Groupe 5752" transform="translate(5.348 8.333)"><g id="Groupe_5751" data-name="Groupe 5751"><path id="Tracé_9575" data-name="Tracé 9575" class="cls-1" d="M207.455 334.464h-3.34a.533.533 0 1 0 0 1.066h3.34a.533.533 0 1 0 0-1.066z" transform="translate(-203.582 -334.464)"/></g></g></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/okta/okta-assign-users.png b/server/sonar-docs/src/images/okta/okta-assign-users.png Binary files differdeleted file mode 100644 index 0ccc14954df..00000000000 --- a/server/sonar-docs/src/images/okta/okta-assign-users.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-attributes.png b/server/sonar-docs/src/images/okta/okta-attributes.png Binary files differdeleted file mode 100644 index f934d5c9ae7..00000000000 --- a/server/sonar-docs/src/images/okta/okta-attributes.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-create-application.png b/server/sonar-docs/src/images/okta/okta-create-application.png Binary files differdeleted file mode 100644 index 3cecbc483e1..00000000000 --- a/server/sonar-docs/src/images/okta/okta-create-application.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-encryption-attributes.png b/server/sonar-docs/src/images/okta/okta-encryption-attributes.png Binary files differdeleted file mode 100644 index 6bf3eba7617..00000000000 --- a/server/sonar-docs/src/images/okta/okta-encryption-attributes.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-general-settings.png b/server/sonar-docs/src/images/okta/okta-general-settings.png Binary files differdeleted file mode 100644 index 2fb53730a7a..00000000000 --- a/server/sonar-docs/src/images/okta/okta-general-settings.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-group-attribute.png b/server/sonar-docs/src/images/okta/okta-group-attribute.png Binary files differdeleted file mode 100644 index 050cc0be1e8..00000000000 --- a/server/sonar-docs/src/images/okta/okta-group-attribute.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-saml-settings.png b/server/sonar-docs/src/images/okta/okta-saml-settings.png Binary files differdeleted file mode 100644 index 78c3a546538..00000000000 --- a/server/sonar-docs/src/images/okta/okta-saml-settings.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-setup-instructions.png b/server/sonar-docs/src/images/okta/okta-setup-instructions.png Binary files differdeleted file mode 100644 index bd6726eab4f..00000000000 --- a/server/sonar-docs/src/images/okta/okta-setup-instructions.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/okta-signon.png b/server/sonar-docs/src/images/okta/okta-signon.png Binary files differdeleted file mode 100644 index 7c10eb47dec..00000000000 --- a/server/sonar-docs/src/images/okta/okta-signon.png +++ /dev/null diff --git a/server/sonar-docs/src/images/okta/saml-okta-sq-saml.png b/server/sonar-docs/src/images/okta/saml-okta-sq-saml.png Binary files differdeleted file mode 100644 index 1866ac66ce1..00000000000 --- a/server/sonar-docs/src/images/okta/saml-okta-sq-saml.png +++ /dev/null diff --git a/server/sonar-docs/src/images/open.svg b/server/sonar-docs/src/images/open.svg deleted file mode 100644 index b5d7e4c6d26..00000000000 --- a/server/sonar-docs/src/images/open.svg +++ /dev/null @@ -1 +0,0 @@ -<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill-rule="evenodd" clip-rule="evenodd" stroke-linejoin="round" stroke-miterlimit="1.414"><path d="M7.72 11.596L3.119 6.992A.382.382 0 0 1 3 6.713c0-.108.04-.2.118-.279l1.03-1.03a.382.382 0 0 1 .278-.117c.108 0 .201.04.28.117L8 8.7l3.294-3.295a.382.382 0 0 1 .28-.117c.108 0 .2.04.279.117l1.03 1.03a.382.382 0 0 1 .117.28c0 .107-.04.2-.118.278L8.28 11.596a.382.382 0 0 1-.279.117.382.382 0 0 1-.28-.117z" fill="#236a97" /></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/pranalysis.png b/server/sonar-docs/src/images/pranalysis.png Binary files differdeleted file mode 100644 index ebb70069037..00000000000 --- a/server/sonar-docs/src/images/pranalysis.png +++ /dev/null diff --git a/server/sonar-docs/src/images/quality-gate-status.jpeg b/server/sonar-docs/src/images/quality-gate-status.jpeg Binary files differdeleted file mode 100644 index c57c27b9e64..00000000000 --- a/server/sonar-docs/src/images/quality-gate-status.jpeg +++ /dev/null diff --git a/server/sonar-docs/src/images/rule-template-details.png b/server/sonar-docs/src/images/rule-template-details.png Binary files differdeleted file mode 100644 index e804716b2a9..00000000000 --- a/server/sonar-docs/src/images/rule-template-details.png +++ /dev/null diff --git a/server/sonar-docs/src/images/rule-templates.png b/server/sonar-docs/src/images/rule-templates.png Binary files differdeleted file mode 100644 index 8bb628178ce..00000000000 --- a/server/sonar-docs/src/images/rule-templates.png +++ /dev/null diff --git a/server/sonar-docs/src/images/rules-custom.png b/server/sonar-docs/src/images/rules-custom.png Binary files differdeleted file mode 100644 index 89f30c20735..00000000000 --- a/server/sonar-docs/src/images/rules-custom.png +++ /dev/null diff --git a/server/sonar-docs/src/images/saml-keycloak-sq-saml.png b/server/sonar-docs/src/images/saml-keycloak-sq-saml.png Binary files differdeleted file mode 100644 index 1866ac66ce1..00000000000 --- a/server/sonar-docs/src/images/saml-keycloak-sq-saml.png +++ /dev/null diff --git a/server/sonar-docs/src/images/saml_authentication_flow.png b/server/sonar-docs/src/images/saml_authentication_flow.png Binary files differdeleted file mode 100644 index 15aefd9a5e3..00000000000 --- a/server/sonar-docs/src/images/saml_authentication_flow.png +++ /dev/null diff --git a/server/sonar-docs/src/images/settings-hierarchy.png b/server/sonar-docs/src/images/settings-hierarchy.png Binary files differdeleted file mode 100644 index a7ea4574635..00000000000 --- a/server/sonar-docs/src/images/settings-hierarchy.png +++ /dev/null diff --git a/server/sonar-docs/src/images/short-lived-branch-concept.png b/server/sonar-docs/src/images/short-lived-branch-concept.png Binary files differdeleted file mode 100644 index 24f98a86710..00000000000 --- a/server/sonar-docs/src/images/short-lived-branch-concept.png +++ /dev/null diff --git a/server/sonar-docs/src/images/simple.png b/server/sonar-docs/src/images/simple.png Binary files differdeleted file mode 100644 index 572fb91d465..00000000000 --- a/server/sonar-docs/src/images/simple.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-exclusions-complex.png b/server/sonar-docs/src/images/sonar-exclusions-complex.png Binary files differdeleted file mode 100644 index 985b4cd4186..00000000000 --- a/server/sonar-docs/src/images/sonar-exclusions-complex.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-inclusions-complex.png b/server/sonar-docs/src/images/sonar-inclusions-complex.png Binary files differdeleted file mode 100644 index 1e7506ee713..00000000000 --- a/server/sonar-docs/src/images/sonar-inclusions-complex.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-sources-complex.png b/server/sonar-docs/src/images/sonar-sources-complex.png Binary files differdeleted file mode 100644 index 087eb3e213e..00000000000 --- a/server/sonar-docs/src/images/sonar-sources-complex.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-sources-simple.png b/server/sonar-docs/src/images/sonar-sources-simple.png Binary files differdeleted file mode 100644 index 3922c55f07c..00000000000 --- a/server/sonar-docs/src/images/sonar-sources-simple.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-tests-complex.png b/server/sonar-docs/src/images/sonar-tests-complex.png Binary files differdeleted file mode 100644 index dd892446844..00000000000 --- a/server/sonar-docs/src/images/sonar-tests-complex.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonar-tests-simple.png b/server/sonar-docs/src/images/sonar-tests-simple.png Binary files differdeleted file mode 100644 index 3eeb7542717..00000000000 --- a/server/sonar-docs/src/images/sonar-tests-simple.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonarqube-icon.png b/server/sonar-docs/src/images/sonarqube-icon.png Binary files differdeleted file mode 100644 index 375094345b6..00000000000 --- a/server/sonar-docs/src/images/sonarqube-icon.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sonarsource-icon.png b/server/sonar-docs/src/images/sonarsource-icon.png Binary files differdeleted file mode 100644 index 430eb1f3688..00000000000 --- a/server/sonar-docs/src/images/sonarsource-icon.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sources.jpg b/server/sonar-docs/src/images/sources.jpg Binary files differdeleted file mode 100644 index b3bb1071e81..00000000000 --- a/server/sonar-docs/src/images/sources.jpg +++ /dev/null diff --git a/server/sonar-docs/src/images/sq-github-code-scanning-alerts.png b/server/sonar-docs/src/images/sq-github-code-scanning-alerts.png Binary files differdeleted file mode 100644 index ffc9db50db0..00000000000 --- a/server/sonar-docs/src/images/sq-github-code-scanning-alerts.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sq-github-code-scanning-sync-2.png b/server/sonar-docs/src/images/sq-github-code-scanning-sync-2.png Binary files differdeleted file mode 100644 index 0030fbe6234..00000000000 --- a/server/sonar-docs/src/images/sq-github-code-scanning-sync-2.png +++ /dev/null diff --git a/server/sonar-docs/src/images/sq-github-code-scanning-sync.png b/server/sonar-docs/src/images/sq-github-code-scanning-sync.png Binary files differdeleted file mode 100644 index 57af76c6299..00000000000 --- a/server/sonar-docs/src/images/sq-github-code-scanning-sync.png +++ /dev/null diff --git a/server/sonar-docs/src/images/successfulproject.png b/server/sonar-docs/src/images/successfulproject.png Binary files differdeleted file mode 100644 index 32565d36677..00000000000 --- a/server/sonar-docs/src/images/successfulproject.png +++ /dev/null diff --git a/server/sonar-docs/src/images/support-information-file.png b/server/sonar-docs/src/images/support-information-file.png Binary files differdeleted file mode 100644 index 99965b2e00a..00000000000 --- a/server/sonar-docs/src/images/support-information-file.png +++ /dev/null diff --git a/server/sonar-docs/src/images/twitter.svg b/server/sonar-docs/src/images/twitter.svg deleted file mode 100644 index 2a7fd9f93f7..00000000000 --- a/server/sonar-docs/src/images/twitter.svg +++ /dev/null @@ -1 +0,0 @@ -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 14.751 11.981"><path d="M14.751 1.423a6.335 6.335 0 0 1-1.516 1.563q.009.131.009.393a8.589 8.589 0 0 1-.356 2.429 8.779 8.779 0 0 1-1.081 2.326 9.144 9.144 0 0 1-1.727 1.97 7.689 7.689 0 0 1-2.415 1.367 8.838 8.838 0 0 1-3.023.51A8.4 8.4 0 0 1 0 10.624a6.468 6.468 0 0 0 .73.037 5.919 5.919 0 0 0 3.753-1.292 3.03 3.03 0 0 1-2.827-2.1 3.831 3.831 0 0 0 .571.047 3.128 3.128 0 0 0 .8-.1 2.974 2.974 0 0 1-1.736-1.044A2.921 2.921 0 0 1 .6 4.25v-.037a3 3 0 0 0 1.367.384 3.02 3.02 0 0 1-.983-1.076A3.03 3.03 0 0 1 1.031.554a8.57 8.57 0 0 0 2.757 2.232 8.424 8.424 0 0 0 3.477.931 3.358 3.358 0 0 1-.075-.693A3.026 3.026 0 0 1 12.422.955a5.928 5.928 0 0 0 1.919-.73 2.935 2.935 0 0 1-1.329 1.666 6.024 6.024 0 0 0 1.739-.468z" fill="#8a8c8f"/></svg>
\ No newline at end of file diff --git a/server/sonar-docs/src/images/version.png b/server/sonar-docs/src/images/version.png Binary files differdeleted file mode 100644 index 6ef2d7757f7..00000000000 --- a/server/sonar-docs/src/images/version.png +++ /dev/null diff --git a/server/sonar-docs/src/images/visualizations.png b/server/sonar-docs/src/images/visualizations.png Binary files differdeleted file mode 100644 index b53b37e49fe..00000000000 --- a/server/sonar-docs/src/images/visualizations.png +++ /dev/null diff --git a/server/sonar-docs/src/images/webapi.png b/server/sonar-docs/src/images/webapi.png Binary files differdeleted file mode 100644 index 46488a6cca0..00000000000 --- a/server/sonar-docs/src/images/webapi.png +++ /dev/null diff --git a/server/sonar-docs/src/images/youtube.png b/server/sonar-docs/src/images/youtube.png Binary files differdeleted file mode 100644 index 7eea318e148..00000000000 --- a/server/sonar-docs/src/images/youtube.png +++ /dev/null diff --git a/server/sonar-docs/src/layouts/index.tsx b/server/sonar-docs/src/layouts/index.tsx deleted file mode 100644 index 0434628c0d7..00000000000 --- a/server/sonar-docs/src/layouts/index.tsx +++ /dev/null @@ -1,103 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { graphql, StaticQuery } from 'gatsby'; -import * as React from 'react'; -import { MarkdownRemark, MarkdownRemarkConnection } from '../@types/graphql-types'; -import Footer from '../components/Footer'; -import HeaderListProvider from '../components/HeaderListProvider'; -import HeadingsLink from '../components/HeadingsLink'; -import Sidebar from '../components/Sidebar'; -import './layout.css'; - -const version = process.env.GATSBY_DOCS_VERSION || '1.0'; - -interface Props { - children: React.ReactNode; - location: Location; -} - -export default function Layout({ children, location }: Props) { - return ( - <div className="main-container"> - <div className="blue-bar" /> - <HeaderListProvider> - {({ headers }) => ( - <div className="layout-page"> - <div className="page-sidebar-inner"> - <StaticQuery - query={graphql` - { - allMarkdownRemark { - edges { - node { - id - headings { - depth - value - } - frontmatter { - title - nav - url - } - fields { - slug - } - html - } - } - } - } - `} - render={(data: { allMarkdownRemark: MarkdownRemarkConnection }) => - data.allMarkdownRemark && - data.allMarkdownRemark.edges && ( - <Sidebar - location={location} - pages={ - data.allMarkdownRemark.edges - .map(e => e.node) - .filter( - n => - n && - n.fields && - n.fields.slug && - !n.fields.slug.startsWith('/tooltips') - ) as MarkdownRemark[] - } - version={version} - /> - ) - } - /> - </div> - <div className="page-main"> - <div className="page-container"> - <HeadingsLink headers={headers} /> - <div className="markdown-container">{children}</div> - </div> - <Footer /> - </div> - </div> - )} - </HeaderListProvider> - </div> - ); -} diff --git a/server/sonar-docs/src/layouts/layout.css b/server/sonar-docs/src/layouts/layout.css deleted file mode 100644 index f3a1fda781b..00000000000 --- a/server/sonar-docs/src/layouts/layout.css +++ /dev/null @@ -1,725 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -html, -body, -#___gatsby, -#___gatsby > div, -.main-container { - height: 100%; -} - -iframe { - width: 100%; - border: 0; - overflow-y: auto; - height: 70vh; -} - -.blue-bar { - background: #4c9bd6; - height: 5px; - position: fixed; - width: 100%; - z-index: 100; -} - -.layout-page { - align-items: stretch; - display: flex; - flex-grow: 1; - height: 100%; - width: 100%; -} - -.page-sidebar { - background-color: #f9f9fb; - flex-grow: 0; - flex-shrink: 0; - height: 100%; - padding: 26px; - padding-bottom: 0; - width: 320px; - display: flex; - flex-direction: column; -} - -.page-sidebar-inner { - background-color: #f9f9fb; - height: 100%; - overflow: auto; - position: fixed; -} - -.sidebar-header { - border-bottom: 1px solid #cfd3d7; - padding-bottom: 10px; - margin-right: -6px; -} - -.sidebar-logo { - vertical-align: top; - margin: 0; -} - -.sidebar-footer { - border-top: 1px solid #cfd3d7; - flex-grow: 0; - font-size: 12px; -} - -.sidebar-footer a { - position: relative; - display: inline-block; - text-decoration: none; - color: rgba(0, 0, 0, 0.8); - line-height: 30px; - margin: 10px 10px 10px -8px; - padding: 0 8px; - border-radius: 3px; -} - -.sidebar-footer a img, -.sidebar-footer a svg { - height: 16px; - color: #8a8c8f; - margin-right: 5px; - margin-bottom: 0; - transform: translateY(2px); -} - -.sidebar-footer a.icon-only img { - height: 12px; - margin-right: 0; -} - -.sidebar-footer a:hover { - background: #e8eff5; -} - -.page-sidebar .alert { - margin: 16px 0; -} - -.page-sidebar a .tooltip { - opacity: 0; - background: rgba(0, 0, 0, 0.8); - color: #fff; - font-size: 12px; - border-radius: 3px; - line-height: 24px; - padding: 0 8px; - position: absolute; - top: -30px; - left: -50px; - white-space: nowrap; - transition: opacity 0.2s ease; -} - -.page-sidebar a .tooltip:after { - top: 100%; - right: 20px; - border: solid transparent; - content: ' '; - height: 0; - width: 0; - position: absolute; - pointer-events: none; - border-color: rgba(0, 0, 0, 0); - border-top-color: rgba(0, 0, 0, 0.8); - border-width: 6px; - margin-left: -6px; -} - -.page-sidebar a:hover .tooltip { - opacity: 1; - display: block; -} - -.page-main { - background: white; - display: flex; - flex-direction: column; - flex-grow: 1; - margin-left: 330px; - min-height: 100%; - min-width: 740px; - padding: 20px 20px 0 20px; - z-index: 50; -} - -.search-container { - position: relative; -} - -.search-container button { - position: absolute; - right: 8px; - top: 50%; - margin-top: -12px; - height: 16px; - width: 16px; - background: transparent; - border: none; - cursor: pointer; - outline: none; - border-radius: 3px; - transition: border-color 0.2s ease, box-shadow 0.2s ease; -} - -.search-container button svg { - position: absolute; - top: 4px; - left: 4px; -} - -.search-container button:hover, -.search-container button:focus { - background-color: #989898; -} - -.search-container button:hover svg, -.search-container button:focus svg { - color: #fff; -} - -.search-container button:focus { - box-shadow: 0 0 0 3px rgba(35, 106, 151, 0.25); -} - -.search-input { - border: 1px solid #cfd3d7; - border-radius: 2px; - width: calc(100% - 10px); - margin-left: 10px; - margin-bottom: 10px; - padding: 0 30px 0 10px; - font-size: 14px; - line-height: 30px; - outline: none; -} - -.search-input:focus, -.search-input:hover { - border: 1px solid #8a8c8f; -} - -a.search-result { - color: #444; - font-weight: normal; - text-decoration: none; - display: block; - padding: 8px; - margin-right: -10px; -} - -a.search-result.active, -a.search-result.active mark { - color: #2679af; -} - -a.search-result:hover { - background: #e8eff5; - border-radius: 3px; -} - -a.search-result mark { - color: #444; - font-weight: 700; - background: 0 0; -} - -a.search-result .note { - margin: 6px 0; - font-size: 12px; -} - -.page-indexes { - padding: 16px 20px 50px 16px; - margin: 10px -26px 0 -26px; - flex-grow: 1; - overflow: auto; -} - -.page-indexes > div > a.search-result { - margin: 0 -4px 0 4px; -} - -.page-indexes-link { - color: #2d3032; - font-size: 16px; - font-weight: 500; - line-height: 35px; - margin: 0; - padding: 0 10px; - margin-right: -10px; - border-radius: 3px; - transition: all 0.2s ease; -} - -.page-indexes-link:hover { - background-color: #e8eff5; - color: #2679af; -} - -.page-indexes-link.active { - font-weight: 700; - color: #2679af; -} - -.page-indexes-link, -.sub-menu-link { - color: inherit; - text-decoration: inherit; - display: block; -} - -.sub-menu .page-indexes-link, -.sub-menu .sub-menu { - margin-left: -10px; -} - -.page-indexes-link svg { - float: right; - transform: translateY(9px); -} - -.sub-menu { - padding: 0 0 10px 22px; -} - -.sub-menu-link { - font-size: 14px; - line-height: 26px; - margin: 0; - text-overflow: ellipsis; - overflow-x: hidden; - white-space: nowrap; -} - -.sub-menu-link:hover, -.sub-menu-link.active { - color: #2679af; -} - -.sub-menu-link.active { - font-weight: 700; -} - -.page-container { - max-width: 900px; - min-width: 320px; - padding-left: 16px; - padding-right: 16px; - font-size: 15px; - flex-grow: 1; - margin: 0 auto; -} - -.page-container .headings-container { - width: 200px; - float: right; - margin-top: 80px; -} - -.page-container .headings-container-fixed { - position: fixed; - width: inherit; - padding-left: 26px; - border-left: 1px solid #cfd3d7; - z-index: 100; - background: white; -} - -.page-container .headings-container span { - font-weight: 700; -} - -.page-container .headings-container ul { - margin: 10px 0 0 0; - padding: 0; -} - -.page-container .headings-container li { - list-style: none; - margin: 0 0 8px; - line-height: 16px; -} - -.page-container .headings-container a { - color: rgba(0, 0, 0, 0.8); - display: block; - font-size: 13px; - color: #2d3032; - text-decoration: inherit; - border-bottom: none !important; -} - -.page-container .headings-container a.active, -.page-container .headings-container a:hover { - color: #2679af; -} - -.page-container .headings-container a.active { - font-weight: 700; -} - -.markdown-container { - width: 680px; - margin: 0 auto; - padding-top: 24px; - padding-bottom: 24px; -} - -.headings-container + .markdown-container { - max-width: 900px; - width: auto; - padding-right: 220px; -} - -.markdown-content img[src$='.svg'] { - position: relative; - top: -2px; - vertical-align: text-bottom; -} - -.page-container h1 { - font-size: 26px; - font-weight: 700; -} - -.page-container h2 { - font-size: 21px; - font-weight: 700; -} - -.page-container h3 { - font-size: 18px; - font-weight: 700; -} - -.page-container h2, -.page-container h3 { - margin-top: 32px; - margin-bottom: 14px; -} - -.page-container p { - margin-bottom: 14px; -} - -.page-container ul { - margin-bottom: 14px; - padding-left: 16px; -} - -.page-container li { - margin-bottom: 6px; -} - -.page-container li p { - margin-bottom: 0; -} - -.page-container li ul { - margin-top: 8px; -} - -.page-container pre { - white-space: pre-wrap; - word-wrap: break-word; -} - -.page-footer { - border-top: 1px solid #ced2d6; - font-size: 13px; - margin: 0 auto; - margin: 10px 10px 0 10px; - padding: 12px 0; -} -.page-footer img { - float: right; - margin-left: 10px; -} - -.version-select { - position: relative; - font-size: 19px; - margin-top: 12px; - max-width: calc(100% - 160px); - text-align: right; - float: right; - border-radius: 4px; -} - -.version-select > button { - padding: 2px 4px; - background: transparent; - border: 0; - cursor: pointer; - outline: none; -} - -.version-select:hover { - background: #e8eff5; -} - -.version-select ul { - z-index: 1000; - position: absolute; - display: block; - top: 100%; - margin-top: 4px; - right: 0; - border: 1px solid #cfd3d7; - background: white; - text-align: left; - border-radius: 4px; -} - -.version-select ul li { - list-style: none; - font-size: 15px; - margin: 0; - padding: 4px 16px; - text-align: left; - transition: all 0.2s ease; - white-space: nowrap; -} - -.version-select ul li:hover { - background: #f3f3f3; -} - -.version-select ul li span { - color: #b58a13; - font-weight: 700; -} - -.version-select ul li span.current { - color: #499cd2; -} - -.version-select ul li a { - color: inherit; - text-decoration: inherit; -} - -.version-select span { - color: #b58a13; - font-weight: bold; - padding-right: 4px; -} - -.version-select span.current { - color: #499cd2; -} - -.targetted-heading { - border-left: 4px solid #499cd2; - margin-left: -10px; - padding-left: 6px; -} - -.alert { - display: block; - margin: 0 -1em 1.5rem; - padding: 1em; - border: 1px solid #3e7fb7; - background-image: url(../images/info.svg); - background-color: #edf6fc; - background-position: 10px 15px; - background-repeat: no-repeat; - background-size: 24px; - padding-left: 40px; - color: #000; - border-radius: 3px; -} - -.alert a { - padding-bottom: 1px; - text-decoration: none; - transition: border-bottom-color 0.2s ease 0s; - border-bottom: 1px solid rgba(62, 127, 183, 0.3); - color: #3e7fb7; - font-weight: bold; -} - -.alert a:hover, -.alert a:focus { - border-bottom: 1px solid #0d476c; - color: #0d476c; -} - -.alert > p { - margin: 0; -} - -.alert-danger { - border-color: #d75a4a; - background-color: #fcedec; - background-image: url(../images/cross.svg); -} - -.alert-danger a { - border-bottom: 1px solid rgba(215, 90, 74, 0.3); - color: #d75a4a; -} - -.alert-danger a:hover, -.alert-danger a:focus { - border-bottom: 1px solid #a82f1f; - color: #a82f1f; -} - -.alert-warning { - border-color: #c99916; - background-color: #ffefbc; - background-image: url(../images/alerts/danger.svg); -} - -.alert-warning a { - border-bottom: 1px solid rgba(201, 153, 22, 0.3); - color: #c99916; -} - -.alert-warning a:hover, -.alert-warning a:focus { - border-bottom: 1px solid #9b7713; - color: #9b7713; -} - -.alert-success { - border-color: #3ec92c; - background-color: #ecfcf2; - background-image: url(../images/check.svg); -} - -.alert-success a { - border-bottom: 1px solid rgba(62, 201, 44, 0.3); - color: #3ec92c; -} - -.alert-success a:hover, -.alert-success a:focus { - border-bottom: 1px solid #138b04; - color: #138b04; -} - -.alert svg { - vertical-align: middle; - transform: translateY(-1px); -} - -.page-sidebar .alert { - margin-top: 16px; - font-size: 12px; -} - -.page-container a, -.page-footer a { - text-decoration: none; - color: #347cab; - border-bottom: 1px solid rgba(52, 124, 171, 0.3); - transition: all 0.2s ease 0s; -} - -.page-container a:hover, -.page-container a:focus, -.page-footer a:hover, -.page-footer a:focus { - border-bottom: 1px solid #0d476c; - color: #0d476c; -} - -.page-container p { - font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, - 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; -} - -ul > ul { - margin-bottom: 0 !important; -} - -.page-container pre { - border: 1px solid #e6e6e6; - border-radius: 2px; - background-color: #f9f9fb; - padding: 12px; - margin: 0 0 1.5rem; - line-height: 16px; -} - -.page-container pre code { - font-size: 12px; -} - -.collapse { - border: 1px solid #e6e6e6; - border-radius: 2px; - background-color: #f9f9fb; - padding: 12px; - margin: 0 0 1.5rem; -} - -.collapse div > a:first-child { - background: url(../images/open.svg) no-repeat 0 50%; - padding-left: 20px; - display: block; - color: #4c9bd6; - display: block; - cursor: pointer; - margin-bottom: 0.5rem; - font-size: 16px; - text-decoration: none; - border-bottom: none; - transition: all 0.2s ease 0s; -} - -.collapse div > a:first-child:hover { - color: #195f8d; -} - -.collapse.close div > a:first-child { - background: url(../images/close.svg) no-repeat 0 50%; -} - -.collapse.close div > * { - display: none; -} - -.collapse.close div > a:first-child { - margin: 0; -} - -.collapse div *:last-child { - margin-bottom: 0; -} - -.collapse div .alert { - margin: 0 0.5em 1.5rem; -} - -img[src$='/images/exclamation.svg'], -img[src$='/images/check.svg'], -img[src$='/images/cross.svg'], -img[src$='/images/info.svg'] { - margin-bottom: 0; - top: 0 !important; -} diff --git a/server/sonar-docs/src/pages/404.md b/server/sonar-docs/src/pages/404.md deleted file mode 100644 index ef227477acb..00000000000 --- a/server/sonar-docs/src/pages/404.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -title: Page not found -nav: Not found -url: /404/ ---- - -# Error - -This page does not exist diff --git a/server/sonar-docs/src/pages/analysis/analysis-parameters.md b/server/sonar-docs/src/pages/analysis/analysis-parameters.md deleted file mode 100644 index 58a63573012..00000000000 --- a/server/sonar-docs/src/pages/analysis/analysis-parameters.md +++ /dev/null @@ -1,115 +0,0 @@ ---- -title: Analysis Parameters -url: /analysis/analysis-parameters/ ---- - -Project analysis settings can be configured in multiple places. Here is the hierarchy in order of precedence: - - - -1. *Global properties*: Apply to all projects. Defined in the UI in **Administration > Configuration > General Settings** - -2. *Project properties*: Apply to one project only. At project level, defined in the UI in **Project Settings > General Settings** - -3. *Project analysis parameters*: Defined in a project analysis configuration file or scanner configuration file - -4. *Analysis / Command line parameters*: Defined when launching an analysis with `-D` on the command line - -Note that only parameters set through the UI are stored in the database. -For example, if you override the `sonar.exclusions` parameter via command line for a specific project, it will not be stored in the database. Subsequent analyses, or analyses in SonarLint with connected mode, would still be executed with the exclusions defined in the UI and therefore stored in the DB. - -Most of the property keys shown in the interface at both global and project levels can also be set as analysis parameters, but the parameters listed below can _only_ be set at analysis time. - -For language-specific parameters related to test coverage and execution, see [Test Coverage](/analysis/coverage/). -For language-specific parameters related to external issue reports, see [External Issues](/analysis/external-issues/). - -[[info]] -| Analysis parameters are case-sensitive. - -## Mandatory Parameters - -### Server -Key | Description | Default ----|----|--- -`sonar.host.url`| the server URL | http://localhost:9000 - -### Project Configuration -Key | Description | Default ----|----|--- -`sonar.projectKey`|The project's unique key. Allowed characters are: letters, numbers, `-`, `_`, `.` and `:`, with at least one non-digit. | For Maven projects, this defaults to `<groupId>:<artifactId>` - -## Optional Parameters - -### Project Identity -Key | Description | Default ----|----|--- -`sonar.projectName`|Name of the project that will be displayed on the web interface.|`<name>` for Maven projects, otherwise project key. If not provided and there is already a name in the DB, it won't be overwritten. -`sonar.projectVersion` | The project version. | `<version>` for Maven projects, otherwise "not provided". _Do not use_ your build number as `sonar.projectVersion`. - -### Authentication -By default, user authentication is required to prevent anonymous users from browsing and analyzing projects on your instance, and you need to pass these parameters when running analyses. Authentication is enforced in the global Security(/instance-administration/security/) settings. - -When authentication is required or the "Anyone" pseudo-group does not have permission to perform analyses, you'll need to supply the credentials of a user with Execute Analysis permissions for the analysis to run under. - -Key | Description | Default ----|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--- -`sonar.login` | The [authentication token](/user-guide/user-token/) or login of a SonarQube user with either Execute Analysis permission on the project or Global Execute Analysis permission. | -`sonar.password` | If you're using an authentication token, leave this blank. If you're using a login, this is the password that goes with your `sonar.login` username. | - -### Web Services -Key | Description | Default ----|----|--- -`sonar.ws.timeout` | Maximum time to wait for the response of a Web Service call (in seconds). Modifying this value from the default is useful only when you're experiencing timeouts during analysis while waiting for the server to respond to Web Service calls. | 60 - -### Project Configuration -Key | Description | Default ----|----|--- -`sonar.projectDescription` | The project description. | `<description>` for Maven projects -`sonar.links.homepage` | Project home page. | `<url>` for Maven projects -`sonar.links.ci` | Continuous integration. | `<ciManagement><url>` for Maven projects -`sonar.links.issue` | Issue tracker. | `<issueManagement><url>` for Maven projects -`sonar.links.scm` | Project source repository. | `<scm><url>` for Maven projects -`sonar.sources` | Comma-separated paths to directories containing main source files. | Read from build system for Maven, Gradle, MSBuild projects. Defaults to project base directory when neither `sonar.sources` nor `sonar.tests` is provided. -`sonar.tests` | Comma-separated paths to directories containing test source files. | Read from build system for Maven, Gradle, MSBuild projects. Else default to empty. -`sonar.sourceEncoding` | Encoding of the source files. Ex: `UTF-8`, `MacRoman`, `Shift_JIS`. This property can be replaced by the standard property `project.build.sourceEncoding` in Maven projects. The list of available encodings depends on your JVM. | System encoding -`sonar.externalIssuesReportPaths` | Comma-delimited list of paths to Generic Issue reports. | -`sonar.projectDate` | Assign a date to the analysis. This parameter is only useful when you need to retroactively create the history of a not-analyzed-before project. The format is `yyyy-MM-dd`, for example: 2010-12-01. Since you cannot perform an analysis dated prior to the most recent one in the database, you must analyze recreate your project history in chronological order, oldest first.  Note: You may need to adjust your housekeeping settings if you wish to create a long-running history. | Current date -`sonar.projectBaseDir` | Use this property when you need analysis to take place in a directory other than the one from which it was launched. E.G. analysis begins from `jenkins/jobs/myjob/workspace` but the files to be analyzed are in `ftpdrop/cobol/project1`. The path may be relative or absolute. Specify not the the source directory, but some parent of the source directory. The value specified here becomes the new "analysis directory", and other paths are then specified as though the analysis were starting from the specified value of `sonar.projectBaseDir`. Note that the analysis process will need write permissions in this directory; it is where the `sonar.working.directory` will be created. | -`sonar.working.directory` | Set the working directory for an analysis triggered with the SonarScanner or the SonarScanner for Ant (versions greater than 2.0). This property is not compatible with the SonarScanner for MSBuild. Path must be relative, and unique for each project.  Beware: the specified folder is deleted before each analysis. | `.scannerwork` -`sonar.scm.provider` | This property can be used to explicitly tell SonarQube which SCM you're using on the project (in case auto-detection doesn't work). The value of this property is always lowercase and depends on the SCM (ex. "git" if you're using Git). Check the [SCM integration](/analysis/scm-integration/) documentation for more. | -`sonar.scm.forceReloadAll` | By default, blame information is only retrieved for changed files. Set this property to `true` to load blame information for all files. This can be useful is you feel that some SCM data is outdated but SonarQube does not get the latest information from the SCM engine. | -`sonar.scm.exclusions.disabled`| For supported engines, files ignored by the SCM, i.e. files listed in `.gitignore`, will automatically be ignored by analysis too. Set this property to `true` to disable that feature. SCM exclusions are always disabled if `sonar.scm.disabled` is set to `true`. | -`sonar.scm.revision`| Overrides the revision, for instance the Git sha1, displayed in analysis results. By default value is provided by the CI environment or guessed by the checked-out sources.| -`sonar.buildString`| The string passed with this property will be stored with the analysis and available in the results of `api/project_analyses/search`, thus allowing you to later identify a specific analysis and obtain its ID for use with `api/project_analyses/set_baseline`. | | -`sonar.analysis.[yourKey]`| This property stub allows you to insert custom key/value pairs into the analysis context, which will also be passed forward to [webhooks](/project-administration/webhooks/). | | -`sonar.newCode.referenceBranch`| Sets the [New Code](/project-administration/new-code-period/) definition to `Reference Branch` for this analysis, overriding the configuration on the server. The `New Code` will be calculated based on the differences between the branch under analysis and the provided branch. This parameter is intended to be set in a configuration file (ex: `sonar-project.properties`), specific to a given branch. -`sonar.filesize.limit`| Sets the limit in MB for files to be discarded from the analysis scope if the size is greater than specified. | 20 - -### Duplications -Key | Description | Default ----|----|--- -`sonar.cpd.${language}.minimumTokens` | A piece of code is considered duplicated as soon as there are at least 100 duplicated tokens in a row (override with `sonar.cpd.${language}.minimumTokens`) spread across at least 10 lines of code (override with `sonar.cpd.${language}.minimumLines`). For Java projects, a piece of code is considered duplicated when there is a series of at least 10 statements in a row, regardless of the number of tokens and lines. This threshold cannot be overridden. | 100 -`sonar.cpd.${language}.minimumLines` | (see above) | 10 - - -### Analysis Logging -Key | Description | Default ----|----|--- -`sonar.log.level` | Control the quantity / level of logs produced during an analysis. `DEBUG`: Display `INFO` logs + more details at `DEBUG` level. Similar to `sonar.verbose=true`. `TRACE`: Display `DEBUG` logs + the timings of all ElasticSearch queries and Web API calls executed by the SonarScanner. | `INFO` -`sonar.verbose` | Add more detail to both client and server-side analysis logs. Activates `DEBUG` mode for the scanner, and adds client-side environment variables and system properties to server-side log of analysis report processing. NOTE: There is the potential for this setting to expose sensitive information such as passwords if they are stored as server-side environment variables. | false -`sonar.scanner.dumpToFile` | Outputs to the specified file the full list of properties passed to the scanner API as a means to debug analysis. | -`sonar.scanner.metadataFilePath` | Set the location where the scanner writes the `report-task.txt` file containing among other things the `ceTaskId`. | value of `sonar.working.directory` - -### Quality Gate -Key | Description | Default ----|----|--- -`sonar.qualitygate.wait` | Forces the analysis step to poll the SonarQube instance and wait for the Quality Gate status. If there are no other options, you can use this to fail a pipeline build when the Quality Gate is failing. See the [CI Integration](/analysis/ci-integration-overview/) page for more information. | -`sonar.qualitygate.timeout` | Sets the number of seconds that the scanner should wait for a report to be processed. | 300 - -### Deprecated -[[danger]] -| These parameters are listed for completeness, but are deprecated and should not be used in new analyses. - -Key | Description ----|----|--- -`sonar.links.scm_dev` **Deprecated since SQ 7.1** | Developer connection. | `<scm><developerConnection>` for Maven projects diff --git a/server/sonar-docs/src/pages/analysis/azuredevops-integration.md b/server/sonar-docs/src/pages/analysis/azuredevops-integration.md deleted file mode 100644 index d3343fe1a64..00000000000 --- a/server/sonar-docs/src/pages/analysis/azuredevops-integration.md +++ /dev/null @@ -1,352 +0,0 @@ ---- -title: Azure DevOps Integration -url: /analysis/azuredevops-integration/ ---- -SonarQube's integration with Azure DevOps allows you to maintain code quality and security in your Azure DevOps repositories. It is compatible with both Azure DevOps Server and Azure DevOps Services. - -With this integration, you'll be able to: - -- **Import your Azure DevOps repositories** - Import your Azure DevOps repositories into SonarQube to easily set up SonarQube projects. -- **Analyze projects with Azure Pipelines** - Integrate analysis into your build pipeline. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), the SonarQube Extension running in Azure Pipelines jobs can automatically detect branches or pull requests being built, so you don't need to specifically pass them as parameters to the scanner. -- **Report your Quality Gate status to your pull requests** - (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in Azure DevOps so you know if it's safe to merge your changes. - -## Prerequisites -Integration with Azure DevOps Server requires Azure DevOps Server 2020, Azure DevOps Server 2019, TFS 2018, or TFS 2017 Update 2 (including _Express_ editions). - -### Branch Analysis -Community Edition doesn't support the analysis of multiple branches, so you can only analyze your main branch. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and pull requests. - -## Importing your Azure DevOps repositories into SonarQube -Setting up the import of Azure DevOps repositories into SonarQube allows you to easily create SonarQube projects from your Azure DevOps repositories. If you're using [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above, this is also the first step in adding pull request decoration. - -To set up the import of Azure DevOps repositories: - -1. Set your global DevOps Platform settings -2. Add a personal access token for importing repositories - -### Setting your global settings -To import your Azure DevOps repositories into SonarQube, you need to first set your global SonarQube settings. Navigate to **Administration > Configuration > General Settings > DevOps Platform Integrations**, select the **Azure DevOps** tab, and click the **Create configuration** button. Specify the following settings: - -- **Configuration Name** (Enterprise and Data Center Edition only) – The name used to identify your Azure DevOps configuration at the project level. Use something succinct and easily recognizable. -- **Azure DevOps collection/organization URL** – If you are using Azure DevOps Server, provide your full Azure DevOps collection URL. For example, `https://ado.your-company.com/DefaultCollection`. If you are using Azure DevOps Services, provide your full Azure DevOps organization URL. For example, `https://dev.azure.com/your_organization`. -- **Personal Access Token** – An Azure DevOps user account is used to decorate Pull Requests. We recommend using a dedicated Azure DevOps account with Administrator permissions. You need a [personal access token](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=tfs-2017&tabs=preview-page) from this account with the scope authorized for **Code > Read & Write** for the repositories that will be analyzed. Administrators can encrypt this token at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. - - This personal access token is used to report your Quality Gate status to your pull requests. You'll be asked for another personal access token for importing projects in the following section. - -### Adding a personal access token for importing repositories -After setting your global settings, you can add a project from Azure DevOps by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and selecting **Azure DevOps**. - -Then, you'll be asked to provide a personal access token with `Code (Read & Write)` scope so SonarQube can access and list your Azure DevOps projects. This token will be stored in SonarQube and can be revoked at anytime in Azure DevOps. - -After saving your personal access token, you'll see a list of your Azure DevOps projects that you can **set up** to add them to SonarQube. Setting up your projects this way also sets your project settings for pull request decoration. - -For information on analyzing your projects with Azure Pipelines, see the **Analyzing projects with Azure Pipelines** section below. - -## Analyzing projects with Azure Pipelines -The SonarQube Extension running in Azure Pipelines jobs can automatically detect branches or pull requests being built, so you don't need to specifically pass them as parameters to the scanner. - -[[info]] -| Automatic branch detection is only available when using Git. - -### Installing your extension -From Visual Studio Marketplace, install the [SonarQube extension](https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarqube) by clicking the **Get it free** button. - -#### **Azure DevOps Server - build agents** - -If you are using [Microsoft-hosted build agents](https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops) then there is nothing else to install. The extension will work with all of the hosted agents (Windows, Linux, and macOS). - -If you are self-hosting the build agents, make sure you have at least the minimum SonarQube-supported version of Java installed. - -### Adding a new SonarQube Service Endpoint -After installing your extension, you need to declare your SonarQube server as a service endpoint in your Azure DevOps project settings: - -1. In Azure DevOps, go to **Project Settings > Service connections**. -2. Click **New service connection** and select **SonarQube** from the service connection list. -3. Enter your SonarQube **Server URL**, an [Authentication Token](/user-guide/user-token/), and a memorable **Service connection name**. Then, click **Save**. - -### Configuring branch analysis -After adding your SonarQube service endpoint, you'll need to configure branch analysis. You'll use the following tasks in your build definitions to analyze your projects: - -- **Prepare Analysis Configuration** - This task configures the required settings before executing the build. - -- **Run Code Analysis** - (Not used in Maven or Gradle projects) This task executes the analysis of source code. - -- **Publish Quality Gate Result** - this task displays the Quality Gate status in the build summary letting you know if your code meets quality standards for production. This task may increase your build time as your pipeline has to wait for SonarQube to process the analysis report. It is highly recommended but optional. - -Select your build technology below to expand the instructions for configuring branch analysis and to see an example `.yml` file. - -[[collapse]] -| ## .NET -| 1. In Azure DevOps, create or edit a **Build Pipeline**, and add a new **Prepare Analysis Configuration** task _before_ your build task: -| - Select the SonarQube server endpoint you created in the **Adding a new SonarQube Service Endpoint** section. -| - Under **Choose a way to run the analysis**, select **Integrate with MSBuild**. -| - In the **project key** field, enter your project key. -| 1. Add a new **Run Code Analysis** task _after_ your build task. -| 1. Add a new **Publish Quality Gate Result** on your build pipeline summary. -| 1. Under the **Triggers** tab of your pipeline, check **Enable continuous integration**, and select all of the branches for which you want SonarQube analysis to run automatically. -| 1. Save your pipeline. -| -| **.yml example**: -| ``` -| trigger: -| - master # or the name of your main branch -| - feature/* -| -| steps: -| # Prepare Analysis Configuration task -| - task: SonarQubePrepare@5 -| inputs: -| SonarQube: 'YourSonarqubeServerEndpoint' -| scannerMode: 'MSBuild' -| projectKey: 'YourProjectKey' -| -| # Run Code Analysis task -| - task: SonarQubeAnalyze@5 -| -| # Publish Quality Gate Result task -| - task: SonarQubePublish@5 -| inputs: -| pollingTimeoutSec: '300' -| ``` - -[[collapse]] -| ## Maven or Gradle -| 1. In Azure DevOps, create or edit a **Build Pipeline**, and add a new **Prepare Analysis Configuration** task _before_ your build task: -| - Select the SonarQube server endpoint you created in the **Adding a new SonarQube Service Endpoint** section. -| - Under **Choose a way to run the analysis**, select **Integrate with Maven or Gradle**. -| - Expand the **Advanced section** and replace the **Additional Properties** with the following snippet: -| ``` -| # Additional properties that will be passed to the scanner, -| # Put one key=value per line, example: -| # sonar.exclusions=**/*.bin -| sonar.projectKey=YourProjectKey -| ``` -| 2. Edit or add a new Maven or Gradle task -| - Under **Code Analysis**, check **Run SonarQube or SonarCloud Analysis**. -| 3. Add a new **Publish Quality Gate Result** on your build pipeline summary. -| 4. Under the **Triggers** tab of your pipeline, check **Enable continuous integration**, and select all of the branches for which you want SonarQube analysis to run automatically. -| 5. Save your pipeline. -| -| **.yml example**: -| ``` -| trigger: -| - master # or the name of your main branch -| - feature/* -| -| steps: -| # Prepare Analysis Configuration task -| - task: SonarQubePrepare@5 -| inputs: -| SonarQube: 'YourSonarqubeServerEndpoint' -| scannerMode: 'Other' -| extraProperties: 'sonar.projectKey=YourProjectKey' -| -| # Publish Quality Gate Result task -| - task: SonarQubePublish@5 -| inputs: -| pollingTimeoutSec: '300' -| ``` - -[[collapse]] -| ## Other (JavaScript, TypeScript, Go, Python, PHP, etc.) -| 1. In Azure DevOps, create or edit a **Build Pipeline**, and add a new **Prepare Analysis Configuration** task _before_ your build task: -| - Select the SonarQube server endpoint you created in the **Adding a new SonarQube Service Endpoint** section. -| - Under **Choose a way to run the analysis**, select **Use standalone scanner**. -| - Select the **Manually provide configuration** mode. -| - In the **project key** field, enter your project key. -| 1. Add a new **Run Code Analysis** task _after_ your build task. -| 1. Add a new **Publish Quality Gate Result** on your build pipeline summary. -| 1. Under the **Triggers** tab of your pipeline, check **Enable continuous integration**, and select all of the branches for which you want SonarQube analysis to run automatically. -| 1. Save your pipeline. -| -| **.yml example**: -| ``` -| trigger: -| - master # or the name of your main branch -| - feature/* -| -| steps: -| # Prepare Analysis Configuration task -| - task: SonarQubePrepare@5 -| inputs: -| SonarQube: 'YourSonarqubeServerEndpoint' -| scannerMode: 'CLI' -| configMode: 'manual' -| cliProjectKey: 'YourProjectKey' -| -| # Run Code Analysis task -| - task: SonarQubeAnalyze@5 -| -| # Publish Quality Gate Result task -| - task: SonarQubePublish@5 -| inputs: -| pollingTimeoutSec: '300' -| ``` - -[[collapse]] -| ## Analyzing a C/C++/Obj-C project -| In your build pipeline, insert the following steps in the order they appear here. These steps can be interweaved with other steps of your build as long as the following order is followed. All steps have to be executed on the same agent. -| -| 1. Make the **Build Wrapper** available on the build agent: -| -| Download and unzip the **Build Wrapper** on the build agent (see the **Prerequisites** section of the [C/C++/Objective-C](/analysis/languages/cfamily/) page). The archive to download and decompress depends on the platform of the host. -| Please, note that: -| - For the Microsoft-hosted build agent, you will need to make the **Build Wrapper** available on the build agent every time (as part of the build pipeline). To accomplish this, you can add a **PowerShell script** task by inserting a **Command Line** task. -| Example of PowerShell commands on a Windows host: -| ``` -| Invoke-WebRequest -Uri '<sonarqube_url>/static/cpp/build-wrapper-win-x86.zip' -OutFile 'build-wrapper.zip' -| Expand-Archive -Path 'build-wrapper.zip' -DestinationPath '.' -| ``` -| Example of bash commands on a Linux host: -| ``` -| curl '<sonarqube_url>/static/cpp/build-wrapper-linux-x86.zip' --output build-wrapper.zip -| unzip build-wrapper.zip -| ``` -| Example of bash commands on a macos host: -| ``` -| curl '<sonarqube_url>/static/cpp/build-wrapper-macosx-x86.zip' --output build-wrapper.zip -| unzip build-wrapper.zip -| ``` -| - For the self-hosted build agent you can either download it every time (using the same scripts) or only once (as part of manual setup of build agent). -| 1. Add a **Prepare analysis Configuration** task and configure it as follow: -| Click on the **Prepare analysis on SonarQube** task to configure it: -| * Select the **SonarQube Server** -| * In *Choose the way to run the analysis*, select *standalone scanner* (even if you build with *Visual Studio*/*MSBuild*) -| * In *Additional Properties* in the *Advanced* section, add the property `sonar.cfamily.build-wrapper-output` with, as its value, the output directory to which the Build Wrapper should write its results: `sonar.cfamily.build-wrapper-output=<output directory>` -| 1. Add a **Command Line** task to run your build. -| For the analysis to happen, your build has to be run through a command line so that it can be wrapped-up by the build-wrapper. -| To do so, -| * Run **Build Wrapper** executable. Pass in as the arguments (1) the output directory configured in the previous task and (2) the command that runs a clean build of your project (not an incremental build). -| Example of PowerShell commands on a Windows host with an *MSBuild* build: -| ``` -| build-wrapper-win-x86/build-wrapper-win-x86-64.exe --out-dir <output directory> MSBuild.exe /t:Rebuild -| ``` -| Example of bash commands on a Linux host with a *make* build: -| ``` -| build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir <output directory> make clean all -| ``` -| Example of bash commands on a macos host with a *xcodebuild* build: -| ``` -| build-wrapper-macosx-x86/build-wrapper-macos-x86 --out-dir <output directory> xcodebuild -project myproject.xcodeproj -configuration Release clean build -| ``` -| 1. Add a **Run Code Analysis** task to run the code analysis and make the results available to SonarQube. Consider running this task right after the previous one as the build environment should not be significantly altered before running the analysis. -| 1. Add a **Publish Quality Gate Result** task. -| -| **.yml example**: -| ``` -| trigger: -| - master # or the name of your main branch -| - feature/* -| -| steps: -| # Make Build Wrapper available -| - task: Bash@3 -| displayName: Download Build Wrapper -| inputs: -| targetType: inline -| script: > -| curl '<SONARQUBE_HOST>/static/cpp/build-wrapper-linux-x86.zip' --output build-wrapper.zip -| unzip build-wrapper.zip -| -| # Prepare Analysis Configuration task -| - task: SonarQubePrepare@5 -| inputs: -| SonarQube: 'YourSonarqubeServerEndpoint' -| scannerMode: 'CLI' -| configMode: 'manual' -| cliProjectKey: 'YourProjectKey' -| extraProperties: "sonar.cfamily.build-wrapper-output=bw_output" -| # Command Line task to run your build. -| - task: Bash@3 -| displayName: Bash Script -| inputs: -| targetType: inline -| script: > -| ./build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir bw_output <Your build command> -| -| # Run Code Analysis task -| - task: SonarQubeAnalyze@5 -| -| # Publish Quality Gate Result task -| - task: SonarQubePublish@5 -| inputs: -| pollingTimeoutSec: '300' -| ``` -| *Note: You need to choose your correct image and adapt the correct wrapper depending on the agent os. See above example to have the correct wrapper.* - -### Running your pipeline -Commit and push your code to trigger the pipeline execution and SonarQube analysis. New pushes on your branches (and pull requests if you set up pull request analysis) trigger a new analysis in SonarQube. - -### Maintaining pull request code quality and security -Using pull requests allows you to prevent unsafe or substandard code from being merged with your main branch. The following branch policies can help you maintain your code quality and safety by analyzing code and identifying issues in all of the pull requests on your project. These policies are optional, but they're highly recommended so you can quickly track, identify, and remediate issues in your code. - -#### **Ensuring your pull requests are automatically analyzed** -Ensure all of your pull requests get automatically analyzed by adding a [build validation branch policy](https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/azure-repos-git#pr-triggers) on the target branch. - -#### **Preventing pull request merges when the Quality Gate fails** -Prevent the merge of pull requests with a failed Quality Gate by adding a `SonarQube/quality gate` [status check branch policy](https://docs.microsoft.com/en-us/azure/devops/repos/git/pr-status-policy) on the target branch. - -[[info]] -| Projects configured as part of a mono repository cannot use this status check branch policy to prevent pull request merges. - -Check out this [ video](https://www.youtube.com/watch?v=be5aw9_7bBU) for a quick overview on preventing pull requests from being merged when they are failing the Quality Gate. - -## Reporting your Quality Gate status in Azure DevOps -After you've set up SonarQube to import your Azure DevOps repositories as shown in the **Importing your Azure DevOps repositories into SonarQube** above, SonarQube can report your Quality Gate status and analysis metrics directly to your Azure DevOps pull requests. - -To do this, add a project from Azure DevOps by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and select **Azure DevOps** from the drop-down menu. - -Then, follow the steps in SonarQube to analyze your project. SonarQube automatically sets the project settings required to show your Quality Gate in your pull requests. - -[[info]] -| To report your Quality Gate status in your pull requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for pull request analysis on the [Pull Request Analysis](/analysis/pull-request/) page. - -If you're creating your projects manually or adding Quality Gate reporting to an existing project, see the following section. - -### Reporting your Quality Gate status in manually created or existing projects -SonarQube can also report your Quality Gate status to Azure DevOps pull requests for existing and manually-created projects. After setting your global settings as shown in the **Importing your Azure DevOps repositories into SonarQube** section above, set the following project settings at **Project Settings > General Settings > DevOps Platform Integration**: - -- **Project name** -- **Repository name** - -### Advanced configuration - -[[collapse]] -| ## Reporting your Quality Gate status on pull requests in a mono repository -| -| _Reporting Quality Gate statuses to pull requests in a mono repository setup is supported starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ -| -| In a mono repository setup, multiple SonarQube projects, each corresponding to a separate project within the mono repository, are all bound to the same Azure DevOps repository. You'll need to set up each SonarQube project that's part of a mono repository to report your Quality Gate status. -| -| You need to set up projects that are part of a mono repository manually as shown in the **Displaying your Quality Gate status in manually created or existing project** section above. You also need to set the **Enable mono repository support** setting to true at **Project Settings > General Settings > DevOps Platform Integration**. -| -| After setting your project settings, ensure the correct project is being analyzed by adjusting the analysis scope and pass your project names to the scanner. See the following sections for more information. -| -| ### Ensuring the correct project is analyzed -| You need to adjust the analysis scope to make sure SonarQube doesn't analyze code from other projects in your mono repository. To do this set up a **Source File Inclusion** for your project at **Project Settings > Analysis Scope** with a pattern that will only include files from the appropriate folder. For example, adding `./MyFolderName/**/*` to your inclusions would only include analysis of code in the `MyFolderName` folder. See [Narrowing the Focus](/project-administration/narrowing-the-focus/) for more information on setting your analysis scope. -| -| ### Passing project names to the scanner -| Because of the nature of a mono repository, SonarQube scanners might read all project names of your mono repository as identical. To avoid having multiple projects with the same name, you need to pass the `sonar.projectName` parameter to the scanner. For example, if you're using the Maven scanner, you would pass `mvn sonar:sonar -Dsonar.projectName=YourProjectName`. - -[[collapse]] -| ## Configuring multiple DevOps Platform instances -| SonarQube can report your Quality Gate status to multiple DevOps Platform instances. To do this, you need to create a configuration for each DevOps Platform instance and assign that configuration to the appropriate projects. -| -| - As part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can create one configuration for each DevOps Platform. -| -| - Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can create multiple configurations for each DevOps Platform. If you have multiple configurations of the same DevOps Platform connected to SonarQube, you have to create projects manually. - -[[collapse]] -| ## Linking issues -| When adding a Quality Gate status to your pull requests, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`. - -## FAQ - -**Missing Build Agent Capability** - -If you add a Windows Build Agent and install a non-oracle Java version on it, the agent will fail to detect a needed capability for the SonarQube Azure DevOps plugin. If you are sure that the `java` executable is available in the `PATH` environment variable, you can add the missing capability manually by going to **your build agent > capabilities > user capabilities > add capability**. Here, you can add the key, value pair java, and null which should allow the SonarQube plugin to be scheduled on that build agent. -This Bug has been reported to the Microsoft Team with [azure-pipelines-agent#2046](https://github.com/microsoft/azure-pipelines-agent/issues/2046) but is currently not followed up upon. - -### Interaction details between SonarQube and Azure - -When you run a Sonar analysis for a pull request, each Sonar issue will be a comment on the Azure DevOps pull request. If the Azure DevOps instance is configured correctly and you set an issue in SonarQube to 'resolved', the Azure DevOps pull request comment will automatically be resolved. Likewise, when you fix an issue in the code and run the analysis build another time, the issue will be resolved in Sonar and deleted in Azure DevOps. diff --git a/server/sonar-docs/src/pages/analysis/background-tasks.md b/server/sonar-docs/src/pages/analysis/background-tasks.md deleted file mode 100644 index 3dee958c838..00000000000 --- a/server/sonar-docs/src/pages/analysis/background-tasks.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: Background Tasks -url: /analysis/background-tasks/ ---- - -A Background Task can be: -* the import of an Analysis Report -* the computation of a Portfolio -* the import or export of a project - -## What happens after the scanner is done analyzing? - -Analysis is not complete until the relevant Background Task has been completed. Even though the SonarScanner's log shows `EXECUTION SUCCESS`, the analysis results will not be visible in the {instance} project until the Background Task has been completed. After a SonarScanner has finished analyzing your code, the result of the analysis (Sources, Issues, Metrics) - the Analysis Report - is sent to {instance} Server for final processing by the Compute Engine. Analysis Reports are queued and processed serially. - -At the Project level, when there is a pending Analysis Report waiting to be consumed, you have a "Pending" notification in the header, next to the date of the most recent completed analysis. - -Global Administrators can view the current queue at **[Administration > Projects > Background Tasks](/#sonarqube-admin#/admin/background_tasks)**. Project administrators can see the tasks for a project at **Project Settings > Background Tasks**. - -## How do I know when analysis report processing fails? -Background tasks usually succeed, but sometimes unusual circumstances cause processing to fail. Examples include: - -* running out of memory while processing a report from a very large project -* hitting a clash between the key of an existing module or project and one in the report -* ... - -When that happens, the failed status is reflected on the project homepage, but that requires someone to notice it. You can also choose to be notified by email when background tasks fail - either on a project by project basis, or globally on all projects where you have administration rights, in the **Notifications** section of your profile. - -## How do I diagnose a failing background task? -For each Analysis Report there is a dropdown menu allowing access to the "Scanner Context," displaying the configuration of the Scanner at the moment when the code scan has been run. - -If processing failed for the task, an additional option will be available: "Show Error Details", to get the technical details why the processing of the Background Task failed. - -## How do I cancel a pending analysis report? -Administrators can cancel the processing of a pending task by clicking: - -* on the red 'x' available on each line of a `Pending` task -* on the red "bulk cancel" option next to the pending jobs count. This button cancels all pending tasks. - -Once processing has begun on a report, it's too late to cancel it. - diff --git a/server/sonar-docs/src/pages/analysis/bitbucket-cloud-integration.md b/server/sonar-docs/src/pages/analysis/bitbucket-cloud-integration.md deleted file mode 100644 index 46a7fa1aaf4..00000000000 --- a/server/sonar-docs/src/pages/analysis/bitbucket-cloud-integration.md +++ /dev/null @@ -1,304 +0,0 @@ ---- -title: Bitbucket Cloud Integration -url: /analysis/bitbucket-cloud-integration/ ---- - -SonarQube's integration with Bitbucket Cloud allows you to maintain code quality and security in your Bitbucket Cloud repositories. - -With this integration, you'll be able to: - -- **Import your BitBucket Cloud repositories** – Import your Bitbucket Cloud repositories into SonarQube to easily set up SonarQube projects. -- **Analyze projects with Bitbucket Pipelines** – Integrate analysis into your build pipeline. SonarScanners running in Bitbucket Pipelines can automatically detect branches or pull requests being built so you don't need to specifically pass them as parameters to the scanner (branch and pull request analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)). -- **Report your Quality Gate status to your pull requests** – (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in Bitbucket Cloud so you know if it's safe to merge your changes. -- **Authenticate with Bitbucket Cloud** - Sign in to SonarQube with your Bitbucket Cloud credentials. - -## Importing your Bitbucket Cloud repositories into SonarQube - -Setting up the import of BitBucket Cloud repositories into SonarQube allows you to easily create SonarQube projects from your Bitbucket Cloud repositories. This is also the first step in adding authentication and, starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), the first step in reporting your analysis and Quality Gate status to your pull requests. - -[[info]] -| To import your Bitbucket repositories into SonarQube, you can only have one global configuration of Bitbucket, including Bitbucket Server and Bitbucket Cloud. See the **Configuring multiple DevOps Platform instances** section below for more information. - -To set up the import of BitBucket Cloud repositories: - -1. Create an OAuth consumer. -1. Set your global DevOps Platform integration settings. -1. Add your Bitbucket username and an app password. - -### Creating your OAuth consumer -SonarQube uses a dedicated [OAuth consumer](https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/) to import repositories and display your Quality Gate status on pull requests. Create the OAuth consumer in your Bitbucket Cloud workspace settings and specify the following: - -- **Name** – the name of your OAuth consumer -- **Callback URL** – Bitbucket Cloud requires this field, but it's not used by SonarQube so you can use any URL. -- **This is a private consumer** – Your OAuth consumer needs to be private. Make sure this check box is selected. -- **Permissions** – Grant **Read** access for the **Pull requests** permission. - -### Setting your global DevOps Platform Integration settings -To set your global DevOps Platform Integration settings, navigate to **Administration > Configuration > General Settings > DevOps Platform Integrations**, select the **Bitbucket** tab, and select **Bitbucket Cloud** as the variant you want to configure. From here, specify the following settings: - -- **Configuration Name** (Enterprise and Data Center Edition only) – The name used to identify your Bitbucket Cloud configuration at the project level. Use something succinct and easily recognizable. -- **Workspace ID** – The workspace ID is part of your bitbucket cloud URL `https://bitbucket.org/{WORKSPACE-ID}/{repository-slug}` -- **OAuth Key** – Bitbucket automatically creates an OAuth key when you create your OAuth consumer. You can find it in your Bitbucket Cloud workspace settings under **OAuth consumers**. -- **OAuth Secret** – Bitbucket automatically creates an OAuth secret when you create your OAuth consumer. You can find it in your Bitbucket Cloud workspace settings under **OAuth consumers**. Administrators can encrypt this secret at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. - -### Adding your Bitbucket username and an app password -After setting your global settings, you can add a project from Bitbucket Cloud by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and selecting **Bitbucket**. - -Then, you'll be asked to provide your Bitbucket username and an [app password](https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/). Your app password needs the **repository:read** permission. - -After adding your Bitbucket username and app password, you'll see a list of your Bitbucket Cloud projects that you can **set up** to add them to SonarQube. Setting up your projects this way also sets your project settings for displaying your Quality Gate status on pull requests. - -## Analyzing projects with Bitbucket Pipelines -SonarScanners running in Bitbucket Pipelines can automatically detect branches or pull requests being built so you don't need to specifically pass them as parameters to the scanner. - -To analyze your projects with Bitbucket Pipelines, you need to: -- Set your environment variables. -- Configure your `bitbucket-pipelines.yml file`. - -### Setting environment variables -You can set environment variables securely for all pipelines in Bitbucket Cloud's settings. See [User-defined variables](https://support.atlassian.com/bitbucket-cloud/docs/variables-and-secrets/#User-defined-variables) for more information. - -[[info]] -| You may need to commit your `bitbucket-pipelines.yml` before being able to set environment variables for pipelines. - -You need to set the following environment variables in Bitbucket Cloud for analysis: - -- `SONAR_TOKEN` – Generate a SonarQube [token](/user-guide/user-token/) for Bitbucket Cloud and create a custom **secured** environment variable in Bitbucket Cloud with `SONAR_TOKEN` as the **Name** and the token you generated as the **Value**. -- `SONAR_HOST_URL` – Create a custom environment variable with `SONAR_HOST_URL` as the **Name** and your SonarQube server URL as the **Value**. - -### Configuring your bitbucket-pipelines.yml file -This section shows you how to configure your `bitbucket-pipelines.yml` file. - -You'll set up your build according to your SonarQube edition: - -- **Community Edition** – Community Edition doesn't support multiple branches, so you should only analyze your main branch. You can restrict analysis to your main branch by setting it as the only branch in your `branches` pipeline in your `bitbucket-pipelines.yml` file and not using the `pull-requests` pipeline. -- **Developer Edition and above** – Bitbucket Pipelines can build specific branches and pull requests if you use the `branches` and `pull-requests` pipelines as shown in the example configurations below. - -Click the scanner you're using below to expand the example configuration: - -**Note:** This assumes a typical Gitflow workflow. See [Use glob patterns on the Pipelines YAML file](https://support.atlassian.com/bitbucket-cloud/docs/use-glob-patterns-on-the-pipelines-yaml-file/) provided by Atlassian for more information on customizing what branches or pull requests trigger an analysis. - -[[collapse]] -| ## SonarScanner for Gradle -| -| **Note:** A project key might have to be provided through a `build.gradle` file, or through the command line parameter. For more information, see the [SonarScanner for Gradle](/analysis/scan/sonarscanner-for-gradle/) documentation. -| -| Add the following to your `build.gradle` file: -| -| ``` -| plugins { -| id "org.sonarqube" version "3.5.0.2730" -| } -| ``` -| -| Write the following in your `bitbucket-pipelines.yml`: -| -| ``` -| image: openjdk:8 -| -| definitions: -| steps: -| - step: &build-step -| name: SonarQube analysis -| caches: -| - gradle -| - sonar -| script: -| - bash ./gradlew sonar -| caches: -| sonar: ~/.sonar -| -| clone: -| depth: full -| -| pipelines: -| branches: -| '{master,main,develop}': -| - step: *build-step -| -| pull-requests: -| '**': -| - step: *build-step -| ``` - -[[collapse]] -| ## SonarScanner for Maven -| -| **Note:** A project key might have to be provided through the command line parameter. For more information, see the [SonarScanner for Maven](/analysis/scan/sonarscanner-for-maven/) documentation. -| -| Write the following in your `bitbucket-pipelines.yml`: -| -| ``` -| image: maven:3.3.9 -| -| definitions: -| steps: -| - step: &build-step -| name: SonarQube analysis -| caches: -| - maven -| - sonar -| script: -| - mvn verify sonar:sonar -| caches: -| sonar: ~/.sonar -| -| clone: -| depth: full -| -| pipelines: -| branches: -| '{master,main,develop}': -| - step: *build-step -| -| pull-requests: -| '**': -| - step: *build-step -| ``` - -[[collapse]] -| ## SonarScanner for .NET -| -| Write the following in your `bitbucket-pipelines.yml`: -| -| ``` -| image: mcr.microsoft.com/dotnet/core/sdk:latest -| -| definitions: -| steps: -| - step: &build-step -| name: SonarQube analysis -| caches: -| - dotnetcore -| - sonar -| script: -| - apt-get update -| - apt-get install --yes openjdk-11-jre -| - dotnet tool install --global dotnet-sonarscanner -| - export PATH="$PATH:/root/.dotnet/tools" -| - dotnet sonarscanner begin /k:"YOUR_PROJECT_KEY*" /d:"sonar.login=${SONAR_TOKEN}" /d:"sonar.host.url=${SONAR_HOST_URL}" -| - dotnet build -| - dotnet sonarscanner end /d:"sonar.login=${SONAR_TOKEN}" -| caches: -| sonar: ~/.sonar -| -| clone: -| depth: full -| -| pipelines: -| branches: -| '{master,main,develop}': -| - step: *build-step -| pull-requests: -| '**': -| - step: *build-step -| ``` - -[[collapse]] -| ## SonarScanner CLI -| -| You can set up the SonarScanner CLI configuration the following ways: -| -| - **SonarQube Scan Bitbucket Pipe** – Using the SonarQube Scan Bitbucket Pipe is an easy way to set up a basic configuration. You'll find the Bitbucket Pipe and configuration instructions on the [SonarQube Scan Bitbucket Pipe](https://bitbucket.org/sonarsource/sonarqube-scan/) page. -| -| - **Advanced Configuration** – If you need an advanced setup that allows for scanner caching, you can add the following to your `bitbucket-pipelines.yml` file: -| -| [[info]] -| | This configuration is an alternative to the SonarQube Scan Bitbucket Pipe. If you do not need a setup that allows for scanner caching, we recommend using the Bitbucket Pipe. -| -| ``` -| image: <image for build> -| -| definitions: -| steps: &build-step -| - step: -| name: SonarQube analysis -| image: sonarsource/sonar-scanner-cli:latest -| caches: -| - sonar -| script: -| - sonar-scanner -| caches: -| sonar: /opt/sonar-scanner/.sonar -| -| clone: -| depth: full -| -| pipelines: -| branches: -| '{master,main,develop}': -| - step: *build-step -| -| pull-requests: -| '**': -| - step: *build-step -| ``` -| -| [[info]] -| | A project key has to be provided through a `sonar-project.properties` file, or through the command line parameter. For more information, see the [SonarScanner](/analysis/scan/sonarscanner/) documentation. - -#### **Failing the pipeline job when the Quality Gate fails** -You can use the [SonarQube Quality Gate Check Bitbucket Pipe](https://bitbucket.org/sonarsource/sonarqube-quality-gate) to ensure your code meets your quality standards by failing your pipeline job when your [Quality Gate](/user-guide/quality-gates/) fails. - -If you do not want to use the SonarQube Quality Gate Check Pipe, you can instruct the scanner to wait for the SonarQube Quality Gate status at the end of the analysis. To enable this, pass the `-Dsonar.qualitygate.wait=true` parameter to the scanner in the `bitbucket-pipelines.yml` file. - -This will make the analysis step poll SonarQube regularly until the Quality Gate is computed. This will increase your pipeline duration. Note that, if the Quality Gate is red, this will make the analysis step fail, even if the actual analysis itself is successful. We advise only using this parameter when necessary (for example, to block a deployment pipeline if the Quality Gate is red). It should not be used to report the Quality Gate status in a pull request. - -You can set the `sonar.qualitygate.timeout` property to an amount of time (in seconds) that the scanner should wait for a report to be processed. The default is 300 seconds. - -### For more information -For more information on configuring your build with Bitbucket Pipelines, see the [Configure bitbucket-pipelines.yml](https://support.atlassian.com/bitbucket-cloud/docs/configure-bitbucket-pipelinesyml/) documentation provided by Atlassian. - -## Reporting your Quality Gate status in Bitbucket Cloud - -After creating and installing your OAuth consumer above, SonarQube can report your Quality Gate status and analysis metrics directly to your Bitbucket Cloud pull requests. - -To do this, add a project from Bitbucket by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and select **Bitbucket** from the drop-down menu. - -Then, follow the steps in SonarQube to analyze your project. SonarQube automatically sets the project settings required to show your Quality Gate in your pull requests. - -[[info]] -| To report your Quality Gate status in your pull requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for pull request analysis on the [Pull Request Analysis](/analysis/pull-request/) page. - -If you're creating your projects manually or adding Quality Gate reporting to an existing project, see the following section. - -### Reporting your Quality Gate status in manually created or existing projects -SonarQube can also report your Quality Gate status to Bitbucket Cloud pull requests for existing and manually-created projects. After you've created and installed your OAuth consumer and updated your global settings as shown in the **Importing your Bitbucket Cloud repositories into SonarQube** section above, set the following project settings at **Project Settings > General Settings > DevOps Platform Integration**: - -- **Configuration name** – The configuration name that corresponds to your GitHub instance. -- **Repository SLUG** – The Repository SLUG is part of your Bitbucket Cloud URL. For example, `https://bitbucket.org/{workspace}/{repository}` - -### Advanced configuration - -[[collapse]] -| ## Reporting your Quality Gate status on pull requests in a mono repository -| -| _Reporting Quality Gate statuses to pull requests in a mono repository setup is supported starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ -| -| In a mono repository setup, multiple SonarQube projects, each corresponding to a separate project within the mono repository, are all bound to the same Bitbucket Cloud repository. You'll need to set up each SonarQube project that's part of a mono repository to report your Quality Gate status. -| -| You need to set up projects that are part of a mono repository manually as shown in the **Displaying your Quality Gate status in manually created or existing project** section above. You also need to set the **Enable mono repository support** setting to true at **Project Settings > General Settings > DevOps Platform Integration**. -| -| After setting your project settings, ensure the correct project is being analyzed by adjusting the analysis scope and pass your project names to the scanner. See the following sections for more information. -| -| ### Ensuring the correct project is analyzed -| You need to adjust the analysis scope to make sure SonarQube doesn't analyze code from other projects in your mono repository. To do this set up a **Source File Inclusion** for your project at **Project Settings > Analysis Scope** with a pattern that will only include files from the appropriate folder. For example, adding `./MyFolderName/**/*` to your inclusions would only include analysis of code in the `MyFolderName` folder. See [Narrowing the Focus](/project-administration/narrowing-the-focus/) for more information on setting your analysis scope. -| -| ### Passing project names to the scanner -| Because of the nature of a mono repository, SonarQube scanners might read all project names of your mono repository as identical. To avoid having multiple projects with the same name, you need to pass the `sonar.projectName` parameter to the scanner. For example, if you're using the Maven scanner, you would pass `mvn sonar:sonar -Dsonar.projectName=YourProjectName`. - -[[collapse]] -| ## Configuring multiple DevOps Platform instances -| SonarQube can report your Quality Gate status to multiple DevOps Platform instances. To do this, you need to create a configuration for each DevOps Platform instance and assign that configuration to the appropriate projects. -| -| - As part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can create one configuration for each DevOps Platform. -| -| - Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can create multiple configurations for each DevOps Platform. If you have multiple configurations of the same DevOps Platform connected to SonarQube, you have to create projects manually. - -[[collapse]] -| ## Linking issues -| When adding a Quality Gate status to your pull requests, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`. - -## Authenticating with Bitbucket Cloud - -See [Authenticating with Bitbucket Cloud](/instance-administration/authentication/bitbucket-cloud/) diff --git a/server/sonar-docs/src/pages/analysis/bitbucket-integration.md b/server/sonar-docs/src/pages/analysis/bitbucket-integration.md deleted file mode 100644 index 67042b104d5..00000000000 --- a/server/sonar-docs/src/pages/analysis/bitbucket-integration.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Bitbucket Server Integration -url: /analysis/bitbucket-integration/ ---- -SonarQube's integration with Bitbucket Server allows you to maintain code quality and security in your Bitbucket Server repositories. - -With this integration, you'll be able to: - -- **Import your BitBucket Server repositories** - Import your Bitbucket Server repositories into SonarQube to easily set up SonarQube projects. -- **Report your Quality Gate status to your pull requests** - (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in Bitbucket Server so you know if it's safe to merge your changes. - -## Prerequisites -Integration with Bitbucket Server requires at least Bitbucket Server version 5.15. - -### Branch Analysis -Community Edition doesn't support the analysis of multiple branches, so you can only analyze your main branch. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and pull requests. - -## Importing your Bitbucket Server repositories into SonarQube -Setting up the import of BitBucket Server repositories into SonarQube allows you to easily create SonarQube projects from your Bitbucket Server repositories. If you're using [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above, this is also the first step in adding pull request decoration. - -[[info]] -| To import your Bitbucket repositories into SonarQube, you can only have one global configuration of Bitbucket, including Bitbucket Server and Bitbucket Cloud. See the **Configuring multiple DevOps Platform instances** section below for more information. - -To set up the import of BitBucket Server repositories: - -1. Set your global DevOps Platform integration settings -1. Add a personal access token for importing repositories - -### Setting your global DevOps Platform Integration settings -To set your global DevOps Platform Integration settings, navigate to **Administration > Configuration > General Settings > DevOps Platform Integrations**, select the **Bitbucket** tab, and select **Bitbucket Server** as the variant you want to configure. From here, specify the following settings: - -- **Configuration Name** (Enterprise and Data Center Edition only) – The name used to identify your Bitbucket Server configuration at the project level. Use something succinct and easily recognizable. -- **Bitbucket Server URL** – your instances URL. For example, `https://bitbucket-server.your-company.com`. -- **Personal Access Token** – A Bitbucket Server user account is used to decorate Pull Requests. We recommend using a dedicated Bitbucket Server account with Administrator permissions. You need a [Personal Access Token](https://confluence.atlassian.com/bitbucketserver0515/personal-access-tokens-961275199.html) from this account with **Read** permission for the repositories that will be analyzed. Administrators can encrypt this token at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. - - This personal access token is used to report your Quality Gate status to your pull requests. You'll be asked for another personal access token for importing projects in the following section. - -### Adding a personal access token for importing repositories -After setting your global settings, you can add a project from Bitbucket Server by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and selecting **Bitbucket**. - -Then, you'll be asked to provide a personal access token from your user account with `Read` permissions for both projects and repositories. This token will be stored in SonarQube and can be revoked at anytime in Bitbucket Server. - -After saving your personal access token, you'll see a list of your Bitbucket Server projects that you can **set up** to add them to SonarQube. Setting up your projects this way also sets your project settings for pull request decoration. - -## Reporting your Quality Gate status to Bitbucket Server -After you've set up SonarQube to import your Bitbucket Server repositories as shown in the previous section, SonarQube can report your Quality Gate status and analysis metrics directly to your Bitbucket Server pull requests. - -To do this, add a project from Bitbucket by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and select **Bitbucket** from the drop-down menu. - -Then, follow the steps in SonarQube to analyze your project. SonarQube automatically sets the project settings required to show your Quality Gate in your pull requests. - -[[info]] -| To report your Quality Gate status in your pull requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for pull request analysis on the [Pull Request Analysis](/analysis/pull-request/) page. - -If you're creating your projects manually or adding Quality Gate reporting to an existing project, see the following section. - -### Reporting your Quality Gate status in manually created or existing projects -SonarQube can also report your Quality Gate status to Bitbucket Server for existing projects and manually-created projects. After you've updated your global settings as shown in the **Importing your Bitbucket Server repositories into SonarQube** section above, set the following project settings at **Project Settings > General Settings > DevOps Platform Integration**: - -- **Configuration name** – The configuration name that corresponds to your DevOps Platform instance. -- **Project Key** – the project key is part of your BitBucket Server repository URL (.../projects/**{KEY}**/repos/{SLUG}/browse). -- **Repository SLUG** – The repository slug is part of your BitBucket Server repository URL (.../projects/{KEY}/repos/**{SLUG}**/browse). - -### Advanced configuration - -[[collapse]] -| ## Reporting your Quality Gate status on pull requests in a mono repository -| -| _Reporting Quality Gate statuses to pull requests in a mono repository setup is supported starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ -| -| In a mono repository setup, multiple SonarQube projects, each corresponding to a separate project within the mono repository, are all bound to the same Bitbucket Server repository. You'll need to set up each SonarQube project that's part of a mono repository to report your Quality Gate status. -| -| You need to set up projects that are part of a mono repository manually as shown in the **Reporting your Quality Gate status in manually created or existing project** section above. You also need to set the **Enable mono repository support** setting to true at **Project Settings > General Settings > DevOps Platform Integration**. -| -| After setting your project settings, ensure the correct project is being analyzed by adjusting the analysis scope and pass your project names to the scanner. See the following sections for more information. -| -| ### Ensuring the correct project is analyzed -| You need to adjust the analysis scope to make sure SonarQube doesn't analyze code from other projects in your mono repository. To do this set up a **Source File Inclusion** for your project at **Project Settings > Analysis Scope** with a pattern that will only include files from the appropriate folder. For example, adding `./MyFolderName/**/*` to your inclusions would only include analysis of code in the `MyFolderName` folder. See [Narrowing the Focus](/project-administration/narrowing-the-focus/) for more information on setting your analysis scope. -| -| ### Passing project names to the scanner -| Because of the nature of a mono repository, SonarQube scanners might read all project names of your mono repository as identical. To avoid having multiple projects with the same name, you need to pass the `sonar.projectName` parameter to the scanner. For example, if you're using the Maven scanner, you would pass `mvn sonar:sonar -Dsonar.projectName=YourProjectName`. - -[[collapse]] -| ## Configuring multiple DevOps Platform instances -| SonarQube can report your Quality Gate status to multiple DevOps Platform instances. To do this, you need to create a configuration for each DevOps Platform instance and assign that configuration to the appropriate projects. -| -| - As part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can create one configuration for each DevOps Platform. -| -| - Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can create multiple configurations for each DevOps Platform. If you have multiple configurations of the same DevOps Platform connected to SonarQube, you have to create projects manually. - -[[collapse]] -| ## Linking issues -| When adding a Quality Gate status to your pull requests, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`. - -## Preventing pull request merges when the Quality Gate fails -After setting up pull request analysis, you can block pull requests from being merged if it is failing the Quality Gate. To do this: -1. In Bitbucket Server, navigate to **Repository settings > Code Insights**. -2. Add a **Required report** called `com.sonarsource.sonarqube` - -[[info]] -|If your SonarQube project is configured as part of a mono repository in Enterprise Edition or above, you need to use a **Required report**. -This report will be in the format of `com.sonarsource.sonarqube_{hash}` (instead of `com.sonarsource.sonarqube`). -This hash is a randomly computed value that can be discovered on Bitbucket after first PR analysis. - -3. Select **Must pass** as the **Required status**. -4. Select **Must not have any annotations** as the **Annotation requirements**. diff --git a/server/sonar-docs/src/pages/analysis/ci-integration-overview.md b/server/sonar-docs/src/pages/analysis/ci-integration-overview.md deleted file mode 100644 index 1681b2ff101..00000000000 --- a/server/sonar-docs/src/pages/analysis/ci-integration-overview.md +++ /dev/null @@ -1,34 +0,0 @@ ---- -title: Overview -url: /analysis/ci-integration-overview/ ---- - -_Merge and Pull Request analysis is available as part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) and [above](https://www.sonarsource.com/plans-and-pricing/)._ - -## Failing a pipeline job when the Quality Gate fails -You can ensure your code meets your quality standards by failing your pipeline job when your [Quality Gate](/user-guide/quality-gates/) fails. - -With Jenkins, you can suspend pipeline execution until the analysis' Quality Gate status is known. See the [Jenkins](/analysis/jenkins/) integration page. - -With GitHub Actions, you can fail the pipeline job when the Quality Gate fails using the [SonarQube Quality Gate Check Action](https://github.com/marketplace/actions/sonarqube-quality-gate-check). - -With Bitbucket Pipelines, you can fail the pipeline job when the Quality Gate fails using the [SonarQube Quality Gate Check Pipe](https://bitbucket.org/sonarsource/sonarqube-quality-gate). - -For other CIs, you can use the `sonar.qualitygate.wait=true` analysis parameter in your configuration file. Setting `sonar.qualitygate.wait` to true forces the analysis step to poll your SonarQube instance until the Quality Gate status is available. This increases the pipeline duration and causes the analysis step to fail any time the Quality Gate fails, even if the actual analysis is successful. You should only use this parameter if it's necessary. - -You can set the `sonar.qualitygate.timeout` property to the number of seconds that the scanner should wait for a report to be processed. The default is 300 seconds. - -## GitLab CI/CD -For GitLab CI/CD configuration, see the [GitLab integration](/analysis/gitlab-integration/) page. - -## GitHub Actions -For GitHub Actions configuration, see the [GitHub integration](/analysis/github-integration/) page. - -## Azure Pipelines -For Azure Pipelines configuration, see the [Azure DevOps integration](/analysis/azuredevops-integration/) page. - -## Bitbucket Pipelines -For Bitbucket Pipelines configuration, see the [Bitbucket Cloud integration](/analysis/bitbucket-cloud-integration/) page. - -## Jenkins -For Jenkins configuration, see [Jenkins](/analysis/jenkins/). diff --git a/server/sonar-docs/src/pages/analysis/codemagic.md b/server/sonar-docs/src/pages/analysis/codemagic.md deleted file mode 100644 index 02f7ad2ab57..00000000000 --- a/server/sonar-docs/src/pages/analysis/codemagic.md +++ /dev/null @@ -1,49 +0,0 @@ ---- -title: Codemagic Integration -url: /analysis/codemagic/ ---- - -SonarScanners running in Codemagic can automatically detect branches and merge or pull requests in certain jobs. You don't need to explicitly pass the branch or pull request details. - -## Adding SonarQube scripts to your Codemagic .yml file -To analyze your code when using Codemagic: - -1. Add the following scripts to your existing `codemagic.yaml` file: - -``` - scripts: - - | - # download and install the SonarScanner - wget -O $FCI_BUILD_DIR/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.4.0.2170-macosx.zip - # If running in a Linux environment, download https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.4.0.2170-linux.zip - unzip $FCI_BUILD_DIR/sonar-scanner.zip - mv sonar-scanner-* sonar-scanner - - | - # Generate and upload code analysis report - export PATH=$PATH:$FCI_BUILD_DIR/sonar-scanner/bin - sonar-scanner \ - -Dsonar.projectKey=YOUR_PROJECT_KEY \ - -Dsonar.host.url=SONARQUBE_URL \ -``` - -2. Define `SONAR_TOKEN` as a Codemagic environment variable. - -## Automatically detecting pull requests -For SonarQube to automatically detect pull requests when using Codemagic, you need to add an event in the triggering section of your `codemagic.yaml` file as shown in the following snippet: -``` - triggering: - events: - - pull_request -``` - -For triggering to work, you also need to set up a link between Codemagic and your DevOps platform (Bitbucket, Github, etc.). See the [Codemagic documentation](https://docs.codemagic.io/configuration/webhooks/) for more information. - -## Caching the .sonar folder - -Caching the `.sonar` folder saves time on subsequent analyses. To do this, add the following snippet to your `codemagic.yaml` file: - -``` - cache: - cache_paths: - - ~/.sonar -```
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/analysis/external-issues.md b/server/sonar-docs/src/pages/analysis/external-issues.md deleted file mode 100644 index 34fd4cecc0f..00000000000 --- a/server/sonar-docs/src/pages/analysis/external-issues.md +++ /dev/null @@ -1,59 +0,0 @@ ---- -title: Importing Third-Party Issues -url: /analysis/external-issues/ ---- - -This page lists analysis parameters related to the import of issues raised by external, third-party analyzers. If your analyzer isn't on this page, see the [Generic Issue Import Format](/analysis/generic-issue/) for a generic way to import external issues. - -SonarQube doesn't run your external analyzers or generate reports. It only imports pre-generated reports. Below you'll find language- and tool-specific analysis parameters for importing reports generated by external analyzers. - -In the [Guides](https://community.sonarsource.com/c/clean-code/guides/22) category of the [SonarSource Community forum](https://community.sonarsource.com/) you might find instructions on generating these reports. - -Some properties support the following wildcards in paths. The remarks for properties that support wildcards will mention that fact. If the remarks do not say wildcards are supported, then they are not.: - -Symbol|Meaning ----|--- -`?`|a single character -`*`|any number of characters -`**`|any number of directories - -Unless otherwise specified, the following properties accept both absolute paths and paths relative to project root. - -Language|Property|Remarks -----|----|---- -Apex|`sonar.apex.pmd.reportPaths`|Comma-delimited list of paths to [PMD Apex](https://pmd.github.io/pmd-5.5.7/pmd-apex/rules/index.html) [XML reports](https://pmd.github.io/latest/pmd_userdocs_installation.html#running-pmd-via-command-line)| -CSS|`sonar.css.stylelint.reportPaths`|Comma-delimited list of paths to [StyleLint.io](https://stylelint.io/) reports| -Go|`sonar.go.govet.reportPaths`|Comma-delimited list of paths to [GoVet](https://golang.org/cmd/vet/) reports| -Go|`sonar.go.golint.reportPaths`|Comma-delimited list of paths to [GoLint](https://github.com/golang/lint) reports| -Go|`sonar.go.gometalinter.reportPaths`|Comma-delimited list of paths to [GoMetaLinter](https://github.com/alecthomas/gometalinter) reports| -Go|`sonar.go.golangci-lint.reportPaths`|Comma-delimited list of paths to [golangci-lint](https://github.com/golangci/golangci-lint) reports in checkstyle format (use `--out-format checkstyle` golangci-lint option)| -Go|`sonar.externalIssuesReportPaths`|Comma-delimited list of paths to [gosec](https://github.com/securego/gosec) reports in SonarQube format (use `-fmt=sonarqube` gosec option). Note: this property is the one from the [Generic Issue Import Format](/analysis/generic-issue/)| -Java|`sonar.java.spotbugs.reportPaths`|Comma-delimited list of paths to reports from [SpotBugs](https://spotbugs.github.io/), FindSecBugs, or FindBugs| -Java|`sonar.java.pmd.reportPaths`|Comma-delimited list of paths to reports from [PMD](http://maven.apache.org/plugins/maven-pmd-plugin/usage.html) -Java|`sonar.java.checkstyle.reportPaths`|Comma-delimited list of paths to reports from [Checkstyle](http://maven.apache.org/plugins/maven-checkstyle-plugin/checkstyle-mojo) -JavaScript|`sonar.eslint.reportPaths`|Comma-delimited list of paths to JSON [ESLint](https://eslint.org/) reports (use `-f json` ESLint option) -Kotlin|`sonar.androidLint.reportPaths`|Comma-delimited list of paths to AndroidLint reports -Kotlin|`sonar.kotlin.detekt.reportPaths`|Comma-delimited list of paths to [Detekt](https://github.com/arturbosch/detekt) reports -Kotlin|`sonar.kotlin.ktlint.reportPaths`|Comma-delimited list of paths to [Ktlint](https://ktlint.github.io/) reports -PHP|`sonar.php.psalm.reportPaths`|Comma-delimited list of paths to [Psalm](https://github.com/vimeo/psalm) reports. Reports should be generated in the [Generic Issue Format](/analysis/generic-issue/) (run Psalm with the option `--output-format sonarqube`). -PHP|`sonar.php.phpstan.reportPaths`|Comma-delimited list of paths to [PHPStan](https://phpstan.org/) reports. Reports should be generated in the [PHPStan JSON Output Format](https://phpstan.org/user-guide/output-format) (use the PHPStan `analyse` command with the option `--error-format=json`). -Python|`sonar.python.pylint.reportPaths`|Comma-delimited list of paths to [Pylint](http://www.pylint.org/) reports (use `--output-format=parseable` [Pylint option](https://docs.pylint.org/en/1.6.0/output.html)) -Python|`sonar.python.bandit.reportPaths`|Comma-delimited list of paths to [Bandit](https://github.com/PyCQA/bandit/blob/master/README.rst) reports -Python|`sonar.python.flake8.reportPaths`|Comma-delimited list of paths to [Flake8](https://flake8.pycqa.org/en/latest/) reports -Ruby|`sonar.ruby.rubocop.reportPaths`|Comma-delimited list of paths to [Rubocop](https://github.com/rubocop-hq/rubocop) reports -Scala|`sonar.scala.scalastyle.reportPaths`|Comma-delimited list of paths to [Scalastyle](http://www.scalastyle.org/) reports -Scala|`sonar.scala.scapegoat.reportPaths`|Comma-delimited list of paths to [Scapegoat](https://github.com/sksamuel/scapegoat) reports in the **Scalastyle format** -Swift|`sonar.swift.swiftLint.reportPaths`|Comma-delimited list of paths to [SwiftLint](https://github.com/realm/SwiftLint) reports in JSON format -TypeScript|`sonar.typescript.tslint.reportPaths`|Comma-delimited list of paths to [TSLint](https://palantir.github.io/tslint/) reports in JSON format (use `-t json` TSLint option)| - -**Notes on external .NET issues** -Issues from third-party Roslyn analyzers (including Roslyn analyzers provided by Microsoft) are included in the MSBuild output and imported by default into {instance} so no properties exist to enable that behavior. Instead, properties are available to adjust the import and to _stop_ importing those issues. - -Note that Roslyn issues with an *error* severity automatically fail the build. We don't recommended running the Scanner for MSBuild's end step if the MSBuild step fails for any reason because it will result in an essentially empty analysis. - -Language|Property|Remarks -----|----|---- -C#|`sonar.cs.roslyn.ignoreIssues`|Set to `true` to disable import of external issues. Defaults to `false`. -C#|`sonar.cs.roslyn.bugCategories` `sonar.cs.roslyn.vulnerabilityCategories` `sonar.cs.roslyn.codeSmellCategories`|Comma-delimited list of categories whose issues should be classified as Bugs, Vulnerabilities, or Code Smells. -VB.NET|`sonar.vbnet.roslyn.ignoreIssues`|Set to `true` to disable import of external issues. Defaults to `false`. -VB.NET|`sonar.vbnet.roslyn.bugCategories` `sonar.vbnet.roslyn.vulnerabilityCategories` `sonar.vbnet.roslyn.codeSmellCategories`|Comma-delimited list of categories whose issues should be classified as Bugs, Vulnerabilities, or Code Smells. diff --git a/server/sonar-docs/src/pages/analysis/generic-issue.md b/server/sonar-docs/src/pages/analysis/generic-issue.md deleted file mode 100644 index 6aa093e9a94..00000000000 --- a/server/sonar-docs/src/pages/analysis/generic-issue.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: Generic Issue Import Format -url: /analysis/generic-issue/ ---- - -SonarQube supports a generic import format for raising external issues in code. You can use this format to import issues from your favorite linter even if there's no plugin for it. SonarQube also supports many third-party issue report formats, see [Importing Third-Party Issues](/analysis/external-issues/) for more information. - -There are a couple of limitations with importing external issues: - -* you can't manage them within SonarQube; for instance, there is no ability to mark them False Positive. -* you can't manage the activation of the rules that raise these issues within SonarQube. External rules aren't visible on the Rules page or reflected in Quality Profiles. - -External issues and the rules that raise them must be managed in the configuration of your linter. - -## Import -The analysis parameter `sonar.externalIssuesReportPaths` accepts a comma-delimited list of paths to reports. - -Each report must contain, at top-level, an array of `Issue` objects named `issues`. - -#### Issue fields: - -* `engineId` - string -* `ruleId` - string -* `primaryLocation` - Location object -* `type` - string. One of BUG, VULNERABILITY, CODE_SMELL -* `severity` - string. One of BLOCKER, CRITICAL, MAJOR, MINOR, INFO -* `effortMinutes` - integer, optional. Defaults to 0 -* `secondaryLocations` - array of Location objects, optional - -#### Location fields: - -* `message` - string -* `filePath` - string -* `textRange` - TextRange object, optional for secondary locations only - -#### TextRange fields: - -* `startLine` - integer. 1-indexed -* `endLine` - integer, optional. 1-indexed -* `startColumn` - integer, optional. 0-indexed -* `endColumn` - integer, optional. 0-indexed - -## Example -Here is an example of the expected format: - - { "issues": [ - { - "engineId": "test", - "ruleId": "rule1", - "severity":"BLOCKER", - "type":"CODE_SMELL", - "primaryLocation": { - "message": "fully-fleshed issue", - "filePath": "sources/A.java", - "textRange": { - "startLine": 30, - "endLine": 30, - "startColumn": 9, - "endColumn": 14 - } - }, - "effortMinutes": 90, - "secondaryLocations": [ - { - "message": "cross-file 2ndary location", - "filePath": "sources/B.java", - "textRange": { - "startLine": 10, - "endLine": 10, - "startColumn": 6, - "endColumn": 38 - } - } - ] - }, - { - "engineId": "test", - "ruleId": "rule2", - "severity": "INFO", - "type": "BUG", - "primaryLocation": { - "message": "minimal issue raised at file level", - "filePath": "sources/Measure.java" - } - } - ]} diff --git a/server/sonar-docs/src/pages/analysis/github-integration.md b/server/sonar-docs/src/pages/analysis/github-integration.md deleted file mode 100644 index a4db3276b99..00000000000 --- a/server/sonar-docs/src/pages/analysis/github-integration.md +++ /dev/null @@ -1,418 +0,0 @@ ---- -title: GitHub Integration -url: /analysis/github-integration/ ---- - -SonarQube's integration with GitHub Enterprise and GitHub.com allows you to maintain code quality and security in your GitHub repositories. - -With this integration, you'll be able to: - -- **Import your GitHub repositories** - Import your GitHub repositories into SonarQube to easily set up SonarQube projects. -- **Analyze projects with GitHub Actions** - Integrate analysis into your build pipeline. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), SonarScanners running in GitHub Actions jobs can automatically detect branches or pull requests being built so you don't need to specifically pass them as parameters to the scanner. -- **Report your Quality Gate status to your branches and pull requests** - (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in GitHub so you know if it's safe to merge your changes. -- **Authenticate with GitHub** - Sign in to SonarQube with your GitHub credentials. -- **Display code scanning alerts for vulnerability issues in GitHub** - Display security vulnerability issues found by SonarQube as code scanning alerts in the GitHub interface. - -## Prerequisites - -If you're using GitHub Enterprise, you must be running [GitHub Enterprise version 3.2+](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). - -### Branch Analysis -Community Edition doesn't support the analysis of multiple branches, so you can only analyze your main branch. With [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and pull requests. - -## Importing your GitHub repositories to SonarQube -You need to use a GitHub App to connect SonarQube with GitHub and import your GitHub repositories into SonarQube. This is also the first step in adding authentication, and, starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), the first step in reporting your analysis and Quality Gate status to your pull requests. - -If you want to set up authentication without importing your GitHub repositories, see the **Creating a dedicated app for authentication** section below for instructions on setting up authentication. - -In this section, you'll complete the following steps to connect SonarQube and GitHub with a GitHub App: - -1. Create your GitHub App. -2. Install your GitHub App in your organization. -3. Update your SonarQube global settings with your GitHub App information. - -### Step 1: Creating your GitHub App -See GitHub's documentation on [creating a GitHub App](https://docs.github.com/apps/building-github-apps/creating-a-github-app/) for general information on creating your app. - -Specify the following settings in your app: - -- **GitHub App Name** – Your app's name. -- **Homepage URL** – You can use any URL, such as `https://www.sonarqube.org/`. -- **User authorization callback URL** – Your instance's base URL. For example, `https://yourinstance.sonarqube.com`. -- **Webhook URL** – To improve security, webhooks, by default, are not allowed to point to the SonarQube server since version 8.9LTS, therefore we recommend that you disable the feature. Unless you want to enable code scanning alerts for security vulnerabilities in GitHub, you should clear the **Webhook Active** checkbox to silence a forthcoming deprecation warning, and clear the **Webhook URL** and **Webhook secret** fields when creating your GitHub App. -- Grant access for the following **Repository permissions**: - - | Permission | Access | - |---------------------|--------------| - | Checks | Read & write | - | **GitHub Enterprise:** Repository metadata <br> **GitHub.com:** Metadata <br> (this setting is automatically set by GitHub)| Read-only | - | Pull Requests | Read & write | - | Commit statuses | Read-only | - -- For private repositories, grant access to the following **Repository permissions**: - - | Permission | Access | - |---------------------|--------------| - | Contents | Read-only | - - -- If setting up **GitHub Authentication**, in addition to the aforementioned Repository permissions, grant access for the following **User permissions**: - - | Permission | Access | - |---------------------|--------------| - | Email addresses | Read-only | - - And grant access for the following **Organization permissions**: - - | Permission | Access | - |---------------------|--------------| - | Members | Read-only | - | Projects | Read-only | - -- Under "Where can this GitHub App be installed?," select **Any account**. - -[[warning]] -| For security reasons, make sure you're using `HTTPS` protocol for your URLs in your app. - -### Step 2: Installing your GitHub App in your organization -Next, you need to install your GitHub App in your organizations. See GitHub's documentation on [installing GitHub Apps](https://docs.github.com/en/free-pro-team@latest/developers/apps/installing-github-apps) for more information. - -### Step 3: Updating your SonarQube global settings with your GitHub App information -After you've created and installed your GitHub App, update your global SonarQube settings to finish integration and allow for the import of GitHub projects. - -Navigate to **Administration > Configuration > General Settings > DevOps Platform Integrations > GitHub** and specify the following settings: - -- **Configuration Name** (Enterprise and Data Center Edition only) – The name used to identify your GitHub configuration at the project level. Use something succinct and easily recognizable. -- **GitHub URL** – For example, `https://github.company.com/api/v3` for GitHub Enterprise or `https://api.github.com/` for GitHub.com. -- **GitHub App ID** – The App ID is found on your GitHub App's page on GitHub at **Settings > Developer Settings > GitHub Apps**. -- **Client ID** – The Client ID is found on your GitHub App's page. -- **Client secret** – The Client secret is found on your GitHub App's page. Administrators can encrypt this secret at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. -- **Private Key** – Your GitHub App's private key. You can generate a `.pem` file from your GitHub App's page under **Private keys**. Copy and paste the whole contents of the file here. Administrators can encrypt this key at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. - -## Analyzing projects with GitHub Actions -SonarScanners running in GitHub Actions can automatically detect branches and pull requests being built so you don't need to specifically pass them as parameters to the scanner. - -To analyze your projects with GitHub Actions, you need to: -- Create your GitHub Secrets. -- Configure your workflow YAML file. -- Commit and push your code to start the analysis. - -### Creating your GitHub Secrets -You can create repository secrets from your GitHub repository. See GitHub's documentation on [Encrypted secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) for more information. - -You need to set the following GitHub repository secrets to analyze your projects with GitHub Actions: - -- `SONAR_TOKEN` – Generate a SonarQube [token](/user-guide/user-token/) and, in GitHub, create a new repository secret in GitHub with `SONAR_TOKEN` as the **Name** and the token you generated as the **Value**. - -- `SONAR_HOST_URL` – In GitHub, create a new repository secret with `SONAR_HOST_URL` as the **Name** and your SonarQube server URL as the **Value**. - -### Configuring your .github/workflows/build.yml file -This section shows you how to configure your `.github/workflows/build.yml` file. - -You'll set up your build according to your SonarQube edition: - -- **Community Edition** – Community Edition doesn't support multiple branches, so you should only analyze your main branch. You can restrict analysis to your main branch by setting it as the only branch in your `on.push.branches` configuration in your workflow YAML file, and not using `on.pull_request`. - -- **Developer Edition and above** – GitHub Actions can build specific branches and pull requests if you use `on.push.branches` and `on.pull-requests` configurations as shown in the examples below. - -Click the scanner you're using below to expand the example configuration: - -[[collapse]] -| ## SonarScanner for Maven -| -| **Note:** A project key might have to be provided through the command line parameter. For more information, see the [SonarScanner for Maven](/analysis/scan/sonarscanner-for-maven/) documentation. -| -| Write the following in your workflow YAML file: -| -|``` -| name: Build -| on: -| push: -| branches: -| - main # or the name of your main branch -| pull_request: -| types: [opened, synchronize, reopened] -| jobs: -| build: -| name: Build -| runs-on: ubuntu-latest -| steps: -| - uses: actions/checkout@v2 -| with: -| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis -| - name: Set up JDK 11 -| uses: actions/setup-java@v1 -| with: -| java-version: 11 -| - name: Cache SonarQube packages -| uses: actions/cache@v1 -| with: -| path: ~/.sonar/cache -| key: ${{ runner.os }}-sonar -| restore-keys: ${{ runner.os }}-sonar -| - name: Cache Maven packages -| uses: actions/cache@v1 -| with: -| path: ~/.m2 -| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} -| restore-keys: ${{ runner.os }}-m2 -| - name: Build and analyze -| env: -| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any -| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} -| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} -| run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -| ``` - -[[collapse]] -| ## SonarScanner for Gradle -| -| **Note:** A project key might have to be provided through a `build.gradle` file, or through the command line parameter. For more information, see the [SonarScanner for Gradle](/analysis/scan/sonarscanner-for-gradle/) documentation. -| -| Add the following to your `build.gradle` file: -| -| ``` -| plugins { -| id "org.sonarqube" version "3.5.0.2730" -| } -| ``` -| -| Write the following in your workflow YAML file: -| -| ``` -| name: Build -| on: -| push: -| branches: -| - main # or the name of your main branch -| pull_request: -| types: [opened, synchronize, reopened] -| jobs: -| build: -| name: Build -| runs-on: ubuntu-latest -| steps: -| - uses: actions/checkout@v2 -| with: -| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis -| - name: Set up JDK 11 -| uses: actions/setup-java@v1 -| with: -| java-version: 11 -| - name: Cache SonarQube packages -| uses: actions/cache@v1 -| with: -| path: ~/.sonar/cache -| key: ${{ runner.os }}-sonar -| restore-keys: ${{ runner.os }}-sonar -| - name: Cache Gradle packages -| uses: actions/cache@v1 -| with: -| path: ~/.gradle/caches -| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} -| restore-keys: ${{ runner.os }}-gradle -| - name: Build and analyze -| env: -| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any -| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} -| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} -| run: ./gradlew build sonar --info -| ``` - - -[[collapse]] -| ## SonarScanner for .NET -| -| Write the following in your workflow YAML file: -| -| ``` -| name: Build -| on: -| push: -| branches: -| - main # or the name of your main branch -| pull_request: -| types: [opened, synchronize, reopened] -| jobs: -| build: -| name: Build -| runs-on: windows-latest -| steps: -| - name: Set up JDK 11 -| uses: actions/setup-java@v1 -| with: -| java-version: 1.11 -| - uses: actions/checkout@v2 -| with: -| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis -| - name: Cache SonarQube packages -| uses: actions/cache@v1 -| with: -| path: ~\sonar\cache -| key: ${{ runner.os }}-sonar -| restore-keys: ${{ runner.os }}-sonar -| - name: Cache SonarQube scanner -| id: cache-sonar-scanner -| uses: actions/cache@v1 -| with: -| path: .\.sonar\scanner -| key: ${{ runner.os }}-sonar-scanner -| restore-keys: ${{ runner.os }}-sonar-scanner -| - name: Install SonarQube scanner -| if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' -| shell: powershell -| run: | -| New-Item -Path .\.sonar\scanner -ItemType Directory -| dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner -| - name: Build and analyze -| env: -| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any -| shell: powershell -| run: | -| .\.sonar\scanner\dotnet-sonarscanner begin /k:"example" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="${{ secrets.SONAR_HOST_URL }}" -| dotnet build -| .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}" -| ``` - -[[collapse]] -| ## SonarScanner CLI -| -| You can easily set up a basic configuration using the SonarQube Scan GitHub Action. You'll find the GitHub Action and configuration instructions on the [SonarQube Scan GitHub Action](https://github.com/marketplace/actions/official-sonarqube-scan) page on the GitHub Marketplace. - -#### **Failing the pipeline job when the Quality Gate fails** -You can use the [SonarQube Quality Gate Check GitHub Action](https://github.com/marketplace/actions/sonarqube-quality-gate-check) to ensure your code meets your quality standards by failing your pipeline job when your [Quality Gate](/user-guide/quality-gates/) fails. - -If you do not want to use the SonarQube Quality Gate Check Action, you can instruct the scanner to wait for the SonarQube Quality Gate status at the end of the analysis. To enable this, pass the `-Dsonar.qualitygate.wait=true` parameter to the scanner in the workflow YAML file. - -This will make the analysis step poll SonarQube regularly until the Quality Gate is computed. This will increase your pipeline duration. Note that, if the Quality Gate is red, this will make the analysis step fail, even if the actual analysis itself is successful. We advise only using this parameter when necessary (for example, to block a deployment pipeline if the Quality Gate is red). It should not be used to report the Quality Gate status in a pull request, as this is already done with pull request decoration. - -You can set the `sonar.qualitygate.timeout` property to an amount of time (in seconds) that the scanner should wait for a report to be processed. The default is 300 seconds. - -### Commit and push your code -Commit and push your code to start the analysis. Each new push you make on your branches or pull requests will trigger a new analysis in SonarQube. - -## Reporting your Quality Gate status in GitHub -After creating and installing your GitHub App above, SonarQube can report your Quality Gate status and analysis metrics directly to your GitHub branches and pull requests. - -To do this, add a project from GitHub by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and select **GitHub** from the drop-down menu. - -Then, follow the steps in SonarQube to analyze your project. SonarQube automatically sets the project settings required to show your Quality Gate in your branches and pull requests. - -[[info]] -| To report your Quality Gate status in your branches and pull requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for pull request analysis on the [Pull Request Analysis](/analysis/pull-request/) page. - -If you're creating your projects manually or adding Quality Gate reporting to an existing project, see the following section. - -### Reporting your Quality Gate status in manually created or existing projects -SonarQube can also report your Quality Gate status to GitHub pull requests and branches for existing and manually-created projects. After you've created and installed your GitHub App and updated your global DevOps Platform Integration settings as shown in the **Importing your GitHub repositories into SonarQube** section above, set the following project settings at **Project Settings > General Settings > DevOps Platform Integration**: - -- **Configuration name** – The configuration name that corresponds to your GitHub instance. -- **Repository identifier** – The path of your repository URL. - -### Advanced configuration - -[[collapse]] -| ## Reporting your Quality Gate status on pull requests and branches in a mono repository -| -| _Reporting Quality Gate statuses to branches and pull requests in a mono repository setup is supported starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ -| -| In a mono repository setup, multiple SonarQube projects, each corresponding to a separate project within the mono repository, are all bound to the same GitHub repository. You'll need to set up each SonarQube project that's part of a mono repository to report your Quality Gate status. -| -| You need to set up projects that are part of a mono repository manually as shown in the **Displaying your Quality Gate status in manually created or existing project** section above. You also need to set the **Enable mono repository support** setting to true at **Project Settings > General Settings > DevOps Platform Integration**. -| -| After setting your project settings, ensure that the correct project is being analyzed by adjusting the analysis scope and pass your project names to the scanner. See the following sections for more information. -| -| ### Ensuring the correct project is analyzed -| You need to adjust the analysis scope to make sure SonarQube doesn't analyze code from other projects in your mono repository. To do this set up a **Source File Inclusion** for your project at **Project Settings > Analysis Scope** with a pattern that will only include files from the appropriate folder. For example, adding `./MyFolderName/**/*` to your inclusions would only include analysis of code in the `MyFolderName` folder. See [Narrowing the Focus](/project-administration/narrowing-the-focus/) for more information on setting your analysis scope. -| -| ### Passing project names to the scanner -| Because of the nature of a mono repository, SonarQube scanners might read all project names of your mono repository as identical. To avoid having multiple projects with the same name, you need to pass the `sonar.projectName` parameter to the scanner. For example, if you're using the Maven scanner, you would pass `mvn sonar:sonar -Dsonar.projectName=YourProjectName`. - -[[collapse]] -| ## Showing your analysis summary under the GitHub Conversation tab -| By default, **Enable analysis summary under the GitHub Conversation tab** is on and your pull request analysis will be shown under both the **Conversation** and **Checks** tabs in GitHub. When off, your pull request analysis summary is only shown under the **Checks** tab. - -[[collapse]] -| ## Configuring multiple DevOps Platform instances -| SonarQube can report your Quality Gate status to multiple DevOps Platform instances. To do this, you need to create a configuration for each DevOps Platform instance and assign that configuration to the appropriate projects. -| -| - As part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can create one configuration for each DevOps Platform. -| -| - Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can create multiple configurations for each DevOps Platform. If you have multiple configurations of the same DevOps Platform connected to SonarQube, you have to create projects manually. - -[[collapse]] -| ## Linking issues -| When adding a Quality Gate status to your pull requests and branches, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`. - -## Authenticating with GitHub - -See [Authenticating with GitHub](/instance-administration/authentication/github/) - -## GitHub Code Scanning Alerts For Security Vulnerabilities - -Starting in Developer Edition, SonarQube can provide feedback about security vulnerabilities inside the GitHub interface itself. The security vulnerabilities found by SonarQube will appear both: -* in the SonarQube interface, as part of the analysis results displayed -* in the GitHub interface, as code scanning alerts under the **Security** tab - -> Note: This feature is part of the [GitHub Advanced Security package](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security) and is currently free for public projects. It is available as a paid option for private projects and GitHub Enterprise. This is entirely on the GitHub side. Sonar does not charge anything extra to enable the code scanning alerts feature. - -Before you can configure GitHub code scanning alerts for vulnerability issues, you must first import your GitHub repository to SonarQube as explained above. - -Once you've enabled this feature, you must run a SonarQube analysis to see your security vulnerabilities as GitHub code scanning alerts. - -### Configuring GitHub - -1. Go to **Settings > Developer settings > GitHub Apps** and select your GitHub App. -2. Go to the **General > Webhook** section and make sure the **active** checkbox is checked. -3. Add the following Webhook URL: `https://yourinstance.sonarqube.com/api/alm_integrations/webhook_github`. Replace `yourinstance.sonarqube.com` with your SonarQube instance. -4. Set a **Webhook secret** (see [GitHub's webhook security recommendations](https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks)). -5. Under **Permissions & events > Repository permissions > Code scanning alerts**, set the access level to **Read and write**. When you update this permission, GitHub sends an email to the GitHub organization's administrator, asking them to validate the changes on the installation of the GitHub App. -6. Under **Permissions & events > Subscribe to events**, check the **Code scanning alert** checkbox. - -### Configuring SonarQube - -1. In your SonarQube project, go to **Administration > DevOps Platform Integrations > GitHub** -2. Select your GitHub App and click **edit** -3. Enter the webhook secret defined in your GitHub App. - -You can now analyze a project in SonarQube and check that the detected vulnerability issues are displayed on the GitHub interface, in your repository's **Security** tab **>** **Code scanning alerts**. - -Select **View alerts** to see the full list: - - - -> **Managing access to security alerts**<br/> - In GitHub, you can [configure access to security alerts for a repository](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository). - -### About synchronized status changes - -When you change the status of a security vulnerability in the SonarQube interface, that status change is immediately reflected in the GitHub interface. - -For example, if you change an issue from **Open** to **Resolve as false positive** here in SonarQube: - - - -That change is reflected in the code scanning alerts in GitHub: - - - -Similarly, if you change an issue from **Open** to **Dismiss: Won't Fix** in GitHub for example, that change is reflected in SonarQube. - -### Correspondence of statuses - -Initially, all issues marked **Open** on SonarQube are marked **Open** on GitHub. But because the available statuses on the two systems are not exactly the same, the following logic is used to manage the transitions. - -| On SonarQube, a transition to | Results in this on GitHub| -|---|---| -|Confirm|Open| -|Resolve (Fixed)|Open| -|Resolve (Won't Fix)|Dismiss: Won't fix| -|Resolve (False Positive)|Dismiss: False positive| -|Reopened|Open| - -| On GitHub, a transition to | Results in this on SonarQube| -|---|---| -|Dismiss: False positive|Resolve (False Positive)| -|Dismiss: Used in tests|Resolve (Won't Fix)| -|Dismiss: Won't fix|Resolve (Won't Fix)| - diff --git a/server/sonar-docs/src/pages/analysis/gitlab-integration.md b/server/sonar-docs/src/pages/analysis/gitlab-integration.md deleted file mode 100644 index a7f85c6f4c0..00000000000 --- a/server/sonar-docs/src/pages/analysis/gitlab-integration.md +++ /dev/null @@ -1,214 +0,0 @@ ---- -title: GitLab Integration -url: /analysis/gitlab-integration/ ---- - -SonarQube's integration with GitLab Self-Managed and GitLab.com allows you to maintain code quality and security in your GitLab projects. - -With this integration, you'll be able to: - -- **Authenticate with GitLab** - Sign in to SonarQube with your GitLab credentials. -- **Import your GitLab projects** - Import your GitLab Projects into SonarQube to easily set up SonarQube projects. -- **Analyze projects with GitLab CI/CD** - Integrate analysis into your build pipeline. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), SonarScanners running in GitLab CI/CD jobs can automatically detect branches or merge requests being built so you don't need to specifically pass them as parameters to the scanner. -- **Report your Quality Gate status to your merge requests** - (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in GitLab so you know if it's safe to merge your changes. - -## Prerequisites -Integration with GitLab Self-Managed requires at least GitLab Self-Managed version 11.7. - -### Branch Analysis -Community Edition doesn't support the analysis of multiple branches, so you can only analyze your main branch. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and merge requests. - -## Authenticating with GitLab - -See [Authenticating with GitLab](/instance-administration/authentication/gitlab/) - -## Importing your GitLab projects into SonarQube -Setting up the import of GitLab projects into SonarQube allows you to easily create SonarQube projects from your GitLab projects. If you're using [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above, this is also the first step in adding merge request decoration. - -To set up the import of GitLab projects: - -1. Set your global settings -1. Add a personal access token for importing repositories - -### Setting your global settings -To import your GitLab projects into SonarQube, you need to first set your global SonarQube settings. Navigate to **Administration > Configuration > General Settings > DevOps Platform Integrations**, select the **GitLab** tab, and specify the following settings: - -- **Configuration Name** (Enterprise and Data Center Edition only) – The name used to identify your GitLab configuration at the project level. Use something succinct and easily recognizable. -- **GitLab URL** – The GitLab API URL. -- **Personal Access Token** – A GitLab user account is used to decorate Merge Requests. We recommend using a dedicated GitLab account with at least **Reporter** [permissions](https://docs.gitlab.com/ee/user/permissions.html) (the account needs permission to leave comments). Use a personal access token from this account with the **api** scope authorized for the repositories you're analyzing. Administrators can encrypt this token at **Administration > Configuration > Encryption**. See the **Settings Encryption** section of the [Security](/instance-administration/security/) page for more information. - - This personal access token is used to report your Quality Gate status to your pull requests. You'll be asked for another personal access token for importing projects in the following section. - -### Adding a personal access token for importing projects -After setting these global settings, you can add a project from GitLab by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and selecting **GitLab**. - -Then, you'll be asked to provide a personal access token with `read_api` scope so SonarQube can access and list your GitLab projects. This token will be stored in SonarQube and can be revoked at anytime in GitLab. - -After saving your Personal Access Token, you'll see a list of your GitLab projects that you can **set up** to add them to SonarQube. Setting up your projects this way also sets your project settings for merge request decoration. - -For information on analyzing your projects with GitLab CI/CD, see the following section. - -## Analyzing projects with GitLab CI/CD -SonarScanners running in GitLab CI/CD jobs can automatically detect branches or merge requests being built so you don't need to specifically pass them as parameters to the scanner. - -To analyze your projects with GitLab CI/CD, you need to: -- Set your environment variables. -- Configure your gilab-ci.yml file. - -The following sections detail these steps. - -[[warning]] -| You need to disable git shallow clone to make sure the scanner has access to all of your history when running analysis with GitLab CI/CD. For more information, see [Git shallow clone](https://docs.gitlab.com/ee/user/project/pipelines/settings.html#git-shallow-clone). - -### Setting environment variables -You can set environment variables securely for all pipelines in GitLab's settings. See GitLab's documentation on [Creating a Custom Environment Variable](https://docs.gitlab.com/ee/ci/variables/#creating-a-custom-environment-variable) for more information. - -You need to set the following environment variables in GitLab for analysis: - -- `SONAR_TOKEN` – Generate a SonarQube [token](/user-guide/user-token/) for GitLab and create a custom environment variable in GitLab with `SONAR_TOKEN` as the **Key** and the token you generated as the **Value**. - -- `SONAR_HOST_URL` – Create a custom environment variable with `SONAR_HOST_URL` as the **Key** and your SonarQube server URL as the **Value**. - -### Configuring your gitlab-ci.yml file - -This section shows you how to configure your GitLab CI/CD `gitlab-ci.yml` file. The `allow_failure` parameter in the examples allows a job to fail without impacting the rest of the CI suite. - -You'll set up your build according to your SonarQube edition: - -- **Community Edition** – Community Edition doesn't support multiple branches, so you should only analyze your main branch. You can restrict analysis to your main branch by adding the branch name to the `only` parameter in your .yml file. - -- **Developer Edition and above** By default, GitLab will build all branches but not Merge Requests. To build Merge Requests, you need to update the `.gitlab-ci.yml` file by adding `merge_requests` to the `only` parameter in your .yml. See the example configurations below for more information. - -Click the scanner you're using below to expand an example configuration: - -[[collapse]] -| ## SonarScanner for Gradle -| ``` -| sonarqube-check: -| image: gradle:jre11-slim -| variables: -| SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache -| GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task -| cache: -| key: "${CI_JOB_NAME}" -| paths: -| - .sonar/cache -| script: gradle sonarqube -Dsonar.qualitygate.wait=true -| allow_failure: true -| only: -| - merge_requests -| - main # or the name of your main branch -| - develop -| ``` - -[[collapse]] -| ## SonarScanner for Maven -| -| ``` -| sonarqube-check: -| image: maven:3.6.3-jdk-11 -| variables: -| SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache -| GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task -| cache: -| key: "${CI_JOB_NAME}" -| paths: -| - .sonar/cache -| script: -| - mvn verify sonar:sonar -Dsonar.qualitygate.wait=true -| allow_failure: true -| only: -| - merge_requests -| - main # or the name of your main branch -| - develop -| ``` - -[[collapse]] -| ## SonarScanner CLI -| -| ``` -| sonarqube-check: -| image: -| name: sonarsource/sonar-scanner-cli:latest -| entrypoint: [""] -| variables: -| SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache -| GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task -| cache: -| key: "${CI_JOB_NAME}" -| paths: -| - .sonar/cache -| script: -| - sonar-scanner -Dsonar.qualitygate.wait=true -| allow_failure: true -| only: -| - merge_requests -| - main # or the name of your main branch -| - develop -| ``` -| -| -| **Project key** -| A project key has to be provided through `sonar-project.properties` or through the command line parameter. For more information, see the [SonarScanner](/analysis/scan/sonarscanner/) documentation. -| -| **Self-signed certificates** -| If you secure your SonarQube instance with a self-signed certificate, you may need to build a custom image based on `sonarsource/sonar-scanner-cli`. See the section **Advanced Docker Configuration** within the [SonarScanner](/analysis/scan/sonarscanner/) documentation. -| - -#### **Failing the pipeline job when the Quality Gate fails** -In order for the Quality Gate to fail on the GitLab side when it fails on the SonarQube side, the scanner needs to wait for the SonarQube Quality Gate status. To enable this, set the `sonar.qualitygate.wait=true` parameter in the `.gitlab-ci.yml` file. - -You can set the `sonar.qualitygate.timeout` property to an amount of time (in seconds) that the scanner should wait for a report to be processed. The default is 300 seconds. - -### For more information -For more information on configuring your build with GitLab CI/CD, see the [GitLab CI/CD Pipeline Configuration Reference](https://gitlab.com/help/ci/yaml/README.md). - -## Reporting your Quality Gate status in GitLab - -After you've set up SonarQube to import your GitLab projects as shown in the previous section, SonarQube can report your Quality Gate status and analysis metrics directly to GitLab. - -To do this, add a project from GitLab by clicking the **Add project** button in the upper-right corner of the **Projects** homepage and select **GitLab** from the drop-down menu. - -Then, follow the steps in SonarQube to analyze your project. SonarQube automatically sets the project settings required to show your Quality Gate in your merge requests. - -[[info]] -| To report your Quality Gate status in your merge requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for merge request analysis on the [Pull Request Analysis](/analysis/pull-request/) page. - -If you're creating your projects manually or adding Quality Gate reporting to an existing project, see the following section. - -### Reporting your Quality Gate status in manually created or existing projects -SonarQube can also report your Quality Gate status to GitLab merge requests for existing and manually-created projects. After you've updated your global settings as shown in the **Importing your GitLab projects into SonarQube** section above, set the following project settings at **Project Settings > General Settings > DevOps Platform Integration**: - -- **Configuration name** – The configuration name that corresponds to your GitLab instance. -- **Project ID** – your GitLab Project ID found in GitLab - -### Advanced configuration - -[[collapse]] -| ## Reporting your Quality Gate status on pull requests in a mono repository -| -| _Reporting Quality Gate statuses to merge requests in a mono repository setup is supported starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ -| -| In a mono repository setup, multiple SonarQube projects, each corresponding to a separate project within the mono repository, are all bound to the same Bitbucket Cloud repository. You'll need to set up each SonarQube project that's part of a mono repository to report your Quality Gate status. -| -| You need to set up projects that are part of a mono repository manually as shown in the **Displaying your Quality Gate status in manually created or existing project** section above. You also need to set the **Enable mono repository support** setting to true at **Project Settings > General Settings > DevOps Platform Integration**. -| -| After setting your project settings, ensure the correct project is being analyzed by adjusting the analysis scope and pass your project names to the scanner. See the following sections for more information. -| -| ### Ensuring the correct project is analyzed -| You need to adjust the analysis scope to make sure SonarQube doesn't analyze code from other projects in your mono repository. To do this set up a **Source File Inclusion** for your project at **Project Settings > Analysis Scope** with a pattern that will only include files from the appropriate folder. For example, adding `./MyFolderName/**/*` to your inclusions would only include analysis of code in the `MyFolderName` folder. See [Narrowing the Focus](/project-administration/narrowing-the-focus/) for more information on setting your analysis scope. -| -| ### Passing project names to the scanner -| Because of the nature of a mono repository, SonarQube scanners might read all project names of your mono repository as identical. To avoid having multiple projects with the same name, you need to pass the `sonar.projectName` parameter to the scanner. For example, if you're using the Maven scanner, you would pass `mvn sonar:sonar -Dsonar.projectName=YourProjectName`. - -[[collapse]] -| ## Configuring multiple DevOps Platform instances -| SonarQube can report your Quality Gate status to multiple DevOps Platform instances. To do this, you need to create a configuration for each DevOps Platform instance and assign that configuration to the appropriate projects. -| -| - As part of [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can create one configuration for each DevOps Platform. -| -| - Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can create multiple configurations for each DevOps Platform. If you have multiple configurations of the same DevOps Platform connected to SonarQube, you have to create projects manually. - -[[collapse]] -| ## Linking issues -| When adding a Quality Gate status to your merge requests, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`. diff --git a/server/sonar-docs/src/pages/analysis/jenkins.md b/server/sonar-docs/src/pages/analysis/jenkins.md deleted file mode 100644 index 82a00ad276e..00000000000 --- a/server/sonar-docs/src/pages/analysis/jenkins.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Jenkins Integration -url: /analysis/jenkins/ ---- - -SonarScanners running in Jenkins can automatically detect branches and Merge or pull requests in certain jobs. You don't need to explicitly pass the branch or pull request details. - -## Analysis Prerequisites - -To run project analysis with Jenkins, you need to install and configure the following Jenkins plugins _in Jenkins_: - -- The SonarQube Scanner plugin. -- The Branch Source plugin that corresponds to your DevOps Platform (Bitbucket Server, GitHub, or GitLab) if you're analyzing multibranch pipeline jobs in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above. - -See the **Installing and Configuring your Jenkins plugins** section below for more information. - -## Installing and Configuring your Jenkins plugins - -### SonarQube Scanner plugin - -Click SonarQube Scanner below to expand instructions on installing and configuring the plugin. - -[[collapse]] -| ## SonarQube Scanner -| -| [SonarQube Scanner plugin](https://plugins.jenkins.io/sonar/) version 2.11 or later is required. -| -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Manage Plugins** and install the **SonarQube Scanner** plugin. -| 1. Back at the Jenkins Dashboard, navigate to **Credentials > System** from the left navigation. -| 1. Click the **Global credentials (unrestricted)** link in the **System** table. -| 1. Click **Add credentials** in the left navigation and add the following information: -| - **Kind**: Secret Text -| - **Scope**: Global -| - **Secret**: Generate a token at **User > My Account > Security** in SonarQube, and copy and paste it here. -| 1. Click **OK**. -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Configure System**. -| 1. From the **SonarQube Servers** section, click **Add SonarQube**. Add the following information: -| - **Name**: Give a unique name to your SonarQube instance. -| - **Server URL**: Your SonarQube instance URL. -| - **Credentials**: Select the credentials created during step 4. -| 1. Click **Save** - -### Branch Source plugin -_Required to analyze multibranch pipeline jobs in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above_ - -Click your DevOps Platform below to expand the instructions on installing and configuring the Branch Source plugin. - -[[collapse]] -| ## BitBucket Server -| -| [Bitbucket Branch Source plugin](https://plugins.jenkins.io/cloudbees-bitbucket-branch-source/) version 2.7 or later is required -| -| From the Jenkins Dashboard, navigate to **Manage Jenkins > Manage Plugins** and install the **Bitbucket Branch Source** plugin. Then configure the following: -| -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Configure System**. -| 1. From the **Bitbucket Endpoints** section, Click the **Add** drop-down menu and select **Bitbucket Server**. Add the following information: -| - **Name**: Give a unique name to your Bitbucket Server instance. -| - **Server URL**: Your Bitbucket Server instance URL. -| 1. Click **Save**. - -[[collapse]] -| ## BitBucket Cloud -| -| [Bitbucket Branch Source plugin](https://plugins.jenkins.io/cloudbees-bitbucket-branch-source/) version 2.7 or later is required -| -| From the Jenkins Dashboard, navigate to **Manage Jenkins > Manage Plugins** and install the **Bitbucket Branch Source** plugin. - -[[collapse]] -| ## GitHub -| -| [GitHub Branch Source plugin](https://plugins.jenkins.io/github-branch-source/) version 2.7.1 or later is required -| -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Manage Plugins** and install the **GitHub Branch Source** plugin. -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Configure System**. -| 1. From the **GitHub** or **GitHub Enterprise Servers** section, add your GitHub server. -| 1. Click **Save**. - -[[collapse]] -| ## GitLab -| -| [GitLab Branch Source plugin](https://plugins.jenkins.io/gitlab-branch-source/) version 1.5.3 or later is required -| -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Manage Plugins** and install the **GitLab Branch Source** plugin. -| 1. From the Jenkins Dashboard, navigate to **Manage Jenkins > Configure System**. -| 1. From the **GitLab** section, add your GitLab server. Make sure to check the **Manage Web Hooks** checkbox. -| 1. Click **Save**. - -### Configuring Jenkins through the SonarQube tutorial - -You can easily configure and analyze your projects with Jenkins through the tutorial in SonarQube. - -[[info]] -| You need to set up SonarQube to import your repositories before accessing the tutorial. See the **DevOps Platform Integrations** in the left-side navigation of this documentation for more information. -| -| A tutorial is currently available for all supported DevOps Platforms except Azure DevOps. - -To access the tutorial: - -1. Click the **Add project** drop-down in the upper-right corner of the **Projects** page in SonarQube and select your DevOps platform. -1. Select the repository you want to import into SonarQube. -1. When asked **How do you want to analyze your repository?**, select **With Jenkins**. - -See the **Installing and Configuring your Jenkins plugins** section below to set up your Jenkins plugins before going through the tutorial. - -## Configuring Single Branch Pipeline jobs -With Community Edition, you can only analyze a single branch. For more information, see the [SonarScanner for Jenkins](/analysis/scan/sonarscanner-for-jenkins/) documentation. - -## Configuring Multibranch Pipeline jobs - -Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and Pull Requests. The automatic configuration of branches and Pull Requests relies on environment variables available in Multibranch Pipeline jobs. These are set based on information exported by Jenkins plugins. - -For configuration examples, see the [SonarScanner for Jenkins](/analysis/scan/sonarscanner-for-jenkins/) documentation. - -### Configuring Multibranch Pipeline jobs for Pull Request Decoration -You need to configure your Multibranch Pipeline job correctly to avoid issues with Pull Request decoration. From your Multibranch Pipeline job in Jenkins, go to **Configure > Branch Sources > Behaviors**. - -For Bitbucket and GitHub, under **Discover pull requests from origin**, make sure **The current pull request revision** is selected. - -For GitLab, under **Discover merge requests from origin**, make sure **The current merge request revision** is selected. diff --git a/server/sonar-docs/src/pages/analysis/languages/abap.md b/server/sonar-docs/src/pages/analysis/languages/abap.md deleted file mode 100644 index e3ad2e2c8f8..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/abap.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: ABAP -url: /analysis/languages/abap/ ---- - -ABAP analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html). - -You can read more about ABAP analysis [here](https://docs.sonarqube.org/latest/analysis/languages/abap/). diff --git a/server/sonar-docs/src/pages/analysis/languages/apex.md b/server/sonar-docs/src/pages/analysis/languages/apex.md deleted file mode 100644 index 76f4937da4d..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/apex.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: Apex -url: /analysis/languages/apex/ ---- - -Apex analysis is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). - -You can read more about Apex analysis [here](https://docs.sonarqube.org/latest/analysis/languages/apex/). diff --git a/server/sonar-docs/src/pages/analysis/languages/cfamily.md b/server/sonar-docs/src/pages/analysis/languages/cfamily.md deleted file mode 100644 index 363fc7a1403..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/cfamily.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: C/C++/Objective-C -url: /analysis/languages/cfamily/ ---- - -C, C++, and Objective-C analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html). - -You can read more about C, C++, and Objective-C analysis [here](https://docs.sonarqube.org/latest/analysis/languages/cfamily/). diff --git a/server/sonar-docs/src/pages/analysis/languages/cobol.md b/server/sonar-docs/src/pages/analysis/languages/cobol.md deleted file mode 100644 index 84a4404b540..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/cobol.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: COBOL -url: /analysis/languages/cobol/ ---- - -COBOL analysis is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). - -You can read more about COBOL analysis [here](https://docs.sonarqube.org/latest/analysis/languages/cobol/). diff --git a/server/sonar-docs/src/pages/analysis/languages/csharp.md b/server/sonar-docs/src/pages/analysis/languages/csharp.md deleted file mode 100644 index 86ca89e3e9a..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/csharp.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: C# -url: /analysis/languages/csharp/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/flex.md b/server/sonar-docs/src/pages/analysis/languages/flex.md deleted file mode 100644 index 31e9cfd41fe..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/flex.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Flex -url: /analysis/languages/flex/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/go.md b/server/sonar-docs/src/pages/analysis/languages/go.md deleted file mode 100644 index b45fe3c4efe..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/go.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Go -url: /analysis/languages/go/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/html.md b/server/sonar-docs/src/pages/analysis/languages/html.md deleted file mode 100644 index 12dfe53530b..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/html.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: HTML -url: /analysis/languages/html/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/iac.md b/server/sonar-docs/src/pages/analysis/languages/iac.md deleted file mode 100644 index 8b53c8a63be..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/iac.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Terraform/CloudFormation -url: /analysis/languages/iac/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/java.md b/server/sonar-docs/src/pages/analysis/languages/java.md deleted file mode 100644 index 0e60936a861..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/java.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Java -url: /analysis/languages/java/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/javascript.md b/server/sonar-docs/src/pages/analysis/languages/javascript.md deleted file mode 100644 index d331d9b7ee4..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/javascript.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: JavaScript -url: /analysis/languages/javascript/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/kotlin.md b/server/sonar-docs/src/pages/analysis/languages/kotlin.md deleted file mode 100644 index e365c67efbd..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/kotlin.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Kotlin -url: /analysis/languages/kotlin/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/overview.md b/server/sonar-docs/src/pages/analysis/languages/overview.md deleted file mode 100644 index 0a1ad057918..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/overview.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -title: Overview -url: /analysis/languages/overview/ ---- - -SonarQube provides analysis of different languages depending on the edition you're running. - -| Language | Community Edition | Developer Edition | Enterprise Edition and Data Center Edtion | -| --------------------------------------------- | ---------------------- | ---------------------- | ----------------------------------------- | -| [ABAP](/analysis/languages/abap/) | |  |  | -| [Apex](/analysis/languages/apex/) | | |  | -| [C#](/analysis/languages/csharp/) |  |  |  | -| [C](/analysis/languages/cfamily/) | |  |  | -| [C++](/analysis/languages/cfamily/) | |  |  | -| [COBOL](/analysis/languages/cobol/) | | |  | -| [CSS](/analysis/languages/javascript/) |  |  |  | -| [Flex](/analysis/languages/flex/) |  |  |  | -| [Go](/analysis/languages/go/) |  |  |  | -| [Java](/analysis/languages/java/) |  |  |  | -| [JavaScript](/analysis/languages/javascript/) |  |  |  | -| [Kotlin](/analysis/languages/kotlin/) |  |  |  | -| [Objective-C](/analysis/languages/cfamily/) | |  |  | -| [PHP](/analysis/languages/php/) |  |  |  | -| [PLI](/analysis/languages/pli/) | | |  | -| [PLSQL](/analysis/languages/plsql/) | |  |  | -| [Python](/analysis/languages/python/) |  |  |  | -| [RPG](/analysis/languages/rpg/) | | |  | -| [Ruby](/analysis/languages/ruby/) |  |  |  | -| [Scala](/analysis/languages/scala/) |  |  |  | -| [Swift](/analysis/languages/swift/) | |  |  | -| [TypeScript](/analysis/languages/javascript/) |  |  |  | -| [TSQL](/analysis/languages/tsql/) | |  |  | -| [VB.NET](/analysis/languages/vbnet/) |  |  |  | -| [VB6](/analysis/languages/vb6/) | | |  | -| [HTML](/analysis/languages/html/) |  |  |  | -| [XML](/analysis/languages/xml/) |  |  |  | - -In this section, you'll find documentation related to languages supported by SonarSource. diff --git a/server/sonar-docs/src/pages/analysis/languages/php.md b/server/sonar-docs/src/pages/analysis/languages/php.md deleted file mode 100644 index 3b16adac96d..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/php.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: PHP -url: /analysis/languages/php/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/pli.md b/server/sonar-docs/src/pages/analysis/languages/pli.md deleted file mode 100644 index bf891bde850..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/pli.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: PLI -url: /analysis/languages/pli/ ---- - -PLI analysis is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). - -You can read more about PLI analysis [here](https://docs.sonarqube.org/latest/analysis/languages/pli/). diff --git a/server/sonar-docs/src/pages/analysis/languages/plsql.md b/server/sonar-docs/src/pages/analysis/languages/plsql.md deleted file mode 100644 index e3dab77b9b8..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/plsql.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: PL/SQL -url: /analysis/languages/plsql/ ---- - -PL/SQL analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html). - -You can read more about PL/SQL analysis [here]( https://docs.sonarqube.org/latest/analysis/languages/plsql/). diff --git a/server/sonar-docs/src/pages/analysis/languages/python.md b/server/sonar-docs/src/pages/analysis/languages/python.md deleted file mode 100644 index 862f004362e..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/python.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Python -url: /analysis/languages/python/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/rpg.md b/server/sonar-docs/src/pages/analysis/languages/rpg.md deleted file mode 100644 index acf9076d880..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/rpg.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: RPG -url: /analysis/languages/rpg/ ---- - -RPG analysis is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). - -You can read more about RPG analysis [here](https://docs.sonarqube.org/latest/analysis/languages/rpg/). diff --git a/server/sonar-docs/src/pages/analysis/languages/ruby.md b/server/sonar-docs/src/pages/analysis/languages/ruby.md deleted file mode 100644 index 3f17a3d4fb2..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/ruby.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Ruby -url: /analysis/languages/ruby/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/scala.md b/server/sonar-docs/src/pages/analysis/languages/scala.md deleted file mode 100644 index 5a6786b51d1..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/scala.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Scala -url: /analysis/languages/scala/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/swift.md b/server/sonar-docs/src/pages/analysis/languages/swift.md deleted file mode 100644 index 3fe5b33455b..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/swift.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: Swift -url: /analysis/languages/swift/ ---- - -Swift analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html). - -You can read more about Swift analysis [here](https://docs.sonarqube.org/latest/analysis/languages/swift/). diff --git a/server/sonar-docs/src/pages/analysis/languages/tsql.md b/server/sonar-docs/src/pages/analysis/languages/tsql.md deleted file mode 100644 index c46da19d731..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/tsql.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: T-SQL -url: /analysis/languages/tsql/ ---- - -T-SQL analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html). - -You can read more about T-SQL analysis [here](https://docs.sonarqube.org/latest/analysis/languages/tsql/). diff --git a/server/sonar-docs/src/pages/analysis/languages/vb6.md b/server/sonar-docs/src/pages/analysis/languages/vb6.md deleted file mode 100644 index 0001878bee8..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/vb6.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: VB6 -url: /analysis/languages/vb6/ ---- - -VB6 analysis is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). - -You can read more about VB6 analysis [here](https://docs.sonarqube.org/latest/analysis/languages/vb6/). diff --git a/server/sonar-docs/src/pages/analysis/languages/vbnet.md b/server/sonar-docs/src/pages/analysis/languages/vbnet.md deleted file mode 100644 index 335d637c181..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/vbnet.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: VB.NET -url: /analysis/languages/vbnet/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/languages/xml.md b/server/sonar-docs/src/pages/analysis/languages/xml.md deleted file mode 100644 index 266ba5143f1..00000000000 --- a/server/sonar-docs/src/pages/analysis/languages/xml.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: XML -url: /analysis/languages/xml/ ---- - -This is a placeholder file. It is required for Gatsby, but its content will be dynamically replaced. diff --git a/server/sonar-docs/src/pages/analysis/overview.md b/server/sonar-docs/src/pages/analysis/overview.md deleted file mode 100644 index 8598032e3a9..00000000000 --- a/server/sonar-docs/src/pages/analysis/overview.md +++ /dev/null @@ -1,60 +0,0 @@ ---- -title: Overview -url: /analysis/overview/ ---- - -Once the SonarQube platform has been installed, you're ready to install a scanner and begin creating projects. To do that, you must install and configure the scanner that is most appropriate for your needs. Do you build with: - -* Gradle - [SonarScanner for Gradle](/analysis/scan/sonarscanner-for-gradle/) -* .NET - [SonarScanner for .NET](/analysis/scan/sonarscanner-for-msbuild/) -* Maven - use the [SonarScanner for Maven](/analysis/scan/sonarscanner-for-maven/) -* Jenkins - [SonarScanner for Jenkins](/analysis/scan/sonarscanner-for-jenkins/) -* Azure DevOps - [SonarQube Extension for Azure DevOps](/analysis/scan/sonarscanner-for-azure-devops/) -* Ant - [SonarScanner for Ant](/analysis/scan/sonarscanner-for-ant/) -* anything else (CLI) - [SonarScanner](/analysis/scan/sonarscanner/) - -[[info]] -| SonarQube integrations are supported for popular DevOps Platforms: GitHub Enterprise and GitHub.com, BitBucket Server, Azure Devops Server and Azure DevOps Services. - -[[warning]] -| We do not recommend running an antivirus scanner on the machine where a SonarQube analysis runs, it could result in unpredictable behavior. - - -A project is created in SonarQube automatically on its first analysis. However, if you need to set some configuration on your project before its first analysis, you have the option of provisioning it via Administration options or the **+** menu item, which is visible to users with project creation rights. - - -## What does analysis produce? -SonarQube can analyze up to 29 different languages depending on your edition. The outcome of this analysis will be quality measures and issues (instances where coding rules were broken). However, what gets analyzed will vary depending on the language: - -* On all languages, "blame" data will automatically be imported from supported SCM providers. [Git and SVN are supported automatically](/analysis/scm-integration/). Other providers require additional plugins. -* On all languages, a static analysis of source code is performed (Java files, COBOL programs, etc.) -* For certain languages, the static analysis should be done on compiled code ( .class files in Java, .dll files in C#, etc.) - - -## Will all files be analyzed? -By default, only files that are recognized by your edition of SonarQube are loaded into the project during analysis. -For example if you're using SonarQube Community Edition, which includes analysis of Java and JavaScript, but not C++, all `.java` and `.js` files would be loaded, but `.cpp` files would be ignored. - -## What about branches and pull requests? -_Developer Edition_ adds the ability to analyze your project's [branches](/branches/overview/) and [pull requests](/analysis/pull-request/) as well as the ability to automatically report your pull request analysis to your DevOps Platform interface. - -## What happens during analysis? -During analysis, data is requested from the server, the files provided to the analysis are analyzed, and the resulting data is sent back to the server at the end in the form of a report, which is then analyzed asynchronously server-side. - -Analysis reports are queued, and processed sequentially, so it is quite possible that for a brief period after your analysis log shows completion, the updated values are not visible in your {instance} project. However, you will be able to tell what's going on because an icon will be added on the project homepage to the right of the project name. Mouse over it for more detail (and links if you're logged in with the proper permissions). - - - - -The icon goes away once processing is complete, but if analysis report processing fails for some reason, the icon changes: - - - - -## FAQ - -**Q.** Analysis errors out with `java.lang.OutOfMemoryError: GC overhead limit exceeded`. What do I do? -**A.** This means your project is too large or too intricate for the scanner to analyze with the default memory allocation. To fix this you'll want to allocate a larger heap (using `-Xmx[numeric value here]`) to the process running the analysis. Some CI engines may give you an input to specify the necessary values, for instance if you're using a Maven Build Step in a Jenkins job to run analysis. Otherwise, use Java Options to set a higher value. Note that details of setting Java Options are omitted here because they vary depending on the environment. - -**Q.** Analysis errors out with `PKIX path building failed`. What do I do? -**A.** This error tells you that your SonarQube server is configured with HTTPS and a custom SSL certificate. However, the certificate is not correctly configured in the scanner machine’s JVM. This configuration is outside of SonarQube scope. The server certificate is unknown and could not be validated with the provided truststore. You need to add the SonarQube server certificate to the Java truststore. See [Oracle's documentation](https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html) for more information. diff --git a/server/sonar-docs/src/pages/analysis/pull-request.md b/server/sonar-docs/src/pages/analysis/pull-request.md deleted file mode 100644 index 4c6f5dab738..00000000000 --- a/server/sonar-docs/src/pages/analysis/pull-request.md +++ /dev/null @@ -1,63 +0,0 @@ ---- -title: Pull Request Analysis -url: /analysis/pull-request/ ---- - -_Pull Request analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)._ - -You can see your Pull Requests in SonarQube from the Branches and Pull Requests dropdown menu of your project. - -Pull Request analysis shows your Pull Request's Quality Gate and analysis in the SonarQube interface. This analysis shows new issues introduced by the Pull Request before merging with the target branch: - - - -The New Code should be your focus moving forward when using the [Clean as you code](/user-guide/clean-as-you-code/) strategy. More about this can be found in the SonarQube [User Guide Concepts](https://docs.sonarqube.org/latest/user-guide/concepts/) pages. - -## Prerequisites - -Before analyzing your Pull Requests, make sure that: -- The Pull Request source branch is checked out in the local repository. -- The branch being targeted by the Pull Request is fetched and present in the local repository. -- The analysis is being run on a local repository with valid repository metadata (e.g. the .git or .svn folders have not been removed). - Avoid any attempt at previewing the merge or actions involving your main branch. - -## Report pull request status to your DevOps Platform -You can also report the pull request analysis and Quality Gate status directly in your DevOps Platform's interface. To set up pull request decoration, see the DevOps Platform integration page that corresponds with your DevOps Platform: -- [GitHub Enterprise and GitHub.com](/analysis/github-integration/) -- [GitLab Self-Managed and GitLab.com](/analysis/gitlab-integration/) -- [Bitbucket Server](/analysis/bitbucket-integration/) -- [Bitbucket Cloud](/analysis/bitbucket-cloud-integration/) -- [Azure DevOps](/analysis/azuredevops-integration/) - -[[info]] -| To decorate Pull Requests, a SonarQube analysis needs to be run on your code. You can find the additional parameters required for Pull Request analysis below in the **Analysis parameters** section. - -## Pull request Quality Gate - -A [Quality Gate](/user-guide/quality-gates/) lets you ensure you are meeting your organization's quality policy and that you can merge your pull request. The pull request uses your project Quality Gate as follows: -* **Focuses on new code** – The Pull Request quality gate only uses your project's quality gate conditions that apply to "on New Code" metrics using the [Clean as you code](/user-guide/clean-as-you-code/) strategy. -* **Assigns a status** – Each Pull Request shows a quality gate status reflecting whether it Passed or Failed. - -Pull request analyses on SonarQube are deleted automatically after 30 days with no analysis. This can be updated in **Administration > Configuration > General Settings > Housekeeping > Number of days before purging inactive branches**. - -## Analysis parameters - -The following parameters enable Pull Request analysis. - -[[info]] -| Scanners can automatically detect Pull Request parameters when running on the following CI services: -| * Azure Pipelines -| * Bitbucket Pipelines -| * Cirrus CI -| * Codemagic -| * GitHub Actions -| * GitLab CI/CD -| * Jenkins (with the Branch Source plugin configured) -| -| Manually setting Pull Request parameters overrides automatic detection. - -| Parameter Name | Description | -| --------------------- | ---------------------------------- | -| `sonar.pullrequest.key` | Unique identifier of your Pull Request. Must correspond to the key of the Pull Request in your DevOps Platform.<br/> e.g.: `sonar.pullrequest.key=5` | -| `sonar.pullrequest.branch` | The name of the branch that contains the changes to be merged.<br/> e.g.: `sonar.pullrequest.branch=feature/my-new-feature` | -| `sonar.pullrequest.base` | The branch into which the Pull Request will be merged. <br/> Default: master <br/> e.g.: `sonar.pullrequest.base=master` | diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-ant.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-ant.md deleted file mode 100644 index 9129c3f0945..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-ant.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: SonarScanner for Ant -url: /analysis/scan/sonarscanner-for-ant/ ---- - -<!-- static --> -<update-center updatecenterkey="scannerant"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-ant.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -The SonarScanner for Ant provides a `task` to allow integration of SonarQube analysis into an Apache Ant build script. - -The SonarScanner for Ant is an Ant Task that is a wrapper of [SonarScanner](/analysis/scan/sonarscanner/), which works by invoking SonarScanner and passing to it all [properties](/analysis/analysis-parameters/) named following a `sonar.*` convention. This has the downside of not being very Ant-y, but the upside of providing instant availability of any new analysis parameter introduced by a new version of SonarQube. Therefore, successful use of the SonarScanner for Ant requires strict adherence to the property names shown below. - -## Using the SonarScanner for Ant -Define a new sonar Ant target in your Ant build script: -``` -<!-- build.xml --> -<project name="My Project" default="all" basedir="." xmlns:sonar="antlib:org.sonar.ant"> -... - -<!-- Define the SonarQube global properties (the most usual way is to pass these properties via the command line) --> -<property name="sonar.host.url" value="http://localhost:9000" /> - -... - -<!-- Define the SonarQube project properties --> -<property name="sonar.projectKey" value="org.sonarqube:sonarqube-scanner-ant" /> -<property name="sonar.projectName" value="Example of SonarScanner for Ant Usage" /> -<property name="sonar.projectVersion" value="1.0" /> -<property name="sonar.sources" value="src" /> -<property name="sonar.java.binaries" value="build" /> -<property name="sonar.java.libraries" value="lib/*.jar" /> -... - -<!-- Define SonarScanner for Ant Target --> -<target name="sonar"> - <taskdef uri="antlib:org.sonar.ant" resource="org/sonar/ant/antlib.xml"> - <!-- Update the following line, or put the "sonarqube-ant-task-*.jar" file in your "$HOME/.ant/lib" folder --> - <classpath path="path/to/sonar/ant/task/lib/sonarqube-ant-task-*.jar" /> - </taskdef> - - <!-- Execute SonarScanner for Ant Analysis --> - <sonar:sonar /> -</target> -``` - -Run the following command from the project base directory to launch the analysis. You need to pass an [authentication token](/user-guide/user-token/) using the `sonar.login` property in your command line: -``` -ant sonar -Dsonar.login=yourAuthenticationToken -``` - -## Sample Project -To help you get started, a simple project sample is available here: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner-ant - -## Troubleshooting -**Enable Debug Logs** -To enable debug logs, use the regular Ant verbose option: `-v` -``` -ant sonar -v -``` diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-azure-devops.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-azure-devops.md deleted file mode 100644 index 27f656233dc..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-azure-devops.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: SonarQube Extension for Azure DevOps -url: /analysis/scan/sonarscanner-for-azure-devops/ ---- - -<!-- static --> -<update-center updatecenterkey="scannerazure"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-azure.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -The [SonarQube Extension for Azure DevOps](https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarqube) makes it easy to integrate analysis into your build pipeline. The extension allows the analysis of all languages supported by SonarQube. - -## Compatibility -The SonarQube Extension for Azure DevOps 5.x is compatible with: -* Azure DevOps Server 2019 (including _Express_ editions) -* Azure DevOps Server 2020 (including _Express_ editions) -* Azure DevOps Services - -The SonarQube Extension for Azure DevOps 4.x is compatible with: -* TFS 2017 Update 2+ (including _Express_ editions) -* TFS 2018 (including _Express_ editions) - -## Analysis -For information on setting up analysis with the SonarQube Extension for Azure DevOps, see the [Azure DevOps DevOps Platform integration](/analysis/azuredevops-integration/) page. diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-gradle.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-gradle.md deleted file mode 100644 index 90e0a2fb88c..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-gradle.md +++ /dev/null @@ -1,210 +0,0 @@ ---- -title: SonarScanner for Gradle -url: /analysis/scan/sonarscanner-for-gradle/ ---- - -<!-- static --> -<update-center updatecenterkey="scannergradle"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-gradle.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -The SonarScanner for Gradle provides an easy way to start the scan of a Gradle project. - -The ability to execute the SonarScanner analysis via a regular Gradle task makes it available anywhere Gradle is available (developer build, CI server, etc.), without the need to manually download, setup, and maintain a SonarScanner CLI installation. The Gradle build already has much of the information needed for the SonarScanner to successfully analyze a project. By preconfiguring the analysis based on that information, the need for manual configuration is reduced significantly. - -## Prerequisites -* Gradle versions 5+ -* At least the minimal version of Java supported by your SonarQube server is in use - -Bytecode created by javac compilation is required for Java analysis, including Android projects. - -## Configure the Scanner -Installation is automatic, but certain global properties should still be configured. A good place to configure global properties is `~/.gradle/gradle.properties`. Be aware that the scanner uses system properties so all properties should be prefixed by `systemProp`. - -``` -# gradle.properties -systemProp.sonar.host.url=http://localhost:9000 -``` - -## Analyzing -First, you need to activate the scanner in your build. For Gradle 2.1+, apply the SonarQube plugin dependency to your build.gradle file below:: - -``` -plugins { - id "org.sonarqube" version "3.5.0.2730" -} -``` - -Ensure that you declare the plugins in the correct sequence required by Gradle, that is, after the buildscript block in your build.gradle file. More details on https://plugins.gradle.org/plugin/org.sonarqube - -Assuming a local SonarQube server with out-of-the-box settings is up and running, no further configuration is required. - -You need to pass an [authentication token](/user-guide/user-token/) using the `sonar.login` property in your command line or you configure it as part of your `gradle.properties` file. Execute `gradle sonar -Dsonar.login=yourAuthenticationToken` and wait until the build has completed, then open the web page indicated at the bottom of the console output. You should now be able to browse the analysis results. - -## Analyzing Multi-Project Builds -To analyze a project hierarchy, apply the SonarQube plugin to the root project of the hierarchy. Typically (but not necessarily) this will be the root project of the Gradle build. Information pertaining to the analysis as a whole has to be configured in the sonar block of this project. Any properties set on the command line also apply to this project. - -``` -// build.gradle -sonar { - properties { - property "sonar.sourceEncoding", "UTF-8" - } -} -``` - -Configuration shared between subprojects can be configured in a subprojects block. -``` -// build.gradle -subprojects { - sonar { - properties { - property "sonar.sources", "src" - } - } -} -``` - -Project-specific information is configured in the `sonar` block of the corresponding project. -``` -// build.gradle -project(":project1") { - sonar { - properties { - property "sonar.branch", "Foo" - } - }} -``` - -To skip SonarScanner analysis for a particular subproject, set sonar.skipProject to true. -``` -// build.gradle -project(":project2") { - sonar { - skipProject = true - } -} -``` - -## Task dependencies -All tasks that produce output that should be included in the SonarScanner analysis need to be executed before the `sonar` task runs. Typically, these are compile tasks, test tasks, and [code coverage](/analysis/coverage/) tasks. - -Starting with v3.0 of the SonarScanner for Gradle, task dependencies are no longer added automatically. Instead, the SonarScanner plugin enforces the correct order of tasks with `mustRunAfter`. You need to be either manually run the tasks that produce output before `sonarqube`, or you can add a dependency to the build script: - -``` -// build.gradle -project.tasks["sonar"].dependsOn "anotherTask" -``` - -## Sample project -A simple working example is available at this URL so you can check everything is correctly configured in your env: -https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner-gradle - - -## Analysis property defaults -The SonarScanner for Gradle uses information contained in Gradle's object model to provide smart defaults for most of the standard [analysis parameters](/analysis/analysis-parameters/), as listed below. - -Gradle defaults for standard Sonar properties: - -Property|Gradle default ----|--- -`sonar.projectKey`|`[${project.group}:]${project.name}` for root module; `<root module key>:<module path>` for submodules -`sonar.projectName`|`${project.name}` -`sonar.projectDescription`|`${project.description}` -`sonar.projectVersion`|`${project.version}` -`sonar.projectBaseDir`|`${project.projectDir}` -`sonar.working.directory`|`${project.buildDir}/sonar` - -Notice that additional defaults are provided for projects that have the java-base or java plugin applied: - -Property|Gradle default ----|--- -`sonar.sourceEncoding`|`${project.compileJava.options.encoding}` -`sonar.java.source`|`${project.sourceCompatibility}` -`sonar.java.target`|`${project.targetCompatibility}` -`sonar.sources`|`${sourceSets.main.allJava.srcDirs}` (filtered to only include existing directories) -`sonar.tests`|`${sourceSets.test.allJava.srcDirs}` (filtered to only include existing directories) -`sonar.java.binaries`|`${sourceSets.main.output.classesDir}` -`sonar.java.libraries`|`${sourceSets.main.compileClasspath}` (filtering to only include files; rt.jar and jfxrt.jar added if necessary) -`sonar.java.test.binaries`|`${sourceSets.test.output.classesDir}` -`sonar.java.test.libraries`|`${sourceSets.test.compileClasspath}` (filtering to only include files; rt.jar and jfxrt.jar added if necessary) -`sonar.junit.reportPaths`|`${test.testResultsDir}` (if the directory exists) - -Groovy projects get all the Java defaults, plus: - -Property|Gradle default ----|--- -`sonar.groovy.binaries`|`${sourceSets.main.output.classesDir}` - - -Additional defaults when JaCoCo plugin is applied - -Property|Gradle default ----|--- -`sonar.jacoco.reportPaths`|`${jacoco.destinationFile}` -`sonar.groovy.jacoco.reportPath`|`${jacoco.destinationFile}` - -Additional defaults for Android projects (`com.android.application`, `com.android.library`, or `com.android.test`) -By default the first variant of type "debug" will be used to configure the analysis. You can override the name of the variant to be used using the parameter 'androidVariant': - -``` -build.gradle -sonar { - androidVariant 'fullDebug' -} -``` - -Property| Gradle default ----|--- -`sonar.sources` (for non test variants)|`${variant.sourcesets.map}` (ManifestFile/CDirectories/AidlDirectories/AssetsDirectories/CppDirectories/JavaDirectories/RenderscriptDirectories/ResDirectories/ResourcesDirectories) -`sonar.tests` (for test variants)|`${variant.sourcesets.map}` (ManifestFile/CDirectories/AidlDirectories/AssetsDirectories/CppDirectories/JavaDirectories/RenderscriptDirectories/ResDirectories/ResourcesDirectories) -`sonar.java[.test].binaries`|`${variant.destinationDir}` -`sonar.java[.test].libraries`|`${variant.javaCompile.classpath} + ${bootclasspath}` -`sonar.java.source`|`${variant.javaCompile.sourceCompatibility}` -`sonar.java.target`|`${variant.javaCompile.targetCompatibility}` - - -## Passing manual properties / overriding defaults -The SonarScanner for Gradle adds a SonarExtension extension to project and its subprojects, which allows you to configure/override the analysis properties. -``` -// in build.gradle -sonar { - properties { - property "sonar.exclusions", "**/*Generated.java" - } -} -``` -Sonar properties can also be set from the command line, or by setting a system property named exactly like the Sonar property in question. This can be useful when dealing with sensitive information (e.g. credentials), environment information, or for ad-hoc configuration. - -``` -gradle sonar -Dsonar.host.url=http://sonar.mycompany.com -Dsonar.verbose=true -``` - -While certainly useful at times, we recommend keeping the bulk of the configuration in a (versioned) build script, readily available to everyone. -A Sonar property value set via a system property overrides any value set in a build script (for the same property). When analyzing a project hierarchy, values set via system properties apply to the root project of the analyzed hierarchy. Each system property starting with `sonar.` will be taken into account. - - - -### Analyzing Custom Source Sets -By default, the SonarScanner for Gradle passes on the project's main source set as production sources, and the project's test source set as test sources. This works regardless of the project's source directory layout. Additional source sets can be added as needed. - -``` -// build.gradle -sonar { - properties { - properties["sonar.sources"] += sourceSets.custom.allSource.srcDirs - properties["sonar.tests"] += sourceSets.integTest.allSource.srcDirs - } -} -``` - -## Advanced topics -### More on configuring Sonar properties -Let's take a closer look at the `sonar.properties` `{}` block. As we have already seen in the examples, the `property()` method allows you to set new properties or override existing ones. Furthermore, all properties that have been configured up to this point, including all properties preconfigured by Gradle, are available via the properties accessor. - -Entries in the properties map can be read and written with the usual Groovy syntax. To facilitate their manipulation, values still have their “idiomatic” type (File, List, etc.). After the sonarProperties block has been evaluated, values are converted to Strings as follows: Collection values are (recursively) converted to comma-separated Strings, and all other values are converted by calling their `toString()` methods. - -Because the `sonarProperties` block is evaluated lazily, properties of Gradle's object model can be safely referenced from within the block, without having to fear that they have not yet been set. diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md deleted file mode 100644 index 27e3443a4f1..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md +++ /dev/null @@ -1,275 +0,0 @@ ---- -title: Jenkins Extension for SonarQube -url: /analysis/scan/sonarscanner-for-jenkins/ ---- - -<!-- static --> -<update-center updatecenterkey="scannerjenkins"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-jenkins.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -This plugin lets you centralize the configuration of SonarQube server connection details in Jenkins global configuration. - -Then you can trigger SonarQube analysis from Jenkins using standard Jenkins Build Steps or [Jenkins Pipeline DSL](https://jenkins.io/solutions/pipeline/) to trigger analysis with: - -* [SonarScanner](/analysis/scan/sonarscanner/) -* [SonarScanner for Maven](/analysis/scan/sonarscanner-for-maven/) -* [SonarScanner for Gradle](/analysis/scan/sonarscanner-for-gradle/) -* [SonarScanner for .NET](/analysis/scan/sonarscanner-for-msbuild/) - -Once the job is complete, the plugin will detect that a SonarQube analysis was made during the build and display a badge and a widget on the job page with a link to the SonarQube dashboard as well as quality gate status. - -## Installation -1. [Install the Jenkins Extension for SonarQube via the Jenkins Update Center](https://plugins.jenkins.io/sonar). -1. Configure your SonarQube server(s): - 1. Log into Jenkins as an administrator and go to **Manage Jenkins > Configure System**. - 1. Scroll down to the SonarQube configuration section, click **Add SonarQube**, and add the values you're prompted for. - 1. The server [authentication token](/user-guide/user-token/) should be created as a 'Secret Text' credential. - -## Analyzing a .NET solution -**Global Configuration** - -This step is mandatory if you want to trigger any of your analyses with the SonarScanner for .NET. You can define as many scanner instances as you wish. Then for each Jenkins job, you will be able to choose which launcher to use to run the SonarQube analysis. - -1. Log into Jenkins as an administrator and go to **Manage Jenkins > Global Tool Configuration** -1. Click on **Add SonarScanner for MSBuild** -1. Add an installation of the latest available version. Check **Install automatically** to have the SonarScanner for MSBuild automatically provisioned on your Jenkins executors - -If you do not see any available version under Install from GitHub, first go to Manage Jenkins > Manage Plugins > Advanced and click on Check now - -**Job Configuration** - -1. Configure the project, and go to the **Build** section. -1. Add the SonarQube for MSBuild - Begin Analysis to your build -1. Configure the SonarQube Project Key, Name, and Version in the SonarScanner for MSBuild - Begin Analysis build step -1. Add the MSBuild build step or the Execute Windows batch command to execute the build with MSBuild 14 (see compatibility) to your build. -1. Add the SonarQube for MSBuild - End Analysis build steps to your build - -## Analyzing a Java project with Maven or Gradle -**Global Configuration** - -1. Log into Jenkins as an administrator and go to Manage Jenkins > Configure System -1. Scroll to the SonarQube servers section and check Enable injection of SonarQube server configuration as build environment variables - -**Job Configuration** - -1. **Configure** the project, and go to the **Build Environment** section. -1. Enable **Prepare SonarScanner environment** to allow the injection of SonarQube server values into this particular job. If multiple SonarQube instances are configured, you will be able to choose which one to use. -Once the environment variables are available, use them in a standard Maven build step (Invoke top-level Maven targets) by setting the Goals to include, or a standard Gradle build step (Invoke Gradle script) by setting the Tasks to execute. - -Maven goal: -``` -$SONAR_MAVEN_GOAL -``` -Gradle task: -``` -sonarqube -``` - -In both cases, launching your analysis may require authentication. In that case, make sure that the Global Configuration defines a valid SonarQube token. - -## Analyzing other project types - -**Global Configuration** -This step is mandatory if you want to trigger any of your SonarQube analyses with the SonarScanner. You can define as many scanner instances as you wish. Then for each Jenkins job, you will be able to choose which launcher to use to run the SonarQube analysis. - -1. Log into Jenkins as an administrator and go to **Manage Jenkins > Global Tool Configuration** -1. Scroll down to the SonarScanner configuration section and click on Add SonarScanner. It is based on the typical Jenkins tool auto-installation. You can either choose to point to an already installed version of SonarScanner (uncheck 'Install automatically') or tell Jenkins to grab the installer from a remote location (check 'Install automatically') - -If you don't see a drop-down list with all available SonarScanner versions but instead see an empty text field then this is because Jenkins still hasn't downloaded the required update center file (default period is 1 day). You may force this refresh by clicking the 'Check Now' button in Manage Plugins > Advanced tab. - -**Job Configuration** - -1. **Configure** the project, and go to the **Build** section. -1. Add the SonarScanner build step to your build. -1. Configure the SonarQube analysis properties. You can either point to an existing sonar-project.properties file or set the analysis properties directly in the **Analysis properties** field - - - -## Using a Jenkins pipeline -We provide a `withSonarQubeEnv` block that allows you to select the SonarQube server you want to interact with. Connection details you have configured in Jenkins global configuration will be automatically passed to the scanner. - -If needed you can override the `credentialsId` if you don't want to use the one defined in global configuration (for example if you define credentials at folder level). - -If you only need the SonarQube environment variables to be expanded in the build context then you can override the `envOnly` flag. -``` -withSonarQubeEnv('My SonarQube Server', envOnly: true) { - // This expands the evironment variables SONAR_CONFIG_NAME, SONAR_HOST_URL, SONAR_AUTH_TOKEN that can be used by any script. - println ${env.SONAR_HOST_URL} -} -``` - -Here are some examples for every scanner, assuming you run on Unix slaves and you have configured a server named "My SonarQube Server" as well as required tools. If you run on Windows slaves, just replace `sh` with `bat`. - -SonarScanner: -``` -node { - stage('SCM') { - git 'https://github.com/foo/bar.git' - } - stage('SonarQube analysis') { - def scannerHome = tool 'SonarScanner 4.0'; - withSonarQubeEnv('My SonarQube Server') { // If you have configured more than one global server connection, you can specify its name - sh "${scannerHome}/bin/sonar-scanner" - } - } -} -``` -SonarScanner for Gradle: -``` -node { - stage('SCM') { - git 'https://github.com/foo/bar.git' - } - stage('SonarQube analysis') { - withSonarQubeEnv() { // Will pick the global server connection you have configured - sh './gradlew sonarqube' - } - } -} -``` -SonarScanner for Maven: -``` -node { - stage('SCM') { - git 'https://github.com/foo/bar.git' - } - stage('SonarQube analysis') { - withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: 'My SonarQube Server') { // You can override the credential to be used - sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar' - } - } -} -``` -SonarScanner for .NET: -``` -node { - stage('SCM') { - git 'https://github.com/foo/bar.git' - } - stage('Build + SonarQube analysis') { - def sqScannerMsBuildHome = tool 'Scanner for MSBuild 4.6' - withSonarQubeEnv('My SonarQube Server') { - bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe begin /k:myKey" - bat 'MSBuild.exe /t:Rebuild' - bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe end" - } - } -} -``` - -## Pause pipeline until the Quality Gate is computed -The `waitForQualityGate` step will pause the pipeline until SonarQube analysis is completed and returns Quality Gate status. - -### Pre-requisites: -* Configure a webhook in your SonarQube server pointing to `<your Jenkins instance>/sonarqube-webhook/` -* Use `withSonarQubeEnv` step in your pipeline (so that SonarQube taskId is correctly attached to the pipeline context). - - -Scripted pipeline example: -``` -node { - stage('SCM') { - git 'https://github.com/foo/bar.git' - } - stage('SonarQube analysis') { - withSonarQubeEnv('My SonarQube Server') { - sh 'mvn clean package sonar:sonar' - } // submitted SonarQube taskId is automatically attached to the pipeline context - } -} - -// No need to occupy a node -stage("Quality Gate"){ - timeout(time: 1, unit: 'HOURS') { // Just in case something goes wrong, pipeline will be killed after a timeout - def qg = waitForQualityGate() // Reuse taskId previously collected by withSonarQubeEnv - if (qg.status != 'OK') { - error "Pipeline aborted due to quality gate failure: ${qg.status}" - } - } -} -``` -Thanks to the webhook, the step is implemented in a very lightweight way: no need to occupy a node doing polling, and it doesn't prevent Jenkins to restart (step will be restored after restart). Note that to prevent race conditions, when the step starts (or is restarted) a direct call is made to the server to check if the task is already completed. - -Declarative pipeline example: -``` -pipeline { - agent any - stages { - stage('SCM') { - steps { - git url: 'https://github.com/foo/bar.git' - } - } - stage('build && SonarQube analysis') { - steps { - withSonarQubeEnv('My SonarQube Server') { - // Optionally use a Maven environment you've configured already - withMaven(maven:'Maven 3.5') { - sh 'mvn clean package sonar:sonar' - } - } - } - } - stage("Quality Gate") { - steps { - timeout(time: 1, unit: 'HOURS') { - // Parameter indicates whether to set pipeline to UNSTABLE if Quality Gate fails - // true = set pipeline to UNSTABLE, false = don't - waitForQualityGate abortPipeline: true - } - } - } - } -} -``` - -If you want to run multiple analysis in the same pipeline and use waitForQualityGate you have to do everything in order: -``` -pipeline { - agent any - stages { - stage('SonarQube analysis 1') { - steps { - sh 'mvn clean package sonar:sonar' - } - } - stage("Quality Gate 1") { - steps { - waitForQualityGate abortPipeline: true - } - } - stage('SonarQube analysis 2') { - steps { - sh 'gradle sonarqube' - } - } - stage("Quality Gate 2") { - steps { - waitForQualityGate abortPipeline: true - } - } - } -} -``` - -### Configuring a webhook secret - -If you want to verify the webhook payload that is sent to Jenkins, you can add a secret to your webhook on SonarQube. - -To set the secret: - -1. In Jenkins, navigate to **Manage Jenkins > Configure System > SonarQube Server > Advanced > Webhook Secret** and click the **Add** button. -1. Select **Secret text** and give the secret an ID. -1. Select the secret from the dropdown menu. - -If you want to override the webhook secret on a project level, you can add the secret to Jenkins and then reference the secret ID when calling `waitForQualityGate`. - - waitForQualityGate(webhookSecretId: 'yourSecretID') -if your pipeline is declarative or - - waitForQualityGate webhookSecretId: 'yourSecretID' -if your pipeline is scripted. diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-maven.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-maven.md deleted file mode 100644 index 8ab27b24dd5..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-maven.md +++ /dev/null @@ -1,110 +0,0 @@ ---- -title: SonarScanner for Maven -url: /analysis/scan/sonarscanner-for-maven/ ---- - -<!-- static --> -<update-center updatecenterkey="scannermaven"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-maven.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -The SonarScanner for Maven is recommended as the default scanner for Maven projects. - -The ability to execute the SonarQube analysis via a regular Maven goal makes it available anywhere Maven is available (developer build, CI server, etc.), without the need to manually download, setup, and maintain a SonarQube Runner installation. The Maven build already has much of the information needed for SonarQube to successfully analyze a project. By preconfiguring the analysis based on that information, the need for manual configuration is reduced significantly. - -## Prerequisites -* Maven 3.x -* At least the minimal version of Java supported by your SonarQube server is in use - -## Global Settings - -Edit the [settings.xml](http://maven.apache.org/settings.html) file, located in `$MAVEN_HOME/conf` or `~/.m2`, to set the plugin prefix and optionally the SonarQube server URL. - -Example: -``` -<settings> - <pluginGroups> - <pluginGroup>org.sonarsource.scanner.maven</pluginGroup> - </pluginGroups> - <profiles> - <profile> - <id>sonar</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - <properties> - <!-- Optional URL to server. Default value is http://localhost:9000 --> - <sonar.host.url> - http://myserver:9000 - </sonar.host.url> - </properties> - </profile> - </profiles> -</settings> -``` - -## Analyzing -Analyzing a Maven project consists of running a Maven goal: `sonar:sonar` from the directory that holds the main project `pom.xml`. You need to pass an [authentication token](/user-guide/user-token/) using the `sonar.login` property in your command line. - -``` -mvn clean verify sonar:sonar -Dsonar.login=myAuthenticationToken -``` - -In some situations you may want to run the `sonar:sonar` goal as a dedicated step. Be sure to use `install` as first step for multi-module projects -``` -mvn clean install -mvn sonar:sonar -Dsonar.login=myAuthenticationToken -``` - -To specify the version of sonar-maven-plugin instead of using the latest: -``` -mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar -``` - -To get coverage information, you'll need to generate the coverage report before the analysis and specify the location of the resulting report in an analysis parameter. See [Test Coverage](/analysis/coverage/)for details. - -## Configuring Analysis -Most analysis properties will be read from your project. If you would like override the default values of specify additional parameters, configure the parameter names found on the [Analysis Parameters](/analysis/analysis-parameters/) page in the `<properties>` section of your pom.xml like this: -``` -<properties> - <sonar.buildString> [...] </sonar.buildString> -</properties> - ``` - -## Sample Project -To help you get started, a simple project sample is available here: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner-maven - -## Excluding a module from analysis -* define property `<sonar.skip>true</sonar.skip>` in the `pom.xml` of the module you want to exclude -* use build profiles to exclude some module (like for integration tests) -* use Advanced Reactor Options (such as "-pl"). For example `mvn sonar:sonar -pl !module2` - -## How to Fix Version of Maven Plugin -It is recommended to lock down versions of Maven plugins: -``` -<build> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.sonarsource.scanner.maven</groupId> - <artifactId>sonar-maven-plugin</artifactId> - <version>3.7.0.1746</version> - </plugin> - </plugins> - </pluginManagement> -</build> -``` - -## Troubleshooting -**If you get a java.lang.OutOfMemoryError** -Set the `MAVEN_OPTS` environment variable, like this in *nix environments: -``` -export MAVEN_OPTS="-Xmx512m" -``` -In Windows environments, avoid the double-quotes, since they get misinterpreted. -``` -set MAVEN_OPTS=-Xmx512m -``` diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-msbuild.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-msbuild.md deleted file mode 100644 index 07a85844d9e..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-msbuild.md +++ /dev/null @@ -1,318 +0,0 @@ ----
-url: /analysis/scan/sonarscanner-for-msbuild/
-title: SonarScanner for .NET
----
-
-<!-- sonarqube -->
-<!-- static -->
-<update-center updatecenterkey="scannermsbuild"></update-center>
-<!-- /static -->
-<!-- embedded -->
-[[info]]
-| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner-msbuild.html) to get more details on the latest version of the scanner and how to download it.
-<!-- /embedded -->
-<!-- /sonarqube -->
-
-<!-- sonarcloud -->
-[[info]]
-| **Download SonarScanner for .NET** - [Issue Tracker](https://github.com/SonarSource/sonar-scanner-msbuild/issues) - [Source](https://github.com/SonarSource/sonar-scanner-msbuild)
-|
-| [Standalone executables](https://github.com/SonarSource/sonar-scanner-msbuild/releases) |
-| [.NET Core Global Tool](https://www.nuget.org/packages/dotnet-sonarscanner)
-<!-- /sonarcloud -->
-
-[[info]]
-| Since version 5.0, the SonarScanner for MSBuild is now the SonarScanner for .NET.
-| The documentation is updated with that new name, artifacts and links will remain with the old name for now.
-
-The SonarScanner for .NET is the recommended way to launch an analysis for projects/solutions using MSBuild or dotnet command as a build tool. It is the result of a [collaboration between SonarSource and Microsoft](https://www.sonarqube.org/announcing-sonarqube-integration-with-msbuild-and-team-build/).
-
-SonarScanner for .NET is distributed as a standalone command line executable, as an extension for <!-- sonarcloud -->[Azure DevOps](/analysis/scan/sonarscanner-for-azure-devops/)<!-- /sonarcloud --><!-- sonarqube -->[Azure DevOps Server](/analysis/scan/sonarscanner-for-azure-devops/)<!-- /sonarqube -->, and as a plugin for [Jenkins](/analysis/scan/sonarscanner-for-jenkins/).
-
-It supports .Net Core on every platform (Windows, macOS, Linux).
-
-## Prerequisites
-<!-- sonarqube -->
-* At least the minimal version of Java supported by your SonarQube server
-<!-- /sonarqube -->
-<!-- sonarcloud -->
-* Java 11 or greater
-<!-- /sonarcloud -->
-* The SDK corresponding to your build system:
-<!-- sonarqube -->
- * If you are using the .NET Framework version of the scanner you will need [.NET Framework v4.6 or above](https://dotnet.microsoft.com/en-us/download/dotnet-framework). For commercial versions of SonarQube to benefit from security analysis you will need [.NET Framework v4.7.2 or above](https://dotnet.microsoft.com/en-us/download/dotnet-framework)
-<!-- /sonarqube -->
-<!-- sonarcloud -->
- * If you are using the .NET Framework version of the scanner you will need [.NET Framework v4.6 or above](https://dotnet.microsoft.com/en-us/download/dotnet-framework), however to benefit from security analysis you will need [.NET Framework v4.7.2 or above](https://dotnet.microsoft.com/en-us/download/dotnet-framework)
-<!-- /sonarcloud -->
- * If you are using the .NET version of the scanner or the [.NET Core Global Tool](https://www.nuget.org/packages/dotnet-sonarscanner) you will need [.NET Core SDK 2.0 or above](https://dotnet.microsoft.com/en-us/download/dotnet)
-
-[[info]]
-| The flavor used to compile the Scanner for .NET (either .NET Framework, .NET Core or .NET) is independent of the .NET version the
-| project you want to analyze has been built with. Concretely, you can analyze .NET Core code with the .NET Framework version of
-| the Scanner. It's only relevant depending on your OS, and on the versions of .NET SDKs that are installed on your build machine.
-
-## Installation
-
-### Standalone executable
-
-* Expand the downloaded file into the directory of your choice. We'll refer to it as `$install_directory` in the next steps.
- * On Windows, you might need to unblock the ZIP file first (right-click **file > Properties > Unblock**).
- * On Linux/OSX you may need to set execute permissions on the files in `$install_directory/sonar-scanner-(version)/bin`.
-
-* Uncomment, and update the global settings to point to <!-- sonarqube -->your SonarQube server<!-- /sonarqube --><!-- sonarcloud -->SonarCloud<!-- /sonarcloud --> by editing `$install_directory/SonarQube.Analysis.xml`. Values set in this file will be applied to all analyses of all projects unless overwritten locally.
-Consider setting file system permissions to restrict access to this file.
-
-```xml
-<SonarQubeAnalysisProperties xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
- <Property Name="sonar.host.url"><!-- sonarqube -->http://localhost:9000<!-- /sonarqube --><!-- sonarcloud -->https://sonarcloud.io<!-- /sonarcloud --></Property>
- <Property Name="sonar.login">[my-user-token]</Property>
-</SonarQubeAnalysisProperties>
-```
-
-* Add `$install_directory` to your PATH environment variable.
-
-### .NET Core Global Tool
-
-```bash
-dotnet tool install --global dotnet-sonarscanner --version x.x.x
-```
-
-The _--version_ argument is optional. If it is omitted the latest version will be installed. The full list of releases is available on the [NuGet page](https://www.nuget.org/packages/dotnet-sonarscanner).
-
-.NET Core Global Tool is available from .NET Core 2.1+.
-
-<!-- sonarqube -->
-### On Linux/OSX, if your SonarQube server is secured
-
-1. Copy the server's CA certs to `/usr/local/share/ca-certificates`
-2. Run `sudo update-ca-certificates`
-<!-- /sonarqube -->
-
-## Use
-
-[[info]]
-| You can invoke the Scanner using arguments with both dash (-) or forward-slash (/) separators.
-| Example : SonarScanner.MSBuild.exe begin /k:"project-key" or SonarScanner.MSBuild.exe begin -k:"project-key" will work.
-
-There are two versions of the SonarScanner for .NET. In the following commands, you need to pass an [authentication token](/user-guide/user-token/) using the `sonar.login` property.
-
-### "Classic" .NET Framework Invocation
-
-The first version is based on the "classic" .NET Framework. To use it, execute the following commands from the root folder of your project:
-
-```
-SonarScanner.MSBuild.exe begin /k:"project-key" <!-- sonarcloud -->/o:"<organization>" <!-- /sonarcloud -->/d:sonar.login="myAuthenticationToken"
-MSBuild.exe <path to solution.sln> /t:Rebuild
-SonarScanner.MSBuild.exe end /d:sonar.login="myAuthenticationToken"
-```
-
-Note: On macOS or Linux, you can also use `mono <path to SonarScanner.MSBuild.exe>`.
-
-### .NET Core and .NET Core Global Tool Invocation
-
-The second version is based on .NET Core which has a very similar usage:
-
-```bash
-dotnet <path to SonarScanner.MSBuild.dll> begin /k:"project-key" <!-- sonarcloud -->/o:"<organization>" <!-- /sonarcloud -->/d:sonar.login="<token>"
-dotnet build <path to solution.sln>
-dotnet <path to SonarScanner.MSBuild.dll> end /d:sonar.login="<token>"
-```
-
-The .NET Core version can also be used as a .NET Core Global Tool.
-After installing the Scanner as a global tool as described above it can be invoked as follows:
-
-```bash
-dotnet tool install --global dotnet-sonarscanner
-dotnet sonarscanner begin /k:"project-key" <!-- sonarcloud -->/o:"<organization>" <!-- /sonarcloud -->/d:sonar.login="<token>"
-dotnet build <path to solution.sln>
-dotnet sonarscanner end /d:sonar.login="<token>"
-```
-
-In summary, the invocation of the SonarScanner for .NET will depend on the scanner flavor:
-
- Scanner Flavor | Invocation
- --- | ---
- .NET 5 | `dotnet <path to SonarScanner.MSBuild.dll>` etc.
- .NET Core Global Tool | `dotnet sonarscanner begin` etc.
- .NET Core 2.0+ | `dotnet <path to SonarScanner.MSBuild.dll>` etc.
- .NET Framework 4.6+|`SonarScanner.MSBuild.exe begin` etc.
-
-Notes:
-
-* The .NET Core version of the scanner does not support TFS XAML builds and automatic finding/conversion of Code Coverage files. Apart from that, all versions of the Scanner have the same capabilities and command line arguments.
-
-## Analysis steps
-### Begin
-The begin step is executed when you add the `begin` command line argument. It hooks into the build pipeline, downloads {instance} quality profiles and settings and prepares your project for the analysis.
-
-Command Line Parameters:
-
-<!-- sonarcloud -->
-
-Parameter|Description
----|---
-`/k:<project-key>`|[required] Specifies the key of the analyzed project in {instance}
-`/n:<project name>`|[optional] Specifies the name of the analyzed project in {instance}. Adding this argument will overwrite the project name in {instance} if it already exists.
-`/v:<version>`|[recommended] Specifies the version of your project.
-`/o:<organization>`|[required] Specifies the name of the target organization in SonarCloud.
-`/d:sonar.login=<token> or <username>`| [recommended] Specifies the [authentication token](/user-guide/user-token/) or username used to authenticate with to {instance}. If this argument is added to the begin step, it must also be added to the end step.
-`/d:sonar.password=<password>`|[optional] Specifies the password for the {instance} username in the `sonar.login` argument. This argument is not needed if you use authentication token. If this argument is added to the begin step, it must also be added on the end step.
-`/d:sonar.verbose=true`|[optional] Sets the logging verbosity to detailed. Add this argument before sending logs for troubleshooting.
-`/d:sonar.dotnet.excludeTestProjects=true`|[optional] Excludes Test Projects from analysis. Add this argument to improve build performance when issues should not be detected in Test Projects.
-`/d:<analysis-parameter>=<value>`|[optional] Specifies an additional {instance} [analysis parameter](/analysis/analysis-parameters/), you can add this argument multiple times.
-`/s:<custom.analysis.xml>`|[optional] Overrides the `$install_directory/SonarQube.Analysis.xml`. You need to give the absolute path to the file.
-<!-- /sonarcloud -->
-
-<!-- sonarqube -->
-
-Parameter|Description
----|---
-`/k:<project-key>`|[required] Specifies the key of the analyzed project in {instance}
-`/n:<project name>`|[optional] Specifies the name of the analyzed project in {instance}. Adding this argument will overwrite the project name in {instance} if it already exists.
-`/v:<version>`|[recommended] Specifies the version of your project.
-`/d:sonar.login=<token> or <username>`| [recommended] Specifies the [authentication token](/user-guide/user-token/) or username used to authenticate with to {instance}. If this argument is added to the begin step, it must also be added to the end step.
-`/d:sonar.password=<password>`|[optional] Specifies the password for the {instance} username in the `sonar.login` argument. This argument is not needed if you use authentication token. If this argument is added to the begin step, it must also be added on the end step.
-`/d:sonar.clientcert.path=<ClientCertificatePath>`|[optional] Specifies the path to a client certificate used to access {instance}. The certificate must be password protected.
-`/d:sonar.clientcert.password=<ClientCertificatePassword>`|[optional] Specifies the password for the client certificate used to access {instance}. Required if a client certificate is used.
-`/d:sonar.verbose=true`|[optional] Sets the logging verbosity to detailed. Add this argument before sending logs for troubleshooting.
-`/d:sonar.dotnet.excludeTestProjects=true`|[optional] Excludes Test Projects from analysis. Add this argument to improve build performance when issues should not be detected in Test Projects.
-`/d:<analysis-parameter>=<value>`|[optional] Specifies an additional {instance} [analysis parameter](/analysis/analysis-parameters/), you can add this argument multiple times.
-`/s:<custom.analysis.xml>`|[optional] Overrides the `$install_directory/SonarQube.Analysis.xml`. You need to give the absolute path to the file.
-<!-- /sonarqube -->
-
-For detailed information about all available parameters, see [Analysis Parameters](/analysis/analysis-parameters/).
-
-[[warning]]
-|  The "begin" step will modify your build like this:
-| * the active `CodeAnalysisRuleSet` will be updated to match the {instance} quality profile
-| * `WarningsAsErrors` will be turned off
-|
-| If your build process cannot tolerate these changes we recommend creating a second build job for {instance} analysis.
-
-### Build
-Between the `begin` and `end` steps, you need to build your project, execute tests and generate code coverage data. This part is specific to your needs and it is not detailed here. See [.NET Test Coverage](/analysis/test-coverage/dotnet-test-coverage/) for details.
-
-### End
-The end step is executed when you add the "end" command line argument. It cleans the MSBuild/dotnet build hooks, collects the analysis data generated by the build, the test results, the code coverage and then uploads everything to {instance}
-
-There are only two additional arguments that are allowed for the end step:
-
-<!-- sonarcloud -->
-Parameter|Description
----|---
-`/d:sonar.login=<token> or <username>`| This argument is required if it was added to the begin step.
-`/d:sonar.password=<password>`| This argument is required if it was added to the begin step and you are not using an authentication token.
-<!-- /sonarcloud -->
-
-<!-- sonarqube -->
-Parameter|Description
----|---
-`/d:sonar.login=<token> or <username>`| This argument is required if it was added to the begin step.
-`/d:sonar.password=<password>`| This argument is required if it was added to the begin step and you are not using an authentication token.
-`/d:sonar.clientcert.password=<ClientCertificatePassword>`|This argument is required if it was added to the begin step. Specifies the password for the client certificate used to access {instance}.
-<!-- /sonarqube -->
-
-### Known Limitations
-
-* MSBuild versions older than 14 are not supported.
-* Web Application projects are supported. Legacy Web Site projects are not.
-* Projects targeting multiple frameworks and using preprocessor directives could have slightly inaccurate metrics (lines of code, complexity, etc.) because the metrics are calculated only from the first of the built targets.
-
-## Code Coverage
-
-See [.NET Test Coverage](/analysis/test-coverage/dotnet-test-coverage/) for details.
-
-## Excluding projects from analysis
-
-Some project types, such as [Microsoft Fakes](https://msdn.microsoft.com/en-us/library/hh549175.aspx), are automatically excluded from analysis. To manually exclude a different type of project from the analysis, place the following in its .xxproj file.
-
-```xml
-<!-- in .csproj -->
-<PropertyGroup>
- <!-- Exclude the project from analysis -->
- <SonarQubeExclude>true</SonarQubeExclude>
-</PropertyGroup>
-```
-
-## Advanced topics
-
-**Analyzing MSBuild 12 projects with MSBuild 14**
-The Sonar Scanner for .NET requires your project to be built with MSBuild 14.0. We recommend installing Visual Studio 2015 update 3 or later on the analysis machine in order to benefit from the integration and features provided with the Visual Studio ecosystem (VSTest, MSTest unit tests, etc.).
-
-Projects targeting older versions of the .NET Framework can be built using MSBuild 14.0 by setting the "TargetFrameworkVersion" MSBuild property as documented by Microsoft:
-
-* [How to: Target a Version of the .NET Framework](https://msdn.microsoft.com/en-us/library/bb398202.aspx)
-* [MSBuild Target Framework and Target Platform](https://msdn.microsoft.com/en-us/library/hh264221.aspx)
-
-For example, if you want to build a .NET 3.5 project, but you are using a newer MSBuild version:
-
-```
-MSBuild.exe /t:Rebuild /p:TargetFramework=net35
-```
-
-If you do not want to switch your production build to MSBuild 14.0, you can set up a separate build dedicated to the {instance} analysis.
-
-**Detection of test projects**
-
-You can read a full description on that subject on our wiki [here](https://github.com/SonarSource/sonar-scanner-msbuild/wiki/Analysis-of-product-projects-vs.-test-projects).
-
-**Per-project analysis parameters**
-Some analysis parameters can be set for a single MSBuild project by adding them to its .csproj file.
-
-```xml
-<!-- in .csproj -->
-<ItemGroup>
- <SonarQubeSetting Include="sonar.stylecop.projectFilePath">
- <Value>$(MSBuildProjectFullPath)</Value>
- </SonarQubeSetting>
-</ItemGroup>
-```
-
-**Analyzing languages other than C# and VB**
-
-For newer SDK-style projects (used by .NET Core, .NET 5, and later), the SonarScanner for .NET will analyze all file types that are supported by the available language plugins unless explicitly excluded.
-
-For older-style projects, the scanner will only analyze files that are listed in the `.csproj` or `.vbproj` project file. Normally this means that only C# and VB files will be analyzed. To enable the analysis of other types of files, include them in the project file.
-
-More specifically, any files included by an element of one of the `ItemTypes` in
-[this list](https://github.com/SonarSource/sonar-scanner-msbuild/blob/master/src/SonarScanner.MSBuild.Tasks/Targets/SonarQube.Integration.targets#L112)
-will be analyzed automatically. For example, the following line in your `.csproj` or `.vbproj` file
-
-```
-<Content Include="foo\bar\*.js" />
-```
-
-will enable the analysis of all JS files in the directory `foo\bar` because `Content` is one of the `ItemTypes` whose includes are automatically analyzed.
-
-You can also add `ItemTypes` to the default list by following the directions [here](https://github.com/SonarSource/sonar-scanner-msbuild/blob/master/src/SonarScanner.MSBuild.Tasks/Targets/SonarQube.Integration.targets#L75).
-
-You can check which files the scanner will analyze by looking in the file .sonarqube\out\sonar-project.properties after MSBuild has finished.
-
-**Using SonarScanner for .NET with a Proxy**
-On build machines that connect to the Internet through a proxy server you might experience difficulties connecting to {instance}. To instruct the Java VM to use the system proxy settings, you need to set the following environment variable before running the SonarScanner for .NET:
-
-```bash
-SONAR_SCANNER_OPTS = "-Djava.net.useSystemProxies=true"
-```
-
-To instruct the Java VM to use specific proxy settings or when there is no system-wide configuration use the following value:
-
-```bash
-SONAR_SCANNER_OPTS = "-Dhttp.proxyHost=yourProxyHost -Dhttp.proxyPort=yourProxyPort"
-```
-Where _yourProxyHost_ and _yourProxyPort_ are the hostname and the port of your proxy server. There are additional proxy settings for HTTPS, authentication and exclusions that could be passed to the Java VM. For more information see the following article: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html.
-
-You also need to set the appropriate proxy environment variables used by .NET. `HTTP_PROXY`, `HTTPS_PROXY`, `ALL_PROXY`, and `NO_PROXY` are all supported. You can find more details [here](https://docs.microsoft.com/en-us/dotnet/api/system.net.http.httpclient.defaultproxy?view=net-5.0).
-
-## Known issues
-
-**I have multiple builds in the same pipeline, each of them getting analyzed even if the Run Code Analysis has already been executed**
-
-We don't uninstall the global `ImportBefore` targets to support concurrent analyses on the same machine. Main effect is that if you build a solution where a .sonarqube folder is located nearby, then the sonar-dotnet analyzer will be executed along your build task.
-
-To avoid that, you can disable the targets file by adding a build parameter:
-```
-msbuild /p:SonarQubeTargetsImported=true
-dotnet build -p:SonarQubeTargetsImported=true
-```
diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner.md deleted file mode 100644 index 6d871a4b941..00000000000 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner.md +++ /dev/null @@ -1,186 +0,0 @@ ---- -title: SonarScanner -url: /analysis/scan/sonarscanner/ ---- - -<!-- static --> -<update-center updatecenterkey="scannercli"></update-center> -<!-- /static --> -<!-- embedded --> -[[info]] -| See the [online documentation](https://redirect.sonarsource.com/doc/download-scanner.html) to get more details on the latest version of the scanner and how to download it. -<!-- /embedded --> - -The SonarScanner is the scanner to use when there is no specific scanner for your build system. - -## Configuring your project -Create a configuration file in your project's root directory called `sonar-project.properties` - -``` -# must be unique in a given SonarQube instance -sonar.projectKey=my:project - -# --- optional properties --- - -# defaults to project key -#sonar.projectName=My project -# defaults to 'not provided' -#sonar.projectVersion=1.0 - -# Path is relative to the sonar-project.properties file. Defaults to . -#sonar.sources=. - -# Encoding of the source code. Default is default system encoding -#sonar.sourceEncoding=UTF-8 -``` - -## Running SonarScanner from the zip file -To run SonarScanner from the zip file, follow these steps: - -1. Expand the downloaded file into the directory of your choice. We'll refer to it as `$install_directory` in the next steps. -1. Update the global settings to point to your SonarQube server by editing `$install_directory/conf/sonar-scanner.properties`: -``` -#----- Default SonarQube server -#sonar.host.url=http://localhost:9000 -``` -1. Add the `$install_directory/bin` directory to your path. -1. Verify your installation by opening a new shell and executing the command `sonar-scanner -h` (`sonar-scanner.bat -h` on Windows). You should get output like this: - - ``` - usage: sonar-scanner [options] - - Options: - -D,--define <arg> Define property - -h,--help Display help information - -v,--version Display version information - -X,--debug Produce execution debug output - ``` -If you need more debug information, you can add one of the following to your command line: `-X`, `--verbose`, or `-Dsonar.verbose=true`. - -1. Run the following command from the project base directory to launch analysis and pass your [authentication token](/user-guide/user-token/): -`sonar-scanner -Dsonar.login=myAuthenticationToken` - -## Running SonarScanner from the Docker image -To scan using the SonarScanner Docker image, use the following command: - -``` -docker run \ - --rm \ - -e SONAR_HOST_URL="http://${SONARQUBE_URL}" \ - -e SONAR_SCANNER_OPTS="-Dsonar.projectKey=${YOUR_PROJECT_KEY}" - -e SONAR_LOGIN="myAuthenticationToken" \ - -v "${YOUR_REPO}:/usr/src" \ - sonarsource/sonar-scanner-cli -``` - -## Scanning C, C++, or ObjectiveC Projects -Scanning projects that contain C, C++, or ObjectiveC code requires some additional analysis steps. You can find full details on the [C/C++/Objective-C](/analysis/languages/cfamily/) language page. - -## Sample Projects -To help you get started, simple project samples are available for most languages on GitHub. They can be [browsed](https://github.com/SonarSource/sonar-scanning-examples) or [downloaded](https://github.com/SonarSource/sonar-scanning-examples/archive/master.zip). You'll find them filed under sonarqube-scanner/src. - -## Alternatives to sonar-project.properties -If a sonar-project.properties file cannot be created in the root directory of the project, there are several alternatives: - -* The properties can be specified directly through the command line. Ex: -``` -sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=src1 -``` -* The property project.settings can be used to specify the path to the project configuration file (this option is incompatible with the `sonar.projectBaseDir` property). Ex: -``` -sonar-scanner -Dproject.settings=../myproject.properties -``` -* The root folder of the project to analyze can be set through the `sonar.projectBaseDir` property since SonarScanner 2.4. This folder must contain a `sonar-project.properties` file if `sonar.projectKey` is not specified on the command line. -Additional analysis parameters can be defined in this project configuration file or through command-line parameters. - -## Alternate Analysis Directory -If the files to be analyzed are not in the directory where the analysis starts from, use the `sonar.projectBaseDir` property to move analysis to a different directory. E.G. analysis begins from `jenkins/jobs/myjob/workspace` but the files to be analyzed are in `ftpdrop/cobol/project1`. -This is configured in `sonar-project.properties` as follows: -``` -sonar.projectBaseDir=/home/ftpdrop/cobol/project1 -sonar.sources=src -sonar.cobol.copy.directories=/copy -``` - -[[info]] -| You can configure more parameters. See [Analysis Parameters](/analysis/analysis-parameters/) for details. - -## Advanced Docker Configuration - -The following sections offer advanced configuration options when running the SonarScanner with Docker. Click the headings to expand the instructions. - -[[collapse]] -| ## Running as a non-root user -| You can run the Docker image as a non-root user using the `--user` option. For example, to run as the current user: -| ``` -| docker run \ -| --rm \ -| --user="$(id -u):$(id -g)" \ -| -e SONAR_HOST_URL="http://${SONARQUBE_URL}" \ -| -v "${YOUR_REPO}:/usr/src" \ -| sonarsource/sonar-scanner-cli -| ``` -| [[warning]] -| |When running the container as a non-root user you have to make sure the user has read and write access to the directories you are mounting (like your source code or scanner cache directory), otherwise you may encounter permission-related problems. - -[[collapse]] -| ## Caching scanner files -| To prevent SonarScanner from re-downloading language analyzers each time you run a scan, you can mount a directory where the scanner stores the downloads so that the downloads are reused between scanner runs. On some CI systems, you also need to add this directory to your CI cache configuration. -| -| The following command will store and use cache between runs: -| -| ``` -| docker run \ -| --rm \ -| -v ${YOUR_CACHE_DIR}:/opt/sonar-scanner/.sonar/cache \ -| -v ${YOUR_REPO}:/usr/src \ -| -e SONAR_HOST_URL="http://${SONARQUBE_URL}" \ -| sonarsource/sonar-scanner-cli -| ``` -| -| You can also change the location of where the scanner puts the downloads with the `SONAR_USER_HOME` environment variable. - -[[collapse]] -| ## Using self-signed certificates -| If you need to configure a self-signed certificate for the scanner to communicate with your SonarQube instance, you can use a volume under `/tmp/cacerts` to add it to the containers java trust store: -| -| ```bash -| docker pull sonarsource/sonar-scanner-cli -| docker run \ -| --rm \ -| -v ${YOUR_CERTS_DIR}/cacerts:/tmp/cacerts \ -| -v ${YOUR_CACHE_DIR}:/opt/sonar-scanner/.sonar/cache \ -| -v ${YOUR_REPO}:/usr/src \ -| -e SONAR_HOST_URL="http://${SONARQUBE_URL}" \ -| sonarsource/sonar-scanner-cli -| ``` -| -| Alternatively, you can create your own container that includes the modified `cacerts` file. Create a `Dockerfile` with the following contents: -| -| ``` -| FROM sonarsource/sonar-scanner-cli -| COPY cacerts /usr/lib/jvm/default-jvm/jre/lib/security/cacerts -| ``` -| -| Then, assuming both the `cacerts` and `Dockerfile` are in the current directory, create the new image with a command such as: -| ``` -| docker build --tag our-custom/sonar-scanner-cli . -| ``` -| - -## Troubleshooting -**Java heap space error or java.lang.OutOfMemoryError** -Increase the memory via the `SONAR_SCANNER_OPTS` environment variable when running the scanner from a zip file: -``` -export SONAR_SCANNER_OPTS="-Xmx512m" -``` -In Windows environments, avoid the double-quotes, since they get misinterpreted and combine the two parameters into a single one. -``` -set SONAR_SCANNER_OPTS=-Xmx512m -``` - -**Unsupported major.minor version** -Upgrade the version of Java being used for analysis or use one of the native package (that embed its own Java runtime). - -**Property missing: `sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.** -Scanner CLI is not able to analyze .NET projects. Please, use the SonarScanner for .NET. If you are running the SonarScanner for .NET, ensure that you are not hitting a known limitation. diff --git a/server/sonar-docs/src/pages/analysis/scm-integration.md b/server/sonar-docs/src/pages/analysis/scm-integration.md deleted file mode 100644 index 56445de54b6..00000000000 --- a/server/sonar-docs/src/pages/analysis/scm-integration.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -title: SCM Integration -url: /analysis/scm-integration/ ---- - -Collecting SCM data during code analysis can unlock a number of SonarQube features: - -* Automatic Issue Assignment -* code annotation (blame data) in the Code Viewer -* SCM-driven detection of new code (to help with [Clean as You Code](/user-guide/clean-as-you-code/)). Without SCM data, SonarQube determines new code using analysis dates (to timestamp modification of lines). - -SCM integration requires support for your individual SCM provider. Git and SVN are supported by default. For other SCM providers, see the Marketplace. - -If need be, you can toggle it off at global level via administration settings and at a project level via project settings. - -## Git -[Git](http://www.git-scm.com/) integration is supported out of the box with a pure Java implementation so there's no need to have Git command line tool installed on the machine where analysis is performed. - -Auto-detection of Git during analysis will happen if there is a .git folder in the project root directory or in one of its parent folders. Otherwise you can force the provider using `-Dsonar.scm.provider=git`. A full clone is required for this integration to be able to collect the required blame information (see Known Issues). If a shallow clone is detected, a warning will be logged and no attempt will be made to retrieve blame information. - -Git integration uses [JGit](https://www.eclipse.org/jgit/). JGit is a pure Java implementation of the Git client. - -### Known Issues - -* Git doesn't consider old "Mac" line ends (CR) as new lines. As a result the blame operation will contain fewer lines than expected by SonarQube and analysis will fail. The solution is to fix line ends to use either Windows (CR/LF) or Unix (LF) line ends. -* JGit doesn't support .mailmap file to "clean" email adress during the blame -* "Missing blame information..." and "Could not find ref..." can be caused by checking out with a partial / shallow clone, or using Git submodules. - -### How to investigate error during blame (only possible on Unix/Linux)? - -If you get an error when blame is executed on a file, it may be a limitation or a bug in JGit. To confirm please follow these steps: - -1. Download the standalone JGit command line distribution - -2. Try to execute the blame command on the offending file: - `chmod +x /path/to/org.eclipse.jgit.pgm-4.9.0.201710071750-r.sh /path/to/org.eclipse.jgit.pgm-4.9.0.201710071750-r.sh blame -w /path/to/offending/file` - -3. If you get the same error as during analysis, then this really looks like a bug in JGit (especially if you don't have an issue with the native git command line tool). Please try to do the previous steps with latest version of JGit and report all information to the [SonarQube Community Forum](https://community.sonarsource.com/). - -## Subversion -[Subversion](https://subversion.apache.org/) integration is supported out of the box for Subversion 1.6 to 1.9.x. - -Auto-detection of SVN during analysis will happen if there is a `.svn` folder somewhere in the parent hierarchy of the project root. Otherwise you can force the provider using `-Dsonar.scm.provider=svn` on the analysis command line. - -### Authentication -In order to get blame information on your code you will need to supply authentication data to the scanner. You can do it by passing following parameters to it when starting an analysis: - -| Parameter Name | Description | -| --------------------- | ---------------------------------- | -| `sonar.svn.username` | Username to be used for SVN server or SVN+SSH authentication | -| `sonar.svn.password.secured` | Password to be used for SVN server or SVN+SSH authentication | -| `sonar.svn.privateKeyPath` | Path to private key file. Can be used instead of password for SVN+SSH authentication | -| `sonar.svn.passphrase.secured` | Optional passphrase of your private key file | - -### Known issues -If you get errors like: - -`Caused by: org.tmatesoft.svn.core.SVNException: svn: E200007: Retrieval of mergeinfo unsupported by 'https://pmd.svn.sourceforge.net/svnroot/pmd/trunk/pmd/src/main/java/net/sourceforge/pmd/AbstractConfiguration.java';` -It means the SVN server is not advertising the 'mergeinfo' capability. You can check the advertised capabilities by simply connecting to it: - -`telnet <svn_server> 3690` -Often this is because your SVN server is not >= 1.5 or your project was not properly migrated after a server upgrade. It could also be a misconfiguration of the server. - -You should try to run svnadmin upgrade **on the server**. For more information, please read https://subversion.apache.org/docs/release-notes/1.5.html#repos-upgrades. - diff --git a/server/sonar-docs/src/pages/analysis/security_configuration.md b/server/sonar-docs/src/pages/analysis/security_configuration.md deleted file mode 100644 index 6d0ebf0f169..00000000000 --- a/server/sonar-docs/src/pages/analysis/security_configuration.md +++ /dev/null @@ -1,656 +0,0 @@ ---- -title: Security Engine Custom Configuration -url: /analysis/security_configuration/ ---- -*Security Engine Custom Configuration is available as part of the [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) and [above](https://www.sonarsource.com/plans-and-pricing/).* - -The security engine tracks the path that data follows through your code. It detects when data that's potentially manipulated by a malicious user reaches a sensitive piece of code where an attack can occur. - -Those potentially malicious data are also called tainted data because they are tainted by user inputs. - -SonarQube's security engine already knows a lot of APIs that are potential sources or targets of attack. While we do our best to identify publicly available APIs, we can't know everything about your homemade frameworks particularly when it comes to sanitizing your data. Because of this, SonarQube allows you to customize the security engine to add your own sources, sanitizers, passthroughs, and sinks (see the **Elements** section below for more on these elements). - -For example, you may want to: - -* add a source to add support for a framework that SonarQube doesn't cover out of the box -* use a custom sanitizer to tell the security engine that all data going through sanitizers should be considered safe. This allows you to remove false positives and tailor the security engine to your company. - -## Rules -You can customize elements for Java, PHP, C#, and Python rules in the security engine. Click the languages below to expand a list of customizable rules for that language: - -[[collapse]] -| ## Java -| * [S3649](https://rules.sonarsource.com/java/RSPEC-3649): SQL Injection -| * [S5131](https://rules.sonarsource.com/java/RSPEC-5131): XSS -| * [S5146](https://rules.sonarsource.com/java/RSPEC-5146): Open Redirect -| * [S5167](https://rules.sonarsource.com/java/RSPEC-5167): HTTP Response Splitting -| * [S2083](https://rules.sonarsource.com/java/RSPEC-2083): Path Traversal Injection -| * [S2078](https://rules.sonarsource.com/java/RSPEC-2078): LDAP Injection -| * [S5145](https://rules.sonarsource.com/java/RSPEC-5145): Log Injection -| * [S2076](https://rules.sonarsource.com/java/RSPEC-2076): OS Command Injection -| * [S2631](https://rules.sonarsource.com/java/RSPEC-2631): RegExp Injection -| * [S5144](https://rules.sonarsource.com/java/RSPEC-5144): Server-Side Request Forgery (SSRF) -| * [S2091](https://rules.sonarsource.com/java/RSPEC-2091): XPath Injection -| * [S5135](https://rules.sonarsource.com/java/RSPEC-5135): Deserialization Injection -| * [S5334](https://rules.sonarsource.com/java/RSPEC-5334): Code Injection -| * [S6096](https://rules.sonarsource.com/java/RSPEC-6096): Zip Slip - -[[collapse]] -| ## PHP -| * [S3649](https://rules.sonarsource.com/php/RSPEC-3649): SQL Injection -| * [S5131](https://rules.sonarsource.com/php/RSPEC-5131): XSS -| * [S5146](https://rules.sonarsource.com/php/RSPEC-5146): Open Redirect -| * [S5167](https://rules.sonarsource.com/php/RSPEC-5167): HTTP Response Splitting -| * [S2083](https://rules.sonarsource.com/php/RSPEC-2083): Path Traversal Injection -| * [S2078](https://rules.sonarsource.com/php/RSPEC-2078): LDAP Injection -| * [S5145](https://rules.sonarsource.com/php/RSPEC-5145): Log Injection -| * [S2076](https://rules.sonarsource.com/php/RSPEC-2076): OS Command Injection -| * [S2631](https://rules.sonarsource.com/php/RSPEC-2631): RegExp Injection -| * [S5144](https://rules.sonarsource.com/php/RSPEC-5144): Server-Side Request Forgery (SSRF) -| * [S2091](https://rules.sonarsource.com/php/RSPEC-2091): XPath Injection -| * [S5135](https://rules.sonarsource.com/php/RSPEC-5135): Deserialization Injection -| * [S5334](https://rules.sonarsource.com/php/RSPEC-5334): Code Injection -| * [S5335](https://rules.sonarsource.com/php/RSPEC-5335): Include Injection - -[[collapse]] -| ## C# -| * [S3649](https://rules.sonarsource.com/csharp/RSPEC-3649): SQL Injection -| * [S5131](https://rules.sonarsource.com/csharp/RSPEC-5131): XSS -| * [S5146](https://rules.sonarsource.com/csharp/RSPEC-5146): Open Redirect -| * [S5167](https://rules.sonarsource.com/csharp/RSPEC-5167): HTTP Response Splitting -| * [S2083](https://rules.sonarsource.com/csharp/RSPEC-2083): Path Traversal Injection -| * [S2078](https://rules.sonarsource.com/csharp/RSPEC-2078): LDAP Injection -| * [S5145](https://rules.sonarsource.com/csharp/RSPEC-5145): Log Injection -| * [S2076](https://rules.sonarsource.com/csharp/RSPEC-2076): OS Command Injection -| * [S2631](https://rules.sonarsource.com/csharp/RSPEC-2631): RegExp Injection -| * [S5144](https://rules.sonarsource.com/csharp/RSPEC-5144): Server-Side Request Forgery (SSRF) -| * [S2091](https://rules.sonarsource.com/csharp/RSPEC-2091): XPath Injection -| * [S5334](https://rules.sonarsource.com/csharp/RSPEC-5334): Code Injection -| * [S6096](https://rules.sonarsource.com/csharp/RSPEC-6096): Zip Slip - -[[collapse]] -| ## Python -| * [S3649](https://rules.sonarsource.com/python/RSPEC-3649): SQL Injection -| * [S5131](https://rules.sonarsource.com/python/RSPEC-5131): XSS -| * [S5146](https://rules.sonarsource.com/python/RSPEC-5146): Open Redirect -| * [S5167](https://rules.sonarsource.com/python/RSPEC-5167): HTTP Response Splitting -| * [S2083](https://rules.sonarsource.com/python/RSPEC-2083): Path Traversal Injection -| * [S2078](https://rules.sonarsource.com/python/RSPEC-2078): LDAP Injection -| * [S5145](https://rules.sonarsource.com/python/RSPEC-5145): Log Injection -| * [S2076](https://rules.sonarsource.com/python/RSPEC-2076): OS Command Injection -| * [S2631](https://rules.sonarsource.com/python/RSPEC-2631): RegExp Injection -| * [S5144](https://rules.sonarsource.com/python/RSPEC-5144): Server-Side Request Forgery (SSRF) -| * [S2091](https://rules.sonarsource.com/python/RSPEC-2091): XPath Injection -| * [S5135](https://rules.sonarsource.com/python/RSPEC-5135): Object Injection -| * [S5334](https://rules.sonarsource.com/python/RSPEC-5334): Code Injection - -## Elements - -You can add the following elements to your custom configuration: - -* **Source** – Where you get user data. You should always consider user data tainted and vulnerable to injection attacks. - Example: Calling `HttpServletRequest#getParam("foo")` will return tainted content -* **Sanitizer** – Finds and removes malicious content from one or more potentially tainted arguments. - Example: `DatabaseUtils#sqlEscapeString(String str)` returns a modified version of `str` where characters used in an SQL injection attack are removed. -* **Validator** - Marks one or more arguments as safe from malicious content. - Example: `String#matches(String str)` can be used to verify that `str` does not contain any content which may be used in an injection attack. -* **Passthrough** – Allows you to keep track of tainted data sent to a library outside the current function. When you pass a tainted value to a library function outside the current function, SonarQube automatically assumes it's being passed to a sanitizer. If the tainted data isn't being passed to a sanitizer, you can set up a passthrough to keep track of the data. -* **Sink** – A piece of code that can perform a security-sensitive task. Data should not contain any malicious content once it reaches a sink. - Example: Running an SQL query with `java.sql.Statement#execute` - -## MethodId - -All custom configurations rely on the accuracy of the `methodIds` provided. The `methodId` format differs for each language. Click the language you're using below for more information on the format for that language. - -[[collapse]] -| ## Java methodId -| -| The `methodId` format is inspired by the bytecode. The easiest way to get a `methodId` is to write a simple piece of Java code, compile it, and then look at the bytecode generated using the `javap -c path_to.class` file, and transform it a little. Looking at the following real-life example will help you understand the format. -| -| Let's imagine you want to declare `org.rapidoid.jdbc.JdbcClient.execute(String sql, Object... args)` as a new sink (you don't need to do this because Rapidoid is part of what is covered out of the box). -| -| Write a simple piece of code calling the JdbcClient.execute(...) method. The code doesn't need to actually do anything. -| -| ``` -| import org.rapidoid.http.Req; -| import org.rapidoid.jdbc.JdbcClient; -| -| public static void callJDBCMethods(Req req) { -| String tainted = req.param("TAINTED"); -| JdbcClient jdbc = JDBC.api(); -| jdbc.execute(tainted, req); // Noncompliant -| } -| ``` -| -| Run the `javap -c` and locate the piece of bytecode corresponding to the call to `JdbcClient.execute` -| -| ``` -| [...] -| org/rapidoid/jdbc/JdbcClient.execute:(Ljava/lang/String;[Ljava/lang/Object;)I -| [...] -| ```` -| -| * Replace the `/` in the package name with `.` -| * Remove the `:` -| * Replace the `.` separating the Class name and the Method name with a `#` -| -| The resulting `methodId` is: -| ``` -| org.rapidoid.jdbc.JdbcClient#execute(Ljava/lang/String;[Ljava/lang/Object;)I -| ``` - -[[collapse]] -| ## PHP methodId -| -| The `methodId` can be: -| * the name of a PHP function -| * the fully qualified name of a method following this format: `namespace\\ClassName::methodName` -| -| Example: `Symfony\\Component\\HttpFoundation\\Request::getUser` for the `getUser()` method of the `Request` object provided by `Symfony` -| -| Note: the `methodId` should be related to methods or functions that are part of the analysis scope. Because we recommended to not analyze the code of frameworks at the same time that you scan your own source code, defining methods or functions from frameworks will have no effect. -| This is linked to the fact that the SonarQube security engine needs to know the runtime type of each variable. The type can't be guessed when objects are created by frameworks' factories. Out of the box, the SonarQube security engine supports the main Symfony and Laravel types. - -[[collapse]] -| ## C# methodId -| -| If you want to declare the constructor `SqlCommand` belonging to the namespace `System.Data.SqlClient` as a sink, the `methodId` should be: -| -| ``` -| System.Data.SqlClient.SqlCommand.SqlCommand(string, System.Data.SqlClient.SqlConnection) -| ``` -| -| You simply need to provide the fully qualified name of the method or constructor plus the types of the arguments. - -[[collapse]] -| ## Python methodId -| -| Python `methodIds` can be defined as either of the following: -| * the name of a global Python function. -| * the fully qualified name of a method following this format: `namespace.ClassName.methodName`. Ex: `ldap.ldapobject.SimpleLDAPObject.search`, `str.isidentifier`. - -## Creating your custom configuration JSON file - -You need to add your custom configurations to SonarQube using a JSON file. You can apply your custom configuration to a specific project or to all of your projects at the global level in SonarQube: - -* **Project level** – go to **Project Settings > General Settings > SAST Engine** and add your JSON file to the **JAVA/PHP/C#/Python custom configuration** field. - -* **Global level** – go to **Administration > General Settings > SAST Engine** and add your JSON file to the **JAVA/PHP/C#/Python custom configuration** field. - -See the following section for more information on formatting your JSON file. - -### Configuration file format -Your JSON file should include the rule you're adding a custom element to, the element you are customizing, and the `methodId` for each element. Each language needs a separate JSON file but can contain multiple rules. You may use the special rule key `common` to apply the given configuration to all the rules. Click your language below to expand an example of a JSON file to help you understand the expected format. - -[[collapse]] -| ## Java JSON file example -| -| ``` -| { -| "S3649": { -| "sources": [ -| { -| "methodId": "my.package.ServerRequest#getQuery()Ljava/lang/String;" -| } -| ], -| "sanitizers": [ -| { -| "methodId": "my.package.StringUtils#stringReplace(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;", -| "args": [ -| 2 -| ] -| } -| ], -| "validators": [ -| { -| "methodId": "my.package.StringUtils#equals(Ljava/lang/String;)Z", -| "args": [ -| 1 -| ] -| } -| ], -| "passthroughs": [ -| { -| "methodId": "my.package.RawUrl#<init>(Ljava/lang/String;)V", -| "isWhitelist": true, -| "args": [ -| 1 -| ] -| } -| ], -| "sinks": [ -| { -| "methodId": "my.package.MySql#query(Ljava/lang/String;)V", -| "args": [ -| 1 -| ] -| }, -| { -| "methodId": "my.package.SqlStatement#execute", -| "isMethodPrefix": true, -| "args": [ -| 0, -| 1 -| ] -| }, -| { -| "methodId": "my.package.SqlStatement#run(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V", -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "S5131": { -| "sources": [ -| { -| "methodId": "my.package.ServerRequest#getQueryString()Ljava/lang/String;" -| } -| ], -| "sinks": [ -| { -| "methodId": "my.package.Server#write(", -| "isMethodPrefix": true, -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "common": { -| "sources": [ -| { -| "methodId": "my.package.Input#getUserInput()Ljava/lang/String;" -| } -| ] -| } -| } -|``` -| -| The `args` is the index of the parameter that can receive a tainted variable. Index starts: -| * `1` for a function call. -| * `0` for a method call, index `0` being the current instance (`this`). -| The `args` field must be a non-empty array of non-negative integers, and it is a mandatory field for sanitizers and validators. - -[[collapse]] -| ## PHP JSON file example -| -| ``` -| { -| "S3649": { -| "sources": [ -| { -| "methodId": "My\\Namespace\\ClassName\\ServerRequest::getQuery" -| } -| ], -| "sanitizers": [ -| { -| "methodId": "str_replace", -| "args": [ -| 3 -| ] -| } -| ], -| "validators": [ -| { -| "methodId": "My\\Namespace\\Validator\\inArray::isValid", -| "args": [ -| 1 -| ] -| } -| ], -| "passthroughs": [ -| { -| "methodId": "My\\Namespace\\RawUrl::RawUrl", -| "isWhitelist": true, -| "args": [ -| 1 -| ] -| } -| ], -| "sinks": [ -| { -| "methodId": "mysql_query", -| "args": [ -| 1 -| ] -| }, -| { -| "methodId": "My\\Namespace\\SqlStatement::execute", -| "isMethodPrefix": true, -| "args": [ -| 0, -| 1 -| ] -| }, -| { -| "methodId": "My\\Namespace\\SqlStatement::run", -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "S5131": { -| "sources": [ -| { -| "methodId": "My\\Namespace\\ClassName\\ServerRequest::getQueryString" -| } -| ], -| "sinks": [ -| { -| "methodId": "My\\Namespace\\ClassName\\Server::write", -| "isMethodPrefix": true, -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "common": { -| "sources": [ -| { -| "methodId": "My\\Namespace\\ClassName\\Input::getUserInput" -| } -| ] -| } -| } -|``` -| -| The `args` is the index of the parameter that can receive a tainted variable. Index starts: -| * `1` for a function call. -| * `0` for a method call, index `0` being the current instance (`this`). -| The `args` field must be a non-empty array of non-negative integers, and it is a mandatory field for sanitizers and validators. - -[[collapse]] -| ## C# JSON file example -| -| ``` -| { -| "S3649": { -| "sources": [ -| { -| "methodId": "My.Namespace.ServerRequest.GetQuery()" -| } -| ], -| "sanitizers": [ -| { -| "methodId": "My.Namespace.StringUtils.StringReplace(string, string)", -| "args": [ -| 0 -| ] -| } -| ], -| "validators": [ -| { -| "methodId": "My.Namespace.StringUtils.Regex.Matches(string)", -| "args": [ -| 0 -| ] -| } -| ], -| "passthroughs": [ -| { -| "methodId": "My.Namespace.RawUrl.RawUrl(string)", -| "isWhitelist": true, -| "args": [ -| 1 -| ] -| } -| ], -| "sinks": [ -| { -| "methodId": "My.Namespace.MySql.Query(string)", -| "args": [ -| 1 -| ] -| }, -| { -| "methodId": "My.Namespace.SqlStatement.Execute", -| "isMethodPrefix": true, -| "args": [ -| 0, -| 1 -| ] -| }, -| { -| "methodId": "My.Namespace.SqlStatement.Run(string, string, string)", -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "S5131": { -| "sources": [ -| { -| "$comment": "The following method id is a getter on the 'QueryString' property", -| "methodId": "My.Namespace.ServerRequest.QueryString.get" -| } -| ], -| "sinks": [ -| { -| "methodId": "My.Namespace.Server.Write(", -| "isMethodPrefix": true, -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "common": { -| "sources": [ -| { -| "methodId": "My.Namespace.Input.GetUserInput()" -| } -| ] -| } -| } -|``` -| -| The `args` is the index of the parameter that can receive a tainted variable. Index starts: -| * `1` for a function call. -| * `0` for a method call, index `0` being the current instance (`this`). -| The `args` field must be a non-empty array of non-negative integers, and it is a mandatory field for sanitizers and validators. - -[[collapse]] -| ## Python JSON file example -| -|``` -| { -| "S3649": { -| "sources": [ -| { -| "methodId": "my.namespace.ServerRequest.get_query" -| } -| ], -| "sanitizers": [ -| { -| "methodId": "str_replace", -| "args": [ -| 1 -| ] -| } -| ], -| "validators": [ -| { -| "methodId": "my.namespace.regex.matches", -| "args": [ -| 1 -| ] -| } -| ], -| "passthroughs": [ -| { -| "methodId": "my.namespace.RawUrl", -| "isWhitelist": true, -| "args": [ -| 1 -| ] -| } -| ], -| "sinks": [ -| { -| "methodId": "mysql_query", -| "args": [ -| 1 -| ] -| }, -| { -| "methodId": "my.namespace.SqlStatement.execute", -| "isMethodPrefix": true, -| "args": [ -| 0, -| 1 -| ] -| }, -| { -| "methodId": "my.namespace.SqlStatement.run", -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "S5131": { -| "sources": [ -| { -| "methodId": "my.namespace.ServerRequest.get_query_string" -| } -| ], -| "sinks": [ -| { -| "methodId": "my.namespace.Server.write(", -| "isMethodPrefix": true, -| "interval": { -| "fromIndex": 1 -| } -| } -| ] -| }, -| "common": { -| "sources": [ -| { -| "methodId": "my.namespace.Input.get_input" -| } -| ] -| } -| } -| -|``` -| -| The `args` is the index of the parameter that can receive a tainted variable. Index starts: -| * `1` for a function call. -| * `0` for a method call, index `0` being the current instance (`this`). -| The `args` field must be a non-empty array of non-negative integers, and it is a mandatory field for sanitizers and validators. - -### (Deprecated) Customizing through analysis parameters - -[[warning]] -| Customizing the security engine through analysis parameters is deprecated. We recommend adding your custom configuration in SonarQube as shown above. This allows you to create a single configuration file for each language and to easily apply it to multiple projects or globally. - -To customize the SonarQube security engine, you can feed security configuration data through parameters given to the SonarScanners. To do this, you should provide JSON files with the value of the new analysis parameters. - -[[info]] -|The configuration works per rule. You can't share a configuration between rules. - -The parameters should use the following syntax: - -``` -sonar.security.[ConfigType].[RuleRepository].[RuleKey]=[FileName] -``` -The `ConfigType` value can be one of the following: - -* `sources` -* `sanitizers` -* `passthroughs` -* `sinks` - -The `RuleRepository` value can be one of the following: - -* `javasecurity`: if you want to customize the Java Security Engine -* `phpsecurity`: if you want to customize the PHP Security Engine -* `roslyn.sonaranalyzer.security.cs`: if you want to customize the C# Security Engine -* `pythonsecurity`: if you want to customize the Python Security Engine - -The `RuleKey` value should be one of the values shown in the **Rules** section above. - -#### **JSON formatting example** - -Configuration is provided using JSON files. Click the heading below to expand an example PHP JSON file to help you understand the expected format. - -[[collapse]] -| ## JSON File Format Example for PHP -| -| [[info]] -| | You need to create a configuration for each rule. There is no way to share a configuration between rules. -| -| ``` -| { -| "sources": [ -| { -| "methodId": "My\\Namespace\\ClassName\\ServerRequest::getQuery" -| } -| ], -| "sanitizers": [ -| { -| "methodId": "str_replace", -| "args": [ -| 3 -| ] -| } -| ], -| "validators": [ -| { -| "methodId": "My\\Namespace\\Validator\\inArray::isValid", -| "args": [ -| 1 -| ] -| } -| ], -| "passthroughs": [ -| { -| "methodId": "rawurldecode", -| "args": [ -| 1 -| ] -| } -| ], -| "sinks": [ -| { -| "methodId": "mysql_query", -| "args": [ -| 1 -| ] -| }, -| { -| "methodId": "My\\Namespace\\SqlStatement::execute", -| "isMethodPrefix": true, // this is to say that all the methods starting with execute on the SqlStatement object will be considered -| "args": [ -| 0, -| 1 -| ] -| }, -| { -| "methodId": "My\\Namespace\\SqlStatement::run", -| "interval": { -| "fromIndex": 1 // every parameter from the number 1 will be considered -| } -| } -| ] -| } -| ``` -| -| The `args` is the index of the parameter that can receive a tainted variable. Index starts: -| * `1` for a function call. -| * `0` for a method call, index `0` being the current instance (`this`) . -| The `args` field must be a non-empty array of non-negative integers, and it is a mandatory field for sanitizers and validators. - -## Deactivating the core configuration - -You can disable the core configuration per language or per rule using the following: - -``` -sonar.security.[ConfigType].[RuleRepository].noDefaultConfig=[true|false] -sonar.security.[ConfigType].[RuleRepository].[RuleKey].noDefaultConfig=[true|false] -``` diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/c-family-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/c-family-test-coverage.md deleted file mode 100644 index 512d06f652e..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/c-family-test-coverage.md +++ /dev/null @@ -1,77 +0,0 @@ ---- -title: C/C++/Objective-C Test Coverage -url: /analysis/test-coverage/c-family-test-coverage/ ---- - -SonarQube supports the reporting of test coverage information as part of the analysis of your C/C++/Objective-C project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - - -## Adjust your setup - -To enable coverage, you need to: - -* Adjust your build process so that the coverage tool generates the report(s). - This is done just after your unit tests as part of the clean build required to run analysis. -* Make sure that the coverage tool writes its report file to a defined path in the build environment. -* Configure the scanning step of your build so that the scanner picks up the report file from that defined path. - - -## Add coverage to your build process - -For C/C++/Objective-C projects, SonarQube supports a number of coverage tools. -Each has an associated analysis parameter that must be set to the location of the coverage report that is produced by the tool. -The parameters are: - -* `sonar.cfamily.llvm-cov.reportPath` -* `sonar.cfamily.vscoveragexml.reportsPath` -* `sonar.cfamily.gcov.reportsPath` -* `sonar.cfamily.bullseye.reportPath` -* `sonar.coverageReportPaths` - -Assuming that you have already set up your project, you will have seen the example projects (_without coverage_) referenced in the in-product tutorials: [sonarsource-cfamily-examples](https://github.com/orgs/sonarsource-cfamily-examples/). - -In the same GitHub organization, you will also find example repositories that provide guidance on how to _add coverage_ to an already-configured project. -These examples do not explicitly describe every possible combination of tooling and platform but do cover the most significant variants. -You may need to adapt them slightly: - -* [Visual Studio Coverage example on GitHub Actions](https://github.com/sonarsource-cfamily-examples/windows-msbuild-vscoverage-gh-actions-sc) - -* [Visual Studio Coverage example on Azure DevOps](https://github.com/sonarsource-cfamily-examples/windows-msbuild-vscoverage-azure-sc) - -* [XCode Coverage example](https://github.com/sonarsource-cfamily-examples/macos-xcode-coverage-gh-actions-sc) - -* [llvm-cov example](https://github.com/sonarsource-cfamily-examples/linux-cmake-llvm-cov-gh-actions-sc) - -* [gcovr example](https://github.com/sonarsource-cfamily-examples/linux-cmake-gcovr-gh-actions-sc) - -* [gcov example](https://github.com/sonarsource-cfamily-examples/linux-autotools-gcov-travis-sc) - -These examples include the major free-to-use coverage tools for C/C++/Objective-C (VS Coverage, XCode Coverage, LLVM-COV, GCOVR, and GCOV). For information on the popular commercial Bullseye product, see https://www.bullseye.com/. - - -## Coverage parameters can be set in multiple places - -As with other analysis parameters, the coverage-related parameters for C/C++/Objective-C projects can be set in multiple places: - -* On the command line of the scanner invocation using the `-D` or `--define` switch. This is what is done in the examples above, inside the `build.yml` files of each example. - -* In the `sonar-project.properties` file. - -* In the SonarQube interface under - - **_Your Project_ > Project Settings > General Settings > Languages > C/C++/Objective-C > Coverage** - - for project-level settings, and - - **Administration > Configuration > General Settings > Languages > C/C++/Objective-C > Coverage** - - for global settings (applying to all projects). - - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/dotnet-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/dotnet-test-coverage.md deleted file mode 100644 index 8d7e0917058..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/dotnet-test-coverage.md +++ /dev/null @@ -1,235 +0,0 @@ ---- -title: .NET Test Coverage -url: /analysis/test-coverage/dotnet-test-coverage/ ---- - -SonarQube supports the reporting of test coverage information as part of the analysis of your .NET project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - -SonarQube supports the following .NET test coverage tools: - -* Visual Studio Code Coverage -* dotnet-coverage Code Coverage -* dotCover -* OpenCover -* Coverlet - -Additionally, a generic coverage format is also supported if you wish to use an unsupported tool -(though you will have to convert its output to the generic format yourself). -In this section, we discuss the directly supported tools. -For information on the generic format, see [Generic Test Data](/analysis/generic-test/). - - -## Adding coverage to your build process - -The .NET scanner comes in four variants depending on which version of .NET and which CI you are using -(_.NET Framework_, _.NET Core_, _.NET tool_ and _SonarQube Extension for Azure DevOps_). -The setup is slightly different for each variant -(see the [SonarScanner for .NET](/analysis/scan/sonarscanner-for-msbuild/) -and [SonarQube Extension for Azure DevOps](/analysis/scan/sonarscanner-for-azure-devops/) -sections for details), but the essential steps are the same. - -The analysis is always split into two parts in your build process; -the begin step and the end step. -In between, you perform the actual build and your tests. -To enable coverage reporting, you need to make the following changes: - -* In the scanner begin step, add the appropriate parameter to specify the location of the coverage report file that will be produced. -* Just after the build step but before the scanner end step, ensure that your test step produces the coverage report file. - - -## Examples using the .NET tool scanner variant - -The SonarScanner for .NET comes in four major variants: .NET Framework 4.6, .NET Core, .NET tool, and Azure Pipelines extension. - - -### Visual Studio Code Coverage - -We only recommend the use of this tool when the build agent has Visual Studio Enterprise installed or when you are using an Azure DevOps Windows image for your build. -In these cases, the .NET Framework 4.6 scanner will automatically find the coverage output generated by the `--collect "Code Coverage"` parameter without the need for an explicit report path setting. -It will also automatically convert the generated report to XML. -No further configuration is required. -Here is an example: - -``` -SonarScanner.MSBuild.exe begin /k:"<sonar-project-key>" /d:sonar.login="<sonar-token>" -dotnet build --no-incremental -dotnet test --collect "Code Coverage" -SonarScanner.MSBuild.exe end /d:sonar.login="<sonar-token>" -``` - - -### dotnet-coverage - -This is a modern alternative to the Visual Studio Code Coverage provided by Microsoft (see above) that outputs results in the same format, -is cross-platform and not dependent on having Visual Studio installed. -It requires .NET Core 3.1 or later. - -To use [dotnet-coverage](https://docs.microsoft.com/en-us/dotnet/core/additional-tools/dotnet-coverage), -you must install it as a global dotnet tool: - -``` -dotnet tool install --global dotnet-coverage -``` - -Using this tool, your build script would look like something like this: - -``` -dotnet sonarscanner begin /k:"<sonar-project-key>" - /d:sonar.login="<sonar-token>" - /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml -dotnet build --no-incremental -dotnet-coverage collect 'dotnet test' -f xml -o 'coverage.xml' -dotnet sonarscanner end /d:sonar.login="<sonar-token>" -``` - -Note that we specify the path to the reports using `sonar.cs.vscoveragexml.reportsPaths` -because this tool’s output format is the same as the Visual Studio Code Coverage tool. -We use the `-f xml` parameter to specify that the output format is in XML. - - -### dotCover - -To use [dotCover](https://www.jetbrains.com/help/dotcover/dotCover__Coverage_Analysis_on_Third-Party_Server.html) -you must install it as a global dotnet tool: - -``` -dotnet tool install --global JetBrains.dotCover.GlobalTool -``` - -Using this tool, your build script would look like something like this: - -``` -dotnet sonarscanner begin /k:"<sonar-project-key>" - /d:sonar.login="<sonar-token>" - /d:sonar.cs.dotcover.reportsPaths=dotCover.Output.html -dotnet build –no-incremental -dotnet dotcover test --dcReportType=HTML -dotnet sonarscanner end /d:sonar.login="<sonar-token>" -``` - -Note that we specify the path to the reports using `sonar.cs.dotcover.reportsPaths` because we are using dotCover. - - -### OpenCover - -To use [OpenCover](https://github.com/OpenCover/opencover/wiki/Usage) you must download it from [here](https://github.com/OpenCover/opencover/releases) and unzip it in an appropriate directory, for example: `C:\tools\opencover` - -Using this tool, your build script would look like something like this: - -``` -dotnet sonarscanner begin /k:"<sonar-project-key>" - /d:sonar.login="<sonar-token>" - /d:sonar.cs.opencover.reportsPaths=coverage.xml -dotnet build --no-incremental -& C:\tools\opencover\OpenCover.Console.exe -target:"dotnet.exe" - -targetargs:"test --no-build" - -returntargetcode - -output:coverage.xml - -register:user -dotnet sonarscanner end /d:sonar.login="<sonar-token>" -``` - -Note that we specify the path to the reports using `sonar.cs.opencover.reportsPaths` because we are using OpenCover. - - -### Coverlet - -To use Coverlet, you must install it as a global dotnet tool: - -``` -dotnet tool install --global coverlet.console -``` - -You also have to install [the coverlet collector NuGet package](https://www.nuget.org/packages/coverlet.collector/) on your test project. - -Using this tool, your build script would look like something like this: - -``` -dotnet sonarscanner begin /k:"<sonar-project-key>" - /d:sonar.login="<sonar-token>" - /d:sonar.cs.opencover.reportsPaths=coverage.xml -dotnet build --no-incremental -coverlet .\CovExample.Tests\bin\Debug\net6.0\CovExample.Tests.dll - --target "dotnet" - --targetargs "test --no-build" - -f=opencover - -o="coverage.xml" -dotnet sonarscanner end /d:sonar.login="<sonar-token>" -``` - -Note that we specify the path to the reports in `sonar.cs.opencover.reportsPaths` because Coverlet produces output in the same format as OpenCover. - - -## .NET Framework and .NET Core scanners - -In most of the examples above, we use the .NET tool scanner variant. -If you use the .NET Framework or .NET Core scanner, the commands will be a bit different but the pattern will be the same. -See [SonarScanner for .NET](/analysis/scan/sonarscanner-for-msbuild/) for details. - - -## Extension for Azure Devops - -Using the Extension for Azure Devops and Visual Studio Code Coverage with a C# project, your `azure-pipelines.yml` would look something like the example below. - -Note that with the Extension for Azure Devops extension, the scanner `begin` step is handled by the `SonarQubePrepare` task and the scanner `end` step is handled by the `SonarQubeAnalyze` task. - -Also note that because our build is running on Windows (we specify `vmImage: windows-latest`), we do not need to explicitly specify the path to the coverage report (there is no `sonar.cs.vscoveragexml.reportsPaths=coverage.xml`) nor do you need to run `codecoverage.exe` to convert the report to XML. - -``` -azure-pipelines.yml -trigger: -- master - -variables: -- name: system.debug - value: true - -pool: - vmImage: windows-latest - -steps: -- task: DotNetCoreCLI@2 - inputs: - command: 'restore' - projects: 'my-project.sln' - feedsToUse: 'select' - -- task: SonarQubePrepare@1 - inputs: - SonarQube: 'SonarQube' - scannerMode: 'MSBuild' - projectKey: 'my-project-key' - projectName: 'my-project' - -- task: DotNetCoreCLI@2 - inputs: - command: 'build' - projects: 'my-project.sln' - -- task: DotNetCoreCLI@2 - inputs: - command: 'test' - projects: 'tests/**/*.csproj' - arguments: '--collect "Code Coverage"' # This is all you need to add! - -- task: SonarQubeAnalyze@1 -``` - -## VB.NET - -The examples above are all for C# projects. For VB.NET projects the setup is identical except that you would use these parameters: - -* `sonar.vbnet.vscoveragexml.reportsPaths` for Visual Studio Code Coverage -* `sonar.vbnet.dotcover.reportsPaths` for dotCover -* `sonar.vbnet.opencover.reportsPaths` for OpenCover or Coverlet - -The parameter `sonar.cs.ncover3.reportsPaths` was formerly used for or NCover3. -This parameter has been deprecated. - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/generic-test.md b/server/sonar-docs/src/pages/analysis/test-coverage/generic-test.md deleted file mode 100644 index a5181791d5e..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/generic-test.md +++ /dev/null @@ -1,113 +0,0 @@ ---- -title: Generic Test Data -url: /analysis/generic-test/ ---- - -SonarQube supports generic formats for test coverage and test execution import. -If the native output of your coverage tool is not supported by SonarQube, you must convert it to this format: - - -## Generic Test Coverage Report Format - -Report paths should be passed in a comma-delimited list to: - -`sonar.coverageReportPaths` - -The supported format is described by the `sonar-generic-coverage.xsd`: - -``` -<xs:schema> - <xs:element name="coverage"> - <xs:complexType> - <xs:sequence> - <xs:element name="file" minOccurs="0" maxOccurs="unbounded"> - <xs:complexType> - <xs:sequence> - <xs:element name="lineToCover" minOccurs="0" maxOccurs="unbounded"> - <xs:complexType> - <xs:attribute name="lineNumber" type="xs:positiveInteger" use="required"/> - <xs:attribute name="covered" type="xs:boolean" use="required"/> - <xs:attribute name="branchesToCover" type="xs:nonNegativeInteger"/> - <xs:attribute name="coveredBranches" type="xs:nonNegativeInteger"/> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="path" type="xs:string" use="required"/> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="version" type="xs:positiveInteger" use="required"/> - </xs:complexType> - </xs:element> -</xs:schema> -``` - -and looks like this: - -``` -<coverage version="1"> - <file path="xources/hello/NoConditions.xoo"> - <lineToCover lineNumber="6" covered="true"/> - <lineToCover lineNumber="7" covered="false"/> - </file> - <file path="xources/hello/WithConditions.xoo"> - <lineToCover lineNumber="3" covered="true" branchesToCover="2" coveredBranches="1"/> - </file> -</coverage> -``` - -The root node should be named `coverage`. -Its version attribute should be set to `1`. - -Insert a `file` element for each file which can be covered by tests. -Its `path` attribute can be either absolute or relative to the root of the module. - -Inside a `file` element, insert a `lineToCover` for each line which can be covered by unit tests. -It can have the following attributes: - -* `lineNumber` (mandatory) -* `covered` (mandatory): boolean value indicating whether tests actually hit that line -* `branchesToCover` (optional): number of branches which can be covered -* `coveredBranches` (optional): number of branches which are actually covered by tests - - -## Generic Test Execution Report Format - -Report paths should be passed in a comma-delimited list to: - -`sonar.testExecutionReportPaths` - -The supported format looks like this: - -``` -<testExecutions version="1"> - <file path="testx/ClassOneTest.xoo"> - <testCase name="test1" duration="5"/> - <testCase name="test2" duration="500"> - <skipped/> - </testCase> - <testCase name="test3" duration="100"> - <failure/> - </testCase> - <testCase name="test4" duration="500"> - <error/> - </testCase> - </file> -</testExecutions> -``` - -The root node should be named `testExecutions`. -Its version attribute should be set to `1`. - -Insert a `file` element for each test file. -Its `path` attribute can be either absolute or relative to the project's base directory (root module). - -Unlike for coverage reports, the files present in the report must be test file names, not source code files covered by tests. - -Inside a `file` element, insert a `testCase` for each test run by unit tests. -It can have the following attributes/children: - -* `testCase` (mandatory) - * `name` (mandatory): name of the test case - * `duration` (mandatory): long value in milliseconds - * `failure|error|skipped` (optional): if the test is not OK, report its status. diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/java-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/java-test-coverage.md deleted file mode 100644 index a82dcffc5fc..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/java-test-coverage.md +++ /dev/null @@ -1,206 +0,0 @@ ---- -title: Java Test Coverage -url: /analysis/test-coverage/java-test-coverage/ ---- - -SonarQube supports the reporting of test coverage as part of the analysis of your Java project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - -For Java projects, SonarQube directly supports the JaCoCo coverage tool -(see [Generic Test Data](/analysis/generic-test/) for information on integrating other coverage tools). - - -## Adjust your setup - -To enable coverage, you need to: - -* Adjust your build process so that JaCoCo report generation step runs _before_ the SonarScanner step. -* Make sure that JacCoCo writes its report file to a defined path in the build environment. -* Configure the scanning step of your build so that the SonarScanner picks up the report file from that defined path. - - -## Add coverage in a single-module Maven project - -To add coverage to your Maven project you need to use the [`jacoco-maven-plugin`](https://mvnrepository.com/artifact/org.jacoco/jacoco-maven-plugin) and its `report` goal to create a code coverage report. - -Typically, you would create a specific Maven profile for executing the unit tests with instrumentation and producing the coverage report only on demand. - -In the most basic case, we will need to execute two goals: `jacoco:prepare-agent`, which allows coverage info to be collected during unit tests execution, and `jacoco:report`, which uses data collected during unit test execution to generate a report. -By default, the tool generates XML, HTML, and CSV versions of the report. -Here, we explicitly specify XML, since that is the only one we need for SonarQube. -The `<profile>` section of your `pom.xml` should look something like this: - -``` -<profile> - <id>coverage</id> - <build> - <plugins> - <plugin> - <groupId>org.jacoco</groupId> - <artifactId>jacoco-maven-plugin</artifactId> - <version>0.8.7</version> - <executions> - <execution> - <id>prepare-agent</id> - <goals> - <goal>prepare-agent</goal> - </goals> - </execution> - <execution> - <id>report</id> - <goals> - <goal>report</goal> - </goals> - <configuration> - <formats> - <format>XML</format> - </formats> - </configuration> - </execution> - </executions> - </plugin> - ... - </plugins> - </build> -</profile> -``` - -By default the generated report will be saved under `target/site/jacoco/jacoco.xml`. -This location will be checked automatically by the scanner, so no further configuration is required. -Just launch: - -``` -mvn sonar:sonar -Pcoverage -``` - -as usual and the report will be picked up. - -If you need to change the directory where the report is generated, you can set the property either on the command line using Maven’s `-D` switch: - -``` -mvn -Dsonar.coverage.jacoco.xmlReportPaths= - ../app-it/target/site/jacoco-aggregate/jacoco.xml - sonar:sonar -Pcoverage -``` - -or in your `pom.xml`: - -``` -<properties> - <sonar.coverage.jacoco.xmlReportPaths> - ../app-it/target/site/jacoco-aggregate/jacoco.xml - </sonar.coverage.jacoco.xmlReportPaths> -</properties> -``` - -Wildcards and a comma-delimited list of paths are supported. -See [Coverage Analysis Parameters](/analysis/test-coverage/test-coverage-parameters/) for details. -The path can be either absolute or relative to the project root. - - -## Add coverage in a multi-module Maven project - -For multi-module Maven projects, you configure the `jacoco-maven-plugin` in a profile in the parent pom just as in the single module case, above. By default, a separate coverage report will be generated for each module. - -If you want to aggregate all the module-specific reports into one project-level report, the easiest solution is to create a special Maven module (alongside the ones you already have), that contains nothing except a `pom.xml` that uses the `report-aggregate` goal. Here is an example: - -``` -<project> - <artifactId>my-project-report-aggregate</artifactId> - <name>My Project</name> - <description>Aggregate Coverage Report</description> - <dependencies> - <dependency> - <groupId>${project.groupId}</groupId> - <artifactId>my-module-1</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>${project.groupId}</groupId> - <artifactId>my-module-2</artifactId> - <version>${project.version}</version> - </dependency> - </dependencies> - <build> - <plugins> - <plugin> - <groupId>org.jacoco</groupId> - <artifactId>jacoco-maven-plugin</artifactId> - <executions> - <execution> - <id>report-aggregate</id> - <phase>verify</phase> - <goals> - <goal>report-aggregate</goal> - </goals> - </execution> - </executions> - </plugin> - </plugins> - </build> -</project> -``` - -When you invoke `maven clean verify` in the `report-aggregate-module` directory the aggregated report will be generated and placed inside that directory at the standard location `target/site/jacoco-aggregate/jacoco.xml`. -Then, in the top level `pom.xml` you set `sonar.coverage.jacoco.xmlReportPaths` to this location: - -``` -<properties>/ - <sonar.coverage.jacoco.xmlReportPaths> - ${project.basedir}/report-aggregate/target/site/ - jacoco-aggregate/jacoco.xml - </sonar.coverage.jacoco.xmlReportPaths> -</properties> -``` - -Wildcards and a comma-delimited list of paths are supported. -See [Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/) for details. - - -## Add coverage in a Gradle project - -To set up code coverage for your Gradle files, you just need to apply the JaCoCo plugin together with the SonarScanner for Gradle to the `build.gradle` file of your project as the JaCoCo is already integrated into the default gradle distribution: - -``` -plugins { - id "jacoco" - id "org.sonarqube" version "3.3" -} - -jacocoTestReport { - reports { - xml.enabled true - } -} -``` - -Your report will be automatically saved in the `build/reports/jacoco` directory. -The SonarQube plugin automatically detects this location so no further configuration is required. -To import coverage, launch: - -``` - gradle test jacocoTestReport sonarqube -``` - -For more details, see the [Gradle JaCoCo Plugin documentation](https://docs.gradle.org/current/userguide/jacoco_plugin.html) and - - -## Coverage parameter can also be set in the UI - -The `sonar.coverage.jacoco.xmlReportPaths` parameter can also be set in the SonarQube interface under - - **_Your Project_ > Project Settings > General Settings > JaCoCo** - - for project-level settings, and - - **Administration > Configuration > General Settings > JaCoCo** - - for global settings (applying to all projects). - - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/javascript-typescript-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/javascript-typescript-test-coverage.md deleted file mode 100644 index bb7031b8a87..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/javascript-typescript-test-coverage.md +++ /dev/null @@ -1,125 +0,0 @@ ---- -title: Javascript/Typescript Test Coverage -url: /analysis/test-coverage/javascript-typescript-test-coverage/ ---- - -SonarQube supports the reporting of test coverage information as part of the analysis of your JS/TS project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - -For JS/TS projects, SonarQube directly supports all coverage tools that produce reports in the LCOV format. -Additionally, a generic coverage format is also supported if you wish to use an unsupported tool (though you will have to convert its output to the generic format yourself). - -In this section, we discuss the directly supported JS/TS LCOV coverage feature. -For information on the generic format, see Generic Test Data. - - -## Adjusting your setup - -To enable coverage, you need to: - -* Adjust your build process so that the coverage tool runs before the scanner step. -* Make sure that the coverage tool writes its report file to a defined path in the build environment. -* Configure the scanning step of your build so that the scanner picks up the report file from that defined path. - - -## Adding coverage to your build process - -The details of setting up coverage within your build process depend on which tools you are using. - -The following illustrates how to do this for a JS/TS project that uses Yarn and Jest in the GitHub Actions CI. -Simply add the following to your build.yml file: - -``` -- name: Install dependencies - run: yarn -- name: Test and coverage - run: yarn jest --coverage -``` - -The resulting file should look something like this: - -``` -name: Build -on: - push: - branches: - - master - pull_request: - types: [opened, synchronize, reopened] -jobs: - sonarqube: - name: sonarqube - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Install dependencies - run: yarn - - name: Test and coverage - run: yarn jest --coverage - - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@master - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} -``` - -First, you install all your project dependencies and then invoke jest with the `--coverage` option to run your tests and write out the coverage data to a file. - -If, as here, you do not specify an output file, the default `./coverage/lcov.info` is used. - -If you are using a different package manager or a different testing tool, these details will be different. - -The essential requirements are that the tool produces its report in the LCOV format and writes it to a place from which the scanner can then pick it up. - - -## Adding the coverage analysis parameter - -The next step is to add `sonar.javascript.lcov.reportPaths` to your analysis parameters. -This parameter must be set to the path of the report file produced by your coverage tool. -The path can be either absolute or relative to the project root. -In this example, that path is set to the default produced by Jest: `./coverage/lcov.info`. -It is set in the `sonar-project.properties` file, located in the project root: - -``` -sonar.projectKey=<project-key> -... -sonar.javascript.lcov.reportPaths=./coverage/lcov.info -``` - - -## Coverage parameters can be set in multiple places - -As with other analysis parameters, the coverage-related parameters for JavaScript/TypeScript projects (`sonar.javascript.lcov.reportPaths`) can be set in multiple places: - -* In the `sonar-project.properties` file, as mentioned above. - -* On the command line of the scanner invocation using the `-D` or `--define` switch, for example: - - `sonar-scanner -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info` - -* In the SonarQube interface under - - **_Your Project_ > Project Settings > General Settings > Languages > JavaScript/TypeScript > Tests and Coverage** - - for project-level settings, and - - **Administration > Configuration > General Settings > Languages > JavaScript/TypeScript > Tests and Coverage** - - for global settings (applying to all projects). - - -## Same parameter for JavaScript and TypeScript - -The parameter `sonar.typescript.lcov.reportPaths` was formerly used for typescript coverage. -This parameter has been deprecated. - -The parameter `sonar.javascript.lcov.reportPaths` is now used for both JavaScript and TypeScript. - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/overview.md b/server/sonar-docs/src/pages/analysis/test-coverage/overview.md deleted file mode 100644 index b1b14504384..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/overview.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Overview -url: /analysis/coverage/ ---- - -Test coverage reports and test execution reports are important metrics in assessing the quality of your code. -Test coverage reports tell you what percentage of your code is covered by your test cases. -Test execution reports tell you which tests have been run and their results. - -SonarQube itself does not calculate coverage. -To include coverage results in your analysis, you must set up a third-party coverage tool and configure SonarQube to import the results produced by that tool. - -Below, you'll find guidelines and resources, as well as language- and tool-specific analysis parameters. - - -## General guidelines - -Before importing test coverage, you need to have the appropriate SonarScanner configured to perform code analysis as part of your build pipeline. - -To enable coverage reporting, you must then do the following: - -1. Set up your coverage tool to run as part of your build pipeline. - Your coverage tool should be set up to run _before_ the SonarScanner analysis. -2. Configure the coverage tool so that the location and format of the output report files match what the SonarScanner expects. -3. Configure the analysis parameters of the SonarScanner so that it can import the report files. - -Now, on each build of your project, your coverage tool should perform its analysis and output its results to one or more files (usually one for test coverage and one for test execution). -Then, the SonarScanner, as part of its analysis process, will import those files and send the results to SonarQube. - - -## Coverage support - -SonarQube directly supports the import of coverage data in formats native to a variety of tools for a variety of languages. It also supports the import of a [generic format](/analysis/generic-test/) that can be used as a target for custom conversion of reports from tools that are not directly supported. - - -### Detailed guides - -Detailed guides for the following languages are provided in this section: - -* [Java Test Coverage](/analysis/test-coverage/java-test-coverage/) -* [JavaScript/TypeScript Test Coverage](/analysis/test-coverage/javascript-typescript-test-coverage/) -* [.NET Test Coverage](/analysis/test-coverage/dotnet-test-coverage/) -* [Python Test Coverage](/analysis/test-coverage/python-test-coverage/) -* [PHP Test Coverage](/analysis/test-coverage/php-test-coverage/) -* [C/C++/Objective-C Test Coverage](/analysis/test-coverage/c-family-test-coverage/) - - -### Generic format - -See [Generic Test Data](/analysis/generic-test/) for information on how the generic format works. - - -### Test coverage parameters - -See [Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/) for a reference on all coverage-related analysis parameters. - - -## Test execution reports - -This section is about _test coverage reports_, that is, reports that describe the percentage of your code that is tested by your test suite during a build. - -Test execution reports are a separate feature. -These describe which tests within your tests suite are executed during a build. -For details, see [Test Execution Parameters](/analysis/test-coverage/test-execution-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/php-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/php-test-coverage.md deleted file mode 100644 index 20e0db833de..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/php-test-coverage.md +++ /dev/null @@ -1,124 +0,0 @@ ---- -title: PHP Test Coverage -url: /analysis/test-coverage/php-test-coverage/ ---- - -SonarQube supports the reporting of test coverage information as part of the analysis of your PHP project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - -For PHP projects, we recommend PHPUnit for testing and coverage reporting. - - -## Adjust your setup - -To enable coverage, you need to: - -* Adjust your build process so that the coverage tool runs _before_ the scanner report generation step runs. -* Make sure that the coverage tool writes its report file to a defined path in the build environment. -* Configure the scanning step of your build so that the scanner picks up the report file from that defined path. - - -## Add coverage to your build process - -The details of setting up coverage within your build process depend on which tools you are using. -In our example below we use: - -* Composer, as a package manager -* PHPUnit with Xdebug, to execute the tests -* Clover to do the coverage reporting, and -* GitHub Actions to perform the build. - -Simply add the following to your `.github/workflows/build.yml` file: - -``` -- name: Setup PHP with Xdebug - uses: shivammathur/setup-php@v2 - with: - php-version: '8.1' - coverage: xdebug - -- name: Install dependencies with composer - run: composer update --no-ansi --no-interaction --no-progress - -- name: Run tests with phpunit/phpunit - run: vendor/bin/phpunit --coverage-clover=coverage.xml -``` - -The resulting file should look something like this: - -``` -name: build -on: - - pull_request - - push -jobs: - tests: - name: Tests - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Setup PHP with Xdebug - uses: shivammathur/setup-php@v2 - with: - php-version: '8.1' - coverage: xdebug - - name: Install dependencies with composer - run: composer update --no-ansi --no-interaction --no-progress - - name: Run tests with phpunit/phpunit - run: vendor/bin/phpunit --coverage-clover=coverage.xml - - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@master - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} -``` - -First you install all your project dependencies using Composer as a package manager and then invoke _PHPUnit with XDebug_ to run your tests and generate a coverage report file. - -The essential requirements are that the tool produces its report in the `clover.xml` format and writes it to a place from which the scanner can then pick it up. - - -## Add the coverage analysis parameter - -The next step is to add `sonar.php.coverage.reportPaths` to your analysis parameters. -This parameter must be set to the path of the report file produced by your coverage tool. -In this example, that path is set to the default. -It is set in the `sonar-project.properties` file, located in the project root: - -``` -sonar.projectKey=<sonar-project-key> -... -sonar.php.coverage.reportPaths=coverage.xml -``` - - -## Coverage parameters can be set in multiple places - -As with other analysis parameters, `sonar.php.coverage.reportPaths` can be set in multiple places: - -* In the `sonar-project.properties` file, as mentioned above. - -* On the command line of the scanner invocation using the `-D` or `--define` - switch, for example: - - `sonar-scanner -Dsonar.php.coverage.reportPaths=coverage.xml` - -* In the SonarQube interface under - - **_Your Project_ > Project Settings > General Settings > Languages > PHP > PHPUnit** - - for project-level settings, and - - **Administration > Configuration > General Settings > Languages > PHP > PHPUnit** - - for global settings (applying to all projects). - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/python-test-coverage.md b/server/sonar-docs/src/pages/analysis/test-coverage/python-test-coverage.md deleted file mode 100644 index 57741a5156a..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/python-test-coverage.md +++ /dev/null @@ -1,154 +0,0 @@ ---- -title: Python Test Coverage -url: /analysis/test-coverage/python-test-coverage/ ---- - -SonarQube supports the reporting of test coverage information as part of the analysis of your Python project. - -However, SonarQube does not generate the coverage report itself. -Instead, you must set up a third-party tool to produce the report as part of your build process. -You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarQube, where it will be displayed on your project dashboard along with the other analysis metrics. - - -## Adjust your setup - -To enable coverage, you need to: - -* Adjust your build process so that the coverage tool runs _before_ the scanner report generation step runs. -* Make sure that the coverage tool writes its report file to a defined path in the build environment. -* Configure the scanning step of your build so that the scanner picks up the report file from that defined path. - - -## Add coverage to your build process - -The details of setting up coverage within your build process depend on which tools you are using. -In our example we use: - -* Tox, to configure the tests -* Pytest, to execute the tests -* Coverage, (the Coverage.py tool,) to measure code coverage, and -* GitHub Actions, to perform the build. - -In this example, we invoke `pytest` and use the `pytest-cov` plugin which, in turn, uses Coverage.py. -Simply add the text below to the `tox.ini` file at the root of your project: - -``` -[tox] -envlist = py39 -skipsdist = True - -[testenv] -deps = - pytest - coverage -commands = pytest --cov=my_project --cov-report=xml --cov-config=tox.ini --cov-branch - -[coverage:run] -``` - -Alternatively, we could start the test by invoking the Coverage.py tool (the command `coverage`) with the `pytest` invocation as an argument, like this: - -``` -[tox] -envlist = py39 -skipsdist = True - -[testenv] -deps = - pytest - coverage -commands = - coverage run -m pytest - coverage xml - -[coverage:run] -relative_files = True -source = my_project/ -branch = True -``` - -Note that we specify `relative_files = True` in the `tox.ini` file to ensure that your coverage results are correctly parsed. - -The following shows how to configure the GitHub Actions build file for your Python project so that it works in conjunction with the `tox.ini` configuration file described above to generate code coverage. -Your `build.yml` file should look something like this: - -``` -name: Build -on: - push: - branches: - - main - pull_request: - types: [opened, synchronize, reopened] -jobs: - sonarqube: - name: SonarQube - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Setup Python - uses: actions/setup-python@v2 - with: - python-version: ${{ matrix.python }} - - name: Install tox and any other packages - run: pip install tox - - name: Run tox - run: tox -e py - - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@master - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} -``` - -First of all, install all of your project dependencies and then invoke `tox` to run your tests and generate a coverage report file. - -If, as here, you do not specify an output file, the scanner will look for report paths located under the default -`.coverage-reports/*coverage-*.xml.` - -If you are using a different package manager or a different testing tool these details will be different. - -The essential requirements are that the tool produces its report in the Cobertura XML format and writes it to a place from which the scanner can then pick it up. - - -## Add the coverage analysis parameter - -The next step is to add `sonar.python.coverage.reportPaths` to your analysis parameters. -This parameter must be set to the path of the report file produced by your coverage tool. -In this example, that path is set to the default produced by Coverage.py. -It is set in the `sonar-project.properties` file, located in the project root: - -``` -sonar.projectKey=<sonar-project-key> -... -sonar.python.coverage.reportPaths=coverage.xml -``` - - -## Coverage parameters can be set in multiple places - -As with other analysis parameters, `sonar.python.coverage.reportPaths` can be set in multiple places: - -* In the `sonar-project.properties` file, as mentioned above. - -* On the command line of the scanner invocation using the `-D` or `--define` - switch, for example: - - `sonar-scanner -Dsonar.python.coverage.reportPaths=coverage.xml` - -* In the SonarQube interface under - - **_Your Project_ > Project Settings > General Settings > Languages > Python > Tests and Coverage** - - for project-level settings, and - - **Administration > Configuration > General Settings > Languages > Python > Tests and Coverage** - - for global settings (applying to all projects). - - -## See Also - -[Test Coverage Parameters](/analysis/test-coverage/test-coverage-parameters/). diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/test-coverage-parameters.md b/server/sonar-docs/src/pages/analysis/test-coverage/test-coverage-parameters.md deleted file mode 100644 index e72385b7e4c..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/test-coverage-parameters.md +++ /dev/null @@ -1,206 +0,0 @@ ---- -title: Test Coverage Parameters -url: /analysis/test-coverage/test-coverage-parameters/ ---- - -_Test coverage reports_ describe the percentage of your code that has been tested by your test suite during a build. - -This differs from _test execution reports_, which describe which tests within your test suite have been run during a build. For details, see [Test Execution Parameters](/analysis/test-coverage/test-execution-parameters/). - -Test coverage reports are not generated by SonarQube itself. -They must be generated by an external tool and then imported into SonarQube by specifying a parameter telling the scanner where to look for the report. -The data is then displayed in your SonarQube analysis. - -Below, you will find language- and tool-specific analysis parameters for importing test coverage reports. - -For information on analysis parameters in general, see [Analysis Parameters](/analysis/analysis-parameters/). - -Unless otherwise specified, these properties require values that are relative to the project root. Some properties support the following wildcards in paths. The remarks for properties that support wildcards will mention this fact. If wildcards are not noted for a given property, then they are not supported for that property. - -Symbol | Meaning --|- -`?` | a single character -`*` | any number of characters -`**` | any number of directories - - -## All languages - -### sonar.coverageReportPaths - -Path to coverage report in the [Generic Test Data](/analysis/generic-test/) format. - - -## Apex - -### sonar.apex.coverage.reportPath - -Path to the `test-result-codecoverage.json` report file generated by the [`apex:test:run`](https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_force_apex.htm?search_text=apex%20test#cli_reference_test_run) command of the [Salesforce CLI](https://developer.salesforce.com/tools/sfdxcli). -Note, you must have a [Salesforce DX project](https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_workspace_setup.htm) set up and linked to your organization. - - -## C/C++/Objective-C - -See [C/C++/Objective-C Test Coverage](/analysis/test-coverage/c-family-test-coverage/) for examples and details. - - -### sonar.cfamily.gcov.reportsPath - -Path to the directory containing native `*.gcov` reports (not the XML reports generated by `gcovr`). - - -### sonar.cfamily.llvm-cov.reportPath - -Path to the `llvm-cov` report. - - -### sonar.cfamily.vscoveragexml.reportsPath - -Path to the Visual Studio Code Coverage report. -The path may be absolute or relative to the solution directory. -Path wildcards (see above) are supported. -Note that the `.coverage` report format must be converted to `.coveragexml` format using the tool `CodeCoverage.exe` tool in order to be imported. - - -### sonar.cfamily.bullseye.reportPath - -Path to the report from Bullseye, version >= 8.9.63 (use the [`covxml`](http://www.bullseye.com/help/ref-covxml.html) tool) - - -## C# - -See [.NET Test Coverage](/analysis/test-coverage/dotnet-test-coverage/) for examples and details. - - -### sonar.cs.vscoveragexml.reportsPaths - -Comma-delimited list of paths to the coverage reports produced by Visual Studio Code Coverage or the `dotnet-coverage` tool. -Wildcards are supported. - - -### sonar.cs.dotcover.reportsPaths - -Path to the dotCover coverage report. - - -### sonar.cs.opencover.reportsPaths - -Path to the OpenCover or Coverlet coverage report. - - -## Flex - -### sonar.flex.cobertura.reportPaths - -Path to the Cobertura XML reports. -Multiple paths may be comma-delimited. -May be absolute or relative to the project base directory. - - -## Go - -### sonar.go.coverage.reportPaths - -Comma-delimited list of paths to coverage report files. -Wildcards are supported. - - -## Java/Kotlin/Scala/JVM - -See [Java Test Coverage](/analysis/test-coverage/java-test-coverage/) for examples and details. - - -### sonar.coverage.jacoco.xmlReportPaths - -Comma-delimited list of paths to JaCoCo XML coverage reports. -Wildcards are supported. - - -### sonar.jacoco.reportPaths - -Deprecated. -Use `sonar.coverage.jacoco.xmlReportPaths`. - - -## JavaScript/TypeScript - -See [JavaScript/TypeScript Test Coverage](/analysis/test-coverage/javascript-typescript-test-coverage/) for examples and details. - - -### sonar.javascript.lcov.reportPaths - -Comma-delimited list of paths to LCOV coverage report files. -Paths may be absolute or relative to the project root. - - -## PHP - -See [PHP Test Coverage](/analysis/test-coverage/php-test-coverage/) for examples and details. - - -### sonar.php.coverage.reportPaths - -Comma-delimited list of paths to Clover XML-format coverage report files. -Paths may be absolute or relative to the project root. - - -## Python - -See [Python Test Coverage](/analysis/test-coverage/python-test-coverage/) for examples and details. - - -### sonar.python.coverage.reportPaths - -Comma-delimited list of paths to coverage reports in the Cobertura XML format. -Wildcards are supported. -Leave unset to use the default, `coverage-reports/*coverage-*.xml`. - - -## Ruby - -### sonar.ruby.coverage.reportPaths - -Comma-delimited list of paths to SimpleCov report files generated with the [JSON formatter](https://github.com/simplecov-ruby/simplecov#json-formatter) (available from SimpleCov 0.20). -For SimpleCov versions before 0.18, you can provide `.resultset.json` report files (though we recommend updating to 0.20 and using the JSON formatter). -Paths may be absolute or relative to the project root. - - -## Scala - -### sonar.scala.coverage.reportPaths - -Comma-delimited list of paths to `scoverage.xml` report files generated by Scoverage. - - -## Swift with Xcode 9.3+ - -You can use the [xccov-to-sonarqube-generic.sh](https://github.com/SonarSource/sonar-scanning-examples/blob/master/swift-coverage/swift-coverage-example/xccov-to-sonarqube-generic.sh) script from the [sonar-scanning-examples/swift-coverage](https://github.com/SonarSource/sonar-scanning-examples/tree/master/swift-coverage) project to convert output from Xcode 9.3's `xccov` tool to the [Generic Test Data](https://docs.sonarcloud.io/enriching/test-coverage/generic-test-data/) format. - - -## Swift with Xcode 7-9.2 - -### sonar.swift.coverage.reportPaths - -Path to the report generated by `llvm-cov show`. -The path may be absolute or relative to the project root. - - -## VB.NET - -See [.NET Test Coverage](/analysis/test-coverage/dotnet-test-coverage/) for examples and details. - - -### sonar.vbnet.vscoveragexml.reportsPaths - -Comma-delimited list of paths to Visual Studio Code Coverage reports. -Wildcards are supported. - - -### sonar.vbnet.dotcover.reportsPaths - -Path to dotCover coverage report. - - -### sonar.vbnet.opencover.reportsPaths - -Path to OpenCover coverage report. diff --git a/server/sonar-docs/src/pages/analysis/test-coverage/test-execution-parameters.md b/server/sonar-docs/src/pages/analysis/test-coverage/test-execution-parameters.md deleted file mode 100644 index dd102976290..00000000000 --- a/server/sonar-docs/src/pages/analysis/test-coverage/test-execution-parameters.md +++ /dev/null @@ -1,135 +0,0 @@ ---- -title: Test Execution Parameters -url: /analysis/test-coverage/test-execution-parameters/ ---- - -_Test execution reports_ describe which tests within your test suite have been run during a build. - -This differs from _test coverage reports_, which describe the percentage of your code that has been tested by your test suite during a build. -For details, see [Test Coverage](/analysis/coverage/). - -Test execution reports are not generated by SonarQube itself. -Much like tests coverage reports, test execution reports must be generated by an external tool and then imported into SonarQube by specifying a parameter telling the scanner where to look for the report. -The data is then displayed in your SonarQube analysis. - -Below, you will find language- and tool-specific analysis parameters for importing test execution reports. - -For information on analysis parameters in general, see [Analysis Parameters](/analysis/analysis-parameters/). - -Unless otherwise specified, these properties require values that are relative to the project root. Some properties support the following wildcards in paths. The remarks for properties that support wildcards will mention this fact. If wildcards are not noted for a given property, then they are not supported for that property. - -Symbol | Meaning --|- -`?` | a single character -`*` | any number of characters -`**` | any number of directories - - -## Branches only - -_SonarQube only supports test execution reports for the branches of a project (including the main branch), not for pull requests._ -This differs from the case with test coverage reports, where pull requests are supported. - - -## All languages - -### sonar.testExecutionReportPaths - -Comma-delimited list of paths to execution reports in the [Generic Test Data](/analysis/generic-test/) format. - - -## C/C++/Objective-C - -### sonar.cfamily.cppunit.reportsPath - -Path to the directory holding the [CPPUnit](https://sourceforge.net/projects/cppunit/) reports. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -## C# - -### sonar.cs.vstest.reportsPaths - -Paths to VSTest reports. Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.cs.nunit.reportsPaths - -Paths to NUnit execution reports. Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.cs.mstest.reportsPaths - -Paths to MSTest execution reports. Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.cs.xunit.reportsPaths - -Paths to xUnit execution reports. Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -## Go - -### sonar.go.tests.reportPaths - -Comma-delimited list of paths to unit test report files. -Paths may be absolute or relative to the project root. - - -## Java - -### sonar.junit.reportPaths - -Comma-delimited list of paths to Surefire XML-format reports. - - -## PHP - -### sonar.php.tests.reportPath - -Path to the PHPUnit unit test execution report file. -The path may be absolute or relative to the project root. - - -## Python - -### sonar.python.xunit.reportPath - -Path to unit test execution report. -Leave unset to use the default (`xunit-reports/xunit-result-*.xml`). -Path wildcards (see above) are supported. -If any paths in the report are invalid, set `sonar.python.xunit.skipDetails=true` to collect only project-level details. - - -## VB.NET - -### sonar.vbnet.vstest.reportsPaths - -Paths to VSTest execution reports. -Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.vbnet.nunit.reportsPaths - -Paths to NUnit execution reports. -Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.vbnet.mstest.reportsPaths - -Paths to MSTest execution reports. -Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. - - -### sonar.vbnet.xunit.reportsPaths - -Paths to xUnit execution reports. -Multiple paths may be comma-delimited or included via wildcards. -Note that while measures such as the number of tests are displayed at the project level, no drill-down is available. diff --git a/server/sonar-docs/src/pages/branches/branches-faq.md b/server/sonar-docs/src/pages/branches/branches-faq.md deleted file mode 100644 index ca908505200..00000000000 --- a/server/sonar-docs/src/pages/branches/branches-faq.md +++ /dev/null @@ -1,28 +0,0 @@ ---- -title: Branch FAQ -url: /branches/branches-faq/ ---- - -_Branch analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)._ - -## How long are branches retained? -Branches will be deleted automatically when they are inactive according to your settings at [Administration > Configuration > General Settings > Housekeeping > Number of days before deleting inactive branches](/#sonarqube-admin#/admin/settings?category=housekeeping) except for branches you have set to be kept when inactive. These branches are kept until you delete them manually at the project level at **Project Settings > Branches & Pull Requests**. See the [Branches Analysis](/branches/overview/) for more information on keeping inactive branches. - -## Does my project need to be stored in an SCM like Git or SVN? -No, you don't need to be connected to a SCM. However, SCM data still enhances the SonarQube experience (including issue auto-assignment and issue backdating), and you will be well prepared to take advantage of [Pull Request Analysis](/analysis/pull-request/)! - -## What if I mark an Issue "Won't Fix" or "False-Positive" in a branch? -It will be replicated as such when creating a pull request and merging the pull request into the main branch. - -If you're using the **Reference Branch** [New Code](/project-administration/new-code-period/) definition, issues in the reference branch that come from a feature branch automatically inherit their attributes (including "Won't Fix" and "False Positive" resolutions) from the feature branch. -## Can I manually delete a branch? -You can delete a branch in the **Branches** tab at **Project Settings > Branches and Pull Requests**. - -## Does the payload of the Webhook include branch information? -Yes, an extra node called "branch" is added to the payload. - -## When are Webhooks called? -When the computation of the background task is done for a given branch. - -## What is the impact on my LOCs consumption vs my license? -The [LOC](/instance-administration/license-manager/) of your largest branch are counted toward your license limit. All other branches are ignored. diff --git a/server/sonar-docs/src/pages/branches/overview.md b/server/sonar-docs/src/pages/branches/overview.md deleted file mode 100644 index 852f40cc45d..00000000000 --- a/server/sonar-docs/src/pages/branches/overview.md +++ /dev/null @@ -1,110 +0,0 @@ ---- -title: Branch Analysis -url: /branches/overview/ ---- - -_Branch analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)._ - -## Overview - -With Branch Analysis, you can ensure that you're maintaining consistent code quality all the way down to the branch level of your projects. - -### Main Branch - -This is the default branch and typically corresponds to what's being developed for your next release. This branch is usually known within a development team as "main", "master", or "head" and is analyzed when no specific branch parameters are provided. SonarQube labels this branch as **Main Branch**, and, with Community Edition, this is the only branch you can analyze. - -Adding projects by DevOps Platform copies the main branch name in SonarQube from the main branch name in your repository. See **DevOps Platform Integrations** in the documentation navigation for more information on adding your project from an DevOps Platform. - -If you add your project manually, your main branch defaults to the name "main". - -Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), your main branch can be renamed from the project settings at **Project Settings > Branches and Pull Requests**. - -### Settings and Quality Profiles on Branches - -Branch settings and Quality Profiles are the same as those set for the main branch, and by design, it's not possible to configure other values. The New Code Period is the only exception to this as it can be set on a branch-by-branch basis. - -### New Code - -You can set a New Code definition for each branch. This is especially helpful if you are likely to develop and release multiple versions from the branch. See the [Defining New Code](/project-administration/new-code-period/) documentation for more information, and look at the [Clean as you code](/user-guide/clean-as-you-code/) strategy to learn how to implement this best practice. - -### Quality Gate - -The branch Quality Gate lets you know if your branch is ready to be merged. Each branch has a quality gate that: - -* Applies on conditions on New Code and overall code. -* Assigns a status (Passed or Failed). - -## Setting up Branch analysis - -A branch is created when the `sonar.branch.name` parameter is passed during analysis. - -[[info]] -| Scanners can automatically detect branch parameters when running on the following CI services: -| * Azure Pipelines -| * Bitbucket Pipelines -| * Cirrus CI -| * Codemagic -| * GitHub Actions -| * GitLab CI/CD -| * Jenkins (with the Branch Source plugin configured) -| -| Manually setting branch parameters overrides automatic detection. - -| Parameter Name | Description | -| --------------------- | ------------------------------------------------- | -| `sonar.branch.name` | Name of the branch (visible in the UI) - -### Limiting analysis to relevant branches - -You need to add a condition to your pipeline script to ensure only relevant branches are analyzed. For example, you wouldn't want to run analysis on feature branches that won't need analysis until they have pull requests . - -In the following example, analysis would be limited to branches named `main` or `release/*`. - -``` -if [[ "$CI_BRANCH_NAME" == main ]] || [[ "$CI_BRANCH_NAME" == release/* ]]; then - ./gradlew sonarqube -fi -``` - -### Issue Creation and Synchronization - -During the first analysis, issues (type, severity, status, assignee, change log, comments) are synchronized with the Main Branch. In each synchronized issue, a comment is added to the change log of the issue on the branch: "The issue has been copied from branch 'main' to branch 'yyy'". - -At each subsequent analysis of the branch, any new issue in the Main Branch that comes from a pull request automatically inherits its attributes (type, severity, ...) from the pull request. A comment is added to the change log of the issue on the branch: "The issue has been merged from 'xxx' into 'yyy'" - -Issues can be synchronized between branches if you're using the **Reference Branch** [New Code](/project-administration/new-code-period/) definition. When using this New Code definition, any new issue in the reference branch that comes from a feature branch automatically inherits its attributes (type, severity, ...) from the feature branch. A comment is added to the change log of the issue on the branch: "The issue has been merged from 'xxx' into 'yyy'". - -### Fetching full Git history - -By default, some CIs don't fetch your full Git history. For example, TravisCI only fetches the last 50 git commits. You must use `git fetch --unshallow` to get the full history. If you don't, new issues may not be assigned to the correct developer. - -## Managing inactive branches -Inactive branches are branches that are no longer being analyzed. You can use Housekeeping to automatically delete branches that are inactive (i.e. old feature branches) or to keep inactive branches that you want to continue maintaining (i.e. release branches). - -### Deleting inactive branches - -You can set the number of days a branch can be inactive before it's deleted in the global settings at **Administration > General Settings > Housekeeping > Number of days before deleting inactive branches**. Branches that are inactive for the number of days that you set will be automatically deleted. - -### Using patterns to keep inactive branches - -You can use naming patterns to protect specific branches, such as release branches, from automatic deletion. To do this, add a pattern using Java regular expressions under **Administration > General Settings > Housekeeping > Branches > Branches to keep when inactive** at either the global or project level. When a branch is created with a name that follows one of these patterns, it will be kept indefinitely. - -For example, adding the pattern `release/.*` would keep any branches named release/6.0, release/7, and so on. - -**Note:** Patterns aren't retroactive and won't apply to branches that have already been created. They only apply to branches created after the pattern is set. You can protect an existing branch at the project level. See the following section. - -### Managing inactive branches at a project level - -You can set a branch to **Keep when inactive** at the project level from from the **Branches** tab at **Project Settings > Branches and Pull Requests**. Here, you can also turn off protection for a branch so it will be deleted when it's inactive for the number of days that has been specified in the global settings at **Administration > General Settings > Housekeeping > Number of days before deleting inactive branches**. - -**Note:** The main branch is always protected from automatic deletion, even if it's inactive. This can't be changed. - -## Keeping your Main Branch history when upgrading from Community Edition to a commercial edition -[[info]] -| If you added a SonarQube project from an DevOps Platform instead of manually, the name of the main branch in SonarQube is copied from the name of the main branch in your repository, and you shouldn't have any branch history issues when upgrading to a commercial edition. - -When upgrading to a current commercial edition version, automatic branch and pull request configuration creates branches based on their names in your code repository. If the name of your Main Branch ("main" by default) in SonarQube doesn't match the branch's name in your code repository, the history of your Main Branch won't be taken on by the branch you analyze. - -**Before running analysis**, you can keep your branch history by renaming the Main Branch in SonarQube with the name of the branch in your code repository at **Project Settings > Branches and Pull Requests**. - -For example, if your Main Branch is named "main" in SonarQube but "develop" in your code repository, rename your Main Branch "develop" in SonarQube. diff --git a/server/sonar-docs/src/pages/extend/adding-coding-rules.md b/server/sonar-docs/src/pages/extend/adding-coding-rules.md deleted file mode 100644 index eec41912dc7..00000000000 --- a/server/sonar-docs/src/pages/extend/adding-coding-rules.md +++ /dev/null @@ -1,406 +0,0 @@ ---- -title: Adding Coding Rules -url: /extend/adding-coding-rules/ ---- - -There are three ways to add coding rules to SonarQube: - -* Writing a SonarQube plugin in Java that uses SonarQube APIs to add new rules -* Adding XPath rules directly through the SonarQube web interface -* Importing [Generic Issue Reports](/analysis/generic-issue/) generated by an independently run tool - -The Java API will be more fully-featured than what's available for XPath, and is generally preferable. However, this comes with the overhead of maintaining a SonarQube plugin (including keeping it up-to-date as APIs change, upgrading the plugin after releasing a new version). - -Importing [Generic Issue Reports](/analysis/generic-issue/) is a good solution when there's a very specific need for a subset of projects on your SonarQube instance. They are the most flexible option, but lack some features (such as being able to control their execution by inclusion in a Quality Profile). - -[[info]] -| Before implementing a new coding rule, you should consider whether it is specific to your own context or might benefit others. If it might benefit others, you can propose it on the [Community Forum](https://community.sonarsource.com/). If there is shared interest, then it might be implemented for you directly in the related language plugin. It means less maintenance for you, and benefit to others. - -## Custom rule support by language - -| | XPath 1.0 | Java | Generic Issue Reports | Other | -|-|-|-|-|-| -| ABAP | - | - |  | | -| Apex | - | - |  | | -| C# | - | - |  | [Importing Issues from Third-Party Roslyn Analyzers (C#, VB.NET)](/analysis/external-issues/) | -| C/C++/Objective-C | - | - |  | | -| COBOL | - |  |  | | -| CSS | - | - |  | | -| Flex |  | - |  | | -| Go | - | - |  | | -| HTML | - | - |  | | -| Java | - |  |  | | -| JavaScript / Typescript | - | - |  | | -| Kotlin | - | - |  | | -| PHP | - |  |  | | -| PL/SQL |  | - |  | | -| PL/I |  | - |  | | -| Python | - |  |  | | -| RPG | - |  |  | | -| Ruby | - | - |  | | -| Scala | - | - |  | | -| Swift | - | - |  | | -| T-SQL | - | - |  | | -| VB.NET | - | - |  | [Importing Issues from Third-Party Roslyn Analyzers (C#, VB.NET)](/analysis/external-issues/) | -| VB6 | - | - |  | | -| XML |  | - |  | | - - -## Adding coding rules using Java -Writing coding rules in Java is a six-step process: - -* Create a SonarQube plugin. -* Put a dependency on the API of the language plugin for which you are writing coding rules. -* Create as many custom rules as required. -* Generate the SonarQube plugin (jar file). -* Place this jar file in the SONARQUBE_HOME/extensions/plugins directory. -* Restart SonarQube server. - -See the following pages to see samples and details about how to create coding rules - -* [for COBOL](/analysis/languages/cobol/) -* [for Java](/analysis/languages/java/) -* [for PHP](/analysis/languages/php/) -* [for Python](/analysis/languages/python/) -* [for RPG](/analysis/languages/rpg/) - - -## Adding coding rules using XPATH - -SonarQube provides a quick and easy way to add new coding rules directly via the web interface for certain languages using XPath 1.0 expressions. For XML, which is already immediately accessible to XPath, you can simply write your rules and check them using any of the [freely available tools](http://codebeautify.org/Xpath-Tester) for examining XPath on XML. If you're writing rules for XML, skip down to the Adding your rule to the server section once you've got your rules written. - -For other languages how to access a variable, for example, in XPath is less obvious, so we've provided tools. - -### Writing an XPath Rule using SSLR Toolkit -The rules must be written in XPath (version 1.0) to navigate the language's [Abstract Syntax Tree](http://en.wikipedia.org/wiki/Abstract_syntax_tree) (AST). For most languages, an SSLR Toolkit is provided to help you navigate the AST. You need to download the `sslr-{language}-toolkit-{version}.jar` file corresponding to the version of your language plugin you have on your SonarQube instance. - -Each language's SSLR Toolkit is a standalone application that displays the AST for a piece of code source that you feed into it, allowing you to read the node names and attributes from your code sample and write your XPath expression. Knowing the XPath language is the only prerequisite, and there are a lot of tutorials on XPath online. - -The latest version of SSLR Toolkit can be downloaded from following locations: - -* [Flex](https://binaries.sonarsource.com/?prefix=Distribution/sslr-flex-toolkit/) -* [PL/SQL](https://binaries.sonarsource.com/?prefix=CommercialDistribution/sslr-plsql-toolkit/) -* [PL/I](https://binaries.sonarsource.com/?prefix=CommercialDistribution/sslr-pli-toolkit/) - -For an SSLR preview, consider the following source code sample: -``` -function HelloWorld(hour) { - if (hour) { - this.hour = hour; - } else { - var date = new Date(); - this.hour = date.getHours(); - } - this.displayGreeting = function() { - if (this.hour >= 22 || this.hour <= 5) - document.write("Good night, World!"); - else - document.write("Hello, World!"); - } -} -``` -While parsing source code, SonarQube builds an Abstract Syntax Tree (AST) for it, and the SSLR Toolkit provided for each language will show you SonarQube's AST for a given piece of code. Here's the AST for our sample: - - - -The [XPath](http://en.wikipedia.org/wiki/XPath) language provides a way to write coding rules by navigating this AST, and the SSLR Toolkit for the language will give you the ability to test your new rules against your sample code. - -### Adding your Rule to the Server -Once your new rule is written, you can add it SonarQube: - -1. Login as an Quality Profile Administrator -1. Go to the Rules page -1. Select the Language for which you want to create the XPath rule -1. Tick the Template criterion and select "Show Templates Only" -1. Look for the XPath rule template -1. Click on it to select it, then use the interface controls to create a new instance -1. Fill in the form that pops up -1. Once you've created your rule, you'll need to add it to a Quality Profile and run analysis to see it in action. - - -## Coding rule guidelines -These are the guidelines that SonarSource uses internally to specify new rules. Rules in community plugins are not required to adhere to these guidelines. They are provided here only in case they are useful. - -Note that fields "title", "description" and "message" have a different format when the rule type is "Hotspot". - -### Guidelines applicable to all rules -#### Code examples -Do not give examples that make references to real companies or organizations: -``` -$fp = file_get_contents("https://www.real-company.com"); -``` - -Should be replaced by a neutral website: -``` -$fp = file_get_contents("https//www.example.com"); -// or even better: -$fp = file_get_contents("https://localhost"); -``` - -#### See/References -When a reference is made to a standards specification, e.g. MISRA, the following steps must also be taken: - -* add any related tags such as security, bug, etc. -* add the relevant standard-related tag/label such as cwe, misra, etc. (If you forget, the overnight automation will remember for you.) -* update the appropriate field on the References tab with the cited id. (If you forget, the overnight automation will remember for you.) - -If needed, references to other rules should be listed under a "See also" heading. If a "See" heading exists in the rule, then the "See also" title should be at the h3 level. Otherwise, use an h2 for it. - -Other rules should be linked to only if they are related or contradictory (such as a pair of rules about where `{` should go). - -Why list references to other rules under "see also" instead of "see"? The see section is used to support the current rule, and one rule cannot be used as justification for another rule. - -#### Rule Type -Now that you've fleshed out the description, you should have a fairly clear idea of what type of rule this is, but to be explicit: - -**Bug** - Something that's wrong or potentially wrong. - -**Code Smell** - Something that will confuse a maintainer or cause them to stumble in their reading of the code. - -**Vulnerability** - Something that's wrong which impacts the application's security and therefore needs a fix. - -**Hotspot** - An optional protection is missing and the developer needs to do a review before deciding whether to apply a fix. - -Sometimes the line between Bug and Code Smell is fuzzy. When in doubt, ask yourself: "Is code that breaks this rule doing what the programmer probably intended?" If the answer is "probably not" then it's a Bug. Everything else is a Code Smell. - -The main differences between vulnerabilities and hotspots are explained on the [security-hotspots](/user-guide/security-hotspots/) page. During the specification of a rule, the following guidelines might also help: -* The difficulty of exploiting a weakness should not be a criterion for specifying a hotspot or a vulnerability. -* Vulnerabilities and hotspots should not overlap but can be related to the same subject. For example, with the hotspot [RSPEC-2077](https://jira.sonarsource.com/browse/RSPEC-2077), formatted SQL queries are highlighted and we recommend the use of *prepare statements* as an additional protection to prevent SQL-injection vulnerabilities ([RSPEC-3649](https://jira.sonarsource.com/browse/RSPEC-3649)). - - -#### Default severities -When assessing the default severity of a rule, the first thing to do is ask yourself "what's the worst thing that could happen?" In answering, you should factor in Murphy's Law without predicting Armageddon. - -Once you have your answer, it's time to assess whether the Impact and Likelihood of the Worst Thing are High or Low. To do that, ask yourself these specific questions: - -Vulnerability -* Impact: Could the exploitation of the vulnerability result in significant damage to your assets or your users? (Yes = High) -* Likelihood: What is the probability a hacker will be able to exploit it? what is the time to fix the issue? - -Bug -* Impact: Could the bug cause the application to crash or corrupt stored data? -(Languages where an error can cause program termination: COBOL, Python, PL/SQL, RPG.) -* Likelihood: What is the probability the worst will happen? - -Code Smell -* Impact: Could the Code Smell lead a maintainer to introduce a bug? -* Likelihood: What is the probability the worst will happen? - -Once you have your Impact and Likelihood assessments, the rest is easy: - - | impact|likelihood ----|---|--- -Blocker|| -Critical|| -Major|| -Minor|| - -#### Tags -Rules can have 0-n tags, although most rules should have at least one. Many of the common-across-languages tags are described in [the issues docs](/user-guide/issues/). - -#### Evaluation of the remediation cost -For most rules, the SQALE remediation cost is constant per issue. The goal of this section is to help define the value of this constant and to unify the way those estimations are done to prevent having some big discrepancies among language plugins. - -First, classify the effort to do the remediation: - -1. TRIVIAL -No need to understand the logic and no potential impact. -Examples: remove unused imports, replace tabulations by spaces, remove call to System.out.println() used for debugging purpose, ... -1. EASY -No need to understand the logic but potential impacts. -Examples: rename a method, rename a parameter, remove unused private method, ... -1. MEDIUM -Understanding the logic of a piece of code is required before doing a little and easy refactoring (1 or 2 lines of code), but understanding the big picture is not required. -Examples : CURSORs should not be declared inside a loop, EXAMINE statement should not be used, IF should be closed with END-IF, ... -1. MAJOR -Understanding the logic of a piece of code is required and it's up to the developer to define the remediation action. -Examples: Too many nested IF statements, Methods should not have too many parameters, UNION should not be used in SQL SELECT statements, Public java method should have a javadoc, Avoid using deprecated methods, ... -1. HIGH -The remediation action might lead to locally impact the design of the application. -Examples: Classes should not have too many responsibilities, Cobol programs should not have too many lines of code, Architectural constraint, ... -1. COMPLEX -The remediation action might lead to an impact on the overall design of the application. -Examples: Avoid cycles between packages, ... - -Then use the following table to get the remediation cost according to the required remediation effort and to the language: - - |Trivial|Easy|Medium|Major|High|Complex ----|---|---|---|---|---|--- -ABAP, COBOL, ...| 10min | 20min | 30min | 1h | 3h | 1d -Other languages| 5min |10min|20min|1h|3h|1d - -For rules using either the "linear" or "linear with offset" remediation functions, the "Effort To Fix" field must be fed on each issue and this field is used to compute the remediation cost. - -#### Issue location(s) and highlighting -For any given rule, highlighting behavior should be consistent across languages within the bounds of what's relevant for each language. - -When possible, each issue should be raised on the line of code that needs correction, with highlighting limited to the portion of the line to be corrected. For example: - -* an issue for a misnamed method should be raised on the line with the method name, and the method name itself should be highlighted. - -When correcting an issue requires action across multiple lines, the issue should be raised on the lowest block that encloses all relevant lines. For example an issue for: - -* method complexity should be raised on the method signature -* method count in a class should be raised on the class declaration - -When an issue could be made clearer by highlighting multiple code segments, such as a method complexity issue, additional issue locations may be highlighted, and additional messages may optionally be logged for those locations. In general, these guidelines should be followed for secondary issue locations: - -* highlight the minimum code to show the line's contribution to the issue. -* avoid using an additional message if the secondary location is likely to be on the same issue as the issue itself. For example: the rule "Parameters should be final" will raise an issue on the method name, and highlight each non-final parameter. Since all locations are likely to be on the same line, additional messages would only confuse the issue. -* don't write a novel. The message for a secondary location is meant to be a hint to push the user in the right direction. Don't take over the interface with a narrative. - - -### Guidelines for Bug, Vulnerability, and Code Smell rules - -#### Titles -* The title of the rule should match the pattern "X should [ not ] Y" for most rules. Note that the "should [ not ]" pattern is too strong for Finding rules, which are about observations on the code. Finding titles should be neutral, such as "Track x". -* All other things being equal, the positive form is preferred. E.G. - * "X should Y" is preferred to - * "X should not Z" -* Titles should be written in plural form if at all possible. E.G. - * Flibbers should gibbet - * A Flibber should gibbet -* Any piece of code in the rule title should be double-quoted (and not single-quoted). -* There should be no category/tag prefixed to the rule title, such as "Accessibility - Image tags should have an alternate text attribute" -* Titles should be as concise as possible. Somewhere around 70 or 80 characters is an ideal maximum, although this is not always achievable. - -Noncompliant Title Examples: - -* File should not have too many lines of code // Noncompliant; singular form used -* Avoid file with too many lines of code // Noncompliant; doesn't follow "x should [not] y" pattern -* Too many lines of code // Noncompliant -* Don't use "System.(out/err)" // Noncompliant -* Parameters in an overriding virtual function should either use the same default arguments as the function they override, or not specify any default arguments // Noncompliant; waaaay too long - -Compliant Solutions: - -* Files should not have too many lines of code -* "System.(out/err)" should not be used to log messages -* Overriding virtual functions should not change parameter defaults - -Starting with the subject, such as "Files", will ensure that all rules applying to files will be grouped together. - -#### Descriptions -Rule descriptions should contain the following sections in the listed order: - -* **Rationale** (unlabeled) - explaining why this rule makes sense. -If it's not absolutely clear from the rationale what circumstances will cause an issue to be raised, then this section should end with "This rule raises an issue when \[ insert circumstances here ]". -* **Noncompliant Code Example** - providing some examples of issues - * Ideally, the examples should depend upon the default values of any parameters the rule has, and these default values should be mentioned before the code block. This is for the benefit of users whose rule parameters are tuned to something other than the default values. E.G. -With a parameter of: <code>*:.*log4j.*</code> - * The lines in these code samples where issues are expected should be marked with a "Noncompliant" comment - * "Compliant" comments may be used to help demonstrate the difference between what is and is not allowed by the rule - * It is acceptable to omit this section when demonstrating noncompliance would take too long, e.g. "Classes should not have too many lines of code" -* **Compliant Solution** - demonstrating how to fix the previous issues. Good to have but not required for rules that detect bugs. - * There is no need to mark anything "Compliant" in the Compliant Solution; everything here is compliant by definition - * It is acceptable to omit this section when there are too many equally viable solutions. -* **Exceptions** (optional) - listing and explaining some specific use cases where no issues are logged even though some might be expected. Note that this is sometimes incorporated into the rationale, instead. -* **See** (optional) - listing references and/or links to external standards like MISRA, SEI, CERT, etc. -Deprecated (optional): listing replacement rules with links - -Code samples for COBOL should be in upper case. - -When displayed in SonarQube, any code or keywords in the description should be enclosed in `<code>` tags. For descriptions written in JIRA, this means using double curly braces (`{{` and `}}`) to enclose such text. They will be translated in the final output. - -#### Messages -Issue messages should contain the remediation message for bug and quality rules. For potential-bug rules, it should make it explicit that a manual review is required. It should be in the imperative mood ("Do x"), and therefore start with a verb. - -An issue message should always end with a period ('.') since it is an actual sentence, unless it ends with a regular expression, in which case the regular expression should be preceded by a colon and should end the message. - -Any piece of code in the rule message should be double-quoted (and not single-quoted). Moreover, if an issue is triggered because a number was above a threshold value, then both the number and the threshold value should be mentioned in the issue message. - -Sample messages: - -* Remove or refactor this useless "switch" statement. // Compliant -* This "switch" statement is useless and should be refactored or removed. // Noncompliant -* Every "switch" statement shall have at least one case-clause. // Noncompliant -* Rename this variable to comply with the regular expression: [a-z]+ // Compliant - -[[collapse]] -| ## Sample Specification -| ### Generic exceptions should not be thrown -| -| Using generic exceptions such as `Error`, `RuntimeException`, `Throwable`, and `Exception` prevents calling methods from handling true, system-generated exceptions differently than application-generated errors. -| -| **Noncompliant Code Example** -| ``` -| With the default regular expression [a-z][a-zA-Z0-9]+: -| -| try { /* ... */ } catch (Exception e) { LOGGER.info("context"); } // Noncompliant; exception is lost -| try { /* ... */ } catch (Exception e) { LOGGER.info(e); } // Noncompliant; context is required -| try { /* ... */ } catch (Exception e) { LOGGER.info(e.getMessage()); } // Noncompliant; exception is lost (only message is preserved) -| try { -| /* ... */ -| } catch (Exception e) { // Noncompliant - exception is lost -| throw new RuntimeException("context"); -| } -| ``` -| -| **Compliant Solution** -| ``` -| try { /* ... */ } catch (Exception e) { LOGGER.info("context", e); } -| try { -| /* ... */ -| } catch (Exception e) { -| throw new RuntimeException("context", e); -| } -| ``` -| **Exceptions** -| Generic exceptions in the signatures of overriding methods are ignored. -| ``` -| @Override -| public void myMethod() throws Exception {...} -| ``` -| **See** -| * MISRA C:2004, 4.5.2 -| * MITRE, [CWE-580](http://cwe.mitre.org/data/definitions/580.html) - clone() Method Without super.clone() -| -| **See also** -| S4567 - Rule title here - -### Guidelines for Hotspot rules - -See [RSPEC-2092](https://jira.sonarsource.com/browse/RSPEC-2092) for an example of Hotspot rule. - -#### Titles -* The title should start with a verb in the present participle form (-ing) -* The title should end with "is security-sensitive" - -Noncompliant Title Examples: - -* Avoid creation of cookies without the "secure" flag - -Compliant Solution: - -* Creating cookies without the "secure" flag is security-sensitive - -#### Descriptions -Rule descriptions should contain the following sections in the listed order: - -* **Rationale** (unlabeled) - explaining why this rule makes sense. - * It starts with a copy of the title. The "is security sensitive" part can be replaced with "can lead to ...<DESCRIBE RISK>" when there is one risk and it is easy to describe in a short manner. -* **Ask Yourself Whether** - set of questions that the developer should ask herself/himself. - * Those questions should help the developer to decide whether or not a missing protection has to be implemented based on the context of the application. -For example, if the highlighted missing protection (such as secure cookie flag) helps protect a bit against MITM attacks, list all mandatory protections that, at the contrary, greatly lower this risk (such as encryption). At the end of the review, the developer should be sure that in its context the implementation of this protection improves the overall application's security. - * The hotspot-review should be done by developers by themselves without external help: - * It is not recommended to drive the review with **data sensitivity** (eg: "*if this data/feature/component is sensitive there is risk*") because this concept is too generic and the use of the application (with ou without sensitive data) may vary over time and cannot be controlled by developers. - * It is not recommended to highlight a widely-used technology (weak in some contexts) when its replacement can only be done with such significant changes (eg: a new authentication system or a different database engine) that it would block developers who may not be responsible for the architecture of the application. - * This section ends with "There is a risk if you answered yes to any of those questions.". -* **Recommended Secure Coding Practices** - describing all the ways to mitigate the risk. - * This part can be easily translated by a developer into examples of implementation/source code, if the recommendations are too abstract the developer will not be able to imagine the fix and decide whether to implement it. -* The following parts are mandatory in RSPEC language-specification: - * **Sensitive Code Example** - Same as "Noncompliant code example" for Bug, Vulnerability, and Code Smell rules. - * **Compliant Solution** - same as for Bug, Vulnerability, and Code Smell rules. - -* **See** (optional) - same as for Bug, Vulnerability and Code Smell rules. -* **Deprecated** (optional) - listing replacement rules with links. - -Guidelines regarding COBOL, keywords and code are the same as for other rules. - -#### Messages -Most of the time you can paraphrase the title: -* start the sentence with "Make sure that" -* replace "is security-sensitive" with "is safe here" - -Examples: - * Make sure creating this cookie without the "secure" flag is safe. diff --git a/server/sonar-docs/src/pages/extend/adding-scm.md b/server/sonar-docs/src/pages/extend/adding-scm.md deleted file mode 100644 index 069af4b5122..00000000000 --- a/server/sonar-docs/src/pages/extend/adding-scm.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -title: Supporting SCM Providers -url: /extend/adding-scm/ ---- -SonarQube Scanner uses information from the project's SCM, if available, to: - -* Assign a new issue to the person who introduced it. The last committer on the related line of code is considered to be the author of the issue. -* Estimate the coverage on New Code, including added and changed code since in your New Code. -* Display the most recent commit on each line the code viewer. - - -The only required SCM command is "blame", which gets the last committer of each line for a given file. This command is executed by a SonarQube plugin through the extension point `org.sonar.api.batch.scm.ScmProvider`. See the embedded SCM integrations, for instance [Git](/analysis/scm-integration/), for more details. diff --git a/server/sonar-docs/src/pages/extend/contributing.md b/server/sonar-docs/src/pages/extend/contributing.md deleted file mode 100644 index 8965af77bd2..00000000000 --- a/server/sonar-docs/src/pages/extend/contributing.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: Contributing -url: /extend/contributing/ ---- - -Please be aware that we are not actively looking for feature contributions to SonarQube itself because it's extremely difficult for someone outside SonarSource to comply with our roadmap and expectations. Therefore, we typically only accept minor cosmetic changes and typo fixes for SonarQube, but we do happily welcome contributions to the other open source projects under the SonarSource umbrella. - - -## General guidelines -* Choose an open ticket in [JIRA](https://jira.sonarsource.com/secure/Dashboard.jspa) or propose your change on the [SonarQube Community Forum](https://community.sonarsource.com) - the discussion there is likely to result in an open JIRA ticket. ;-) -* Use the SonarSource conventions, which you'll find neatly packaged here: https://github.com/SonarSource/sonar-developer-toolset#the-almost-unbreakable-build -* Use pull requests to submit your work - -## New rule implementations in existing plugins -* Start from an existing [RSpec](https://jira.sonarsource.com/browse/RSPEC-1973?filter=10375) (Rule Specification) that lists your language of interest in the "Targeted languages" field. - * If the RSpec you're interested in doesn't target the language where you want to implement it, raise the question on the Community Forums . - * If no RSpec exists for the rule you want to implement, raise the question on the [Community Forum](https://community.sonarsource.com/). -* Put your rule implementation class in the [language]-checks (e.g. java-checks, javascript-checks, &etc.) module, in the checks sub-package -* The naming convention for implementation classes is [A-Z][A-Za-z]+Check.java. (Yes, put "Check" in the name too.) The class name should be descriptive and not reflect the rule key. E.G. FindBadCodeCheck.java, not S007.java. -* A good way to get started on a rule implementation is to look at the implementations of rules that do similar things. -* During development there's no need to load the plugin in a server to test your implementation, use the rule's unit test for that. -* For a complete implementation, make sure all of the following are done: - * create HTML description file and metadata file - * write test class - * register the rule in CheckList.java - * add the rule to the profile used for the integration test in `profile.xml` - * run the integration test and add any new issues to the set of expected issues diff --git a/server/sonar-docs/src/pages/extend/developing-plugin.md b/server/sonar-docs/src/pages/extend/developing-plugin.md deleted file mode 100644 index 2de3db0f27d..00000000000 --- a/server/sonar-docs/src/pages/extend/developing-plugin.md +++ /dev/null @@ -1,581 +0,0 @@ ---- -title: Plugin basics -url: /extend/developing-plugin/ ---- - -## Building your plugin - -### Prerequisites -To build a plugin, you need Java 8 and Maven 3.1 (or greater). Gradle can also be used thanks to the [gradle-sonar-packaging-plugin](https://github.com/iwarapter/gradle-sonar-packaging-plugin) (note that this plugin is not officially supported by SonarSource). - -### Sonar Plugin API -The `sonar-plugin-api` is a Java API that is used to develop plugins for SonarQube, SonarCloud and SonarLint. - -[[warning]] -| The API used to be part of SonarQube and released with it, but it is a separate component since v9.5, with its own releases. You can find it here: [sonar-plugin-api](https://github.com/SonarSource/sonar-plugin-api). -*The groupId was relocated from `org.sonarsource.sonarqube` to `org.sonarsource.api.plugin`*. - -These are the new coordinates of the dependency: -``` -org.sonarsource.api.plugin:sonar-plugin-api:<version> -``` - -### Create a Maven Project -The recommended way to start is by duplicating the plugin example project: https://github.com/SonarSource/sonar-custom-plugin-example. - -If you want to start the project from scratch, use the following Maven pom.xml template: - -[[collapse]] -| ## pom.xml -| ``` -| <?xml version="1.0" encoding="UTF-8"?> -| <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> -| <modelVersion>4.0.0</modelVersion> -| <groupId>YOUR_GROUP_ID</groupId> -| <!-- it's recommended to follow the pattern "sonar-{key}-plugin", for example "sonar-myphp-plugin" --> -| <artifactId>YOUR_ARTIFACT_ID</artifactId> -| <version>YOUR_VERSION</version> -| -| <!-- this is important for sonar-packaging-maven-plugin --> -| <packaging>sonar-plugin</packaging> -| -| <dependencies> -| <dependency> -| <!-- groupId has changed to 'org.sonarsource.api.plugin' starting on version 9.5 --> -| <groupId>org.sonarsource.sonarqube</groupId> -| <artifactId>sonar-plugin-api</artifactId> -| <!-- minimal version of SonarQube to support. --> -| <version>8.9</version> -| <!-- mandatory scope --> -| <scope>provided</scope> -| </dependency> -| </dependencies> -| -| <build> -| <plugins> -| <plugin> -| <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId> -| <artifactId>sonar-packaging-maven-plugin</artifactId> -| <version>1.18.0.372</version> -| <extensions>true</extensions> -| <configuration> -| <!-- the entry-point class that extends org.sonar.api.SonarPlugin --> -| <pluginClass>com.mycompany.sonar.reference.ExamplePlugin</pluginClass> -| -| <!-- advanced properties can be set here. See paragraph "Advanced Build Properties". --> -| </configuration> -| </plugin> -| </plugins> -| </build> -| </project> -| ``` - -### Build -To build your plugin project, execute this command from the project root directory: -`mvn clean package` -The plugin jar file is generated in the project's `target/` directory. - -### Deploy -**"Cold" Deploy** -The standard way to install the plugin for regular users is to copy the JAR artifact, from the `target/` directory to the `extensions/plugins/` directory of your SonarQube installation then start the server. The file `logs/web.log` will then contain a log line similar to: -`Deploy plugin Example Plugin / 0.1-SNAPSHOT` -Scanner extensions such as sensors are immediately retrieved and loaded when scanning source code. - -### Debug -**Debugging web server extensions** - -1. Edit conf/sonar.properties and set: `sonar.web.javaAdditionalOpts=-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=8000` -1. Install your plugin by copying its JAR file to extensions/plugins -1. Start the server. The line `Listening for transport dt_socket at address: 5005` is logged in `logs/sonar.log`. -1. Attach your IDE to the debug process (listening on port 8000 in the example) - -**Debugging compute engine extensions** -Same procedure as for web server extensions (see previous paragraph), but with the property: `sonar.ce.javaAdditionalOpts=-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=8000` - -**Debugging scanner extensions** -``` -export SONAR_SCANNER_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=8000" -cd /path/to/project -sonar-scanner -``` -When using the Scanner for Maven, then simply execute: -``` -cd /path/to/project -mvnDebug sonar:sonar -# debug port is 8000 -``` - -### Advanced Build Properties -Plugin properties are defined in the file `META-INF/MANIFEST.MF` of the plugin .jar file. - -Most of them are defined through the `<configuration>` section of the [sonar-packaging-maven-plugin](https://mvnrepository.com/artifact/org.sonarsource.sonar-packaging-maven-plugin/sonar-packaging-maven-plugin). Some are taken from standard pom nodes Effective values are listed at the end of the build log: -``` -[INFO] --- sonar-packaging-maven-plugin:1.15:sonar-plugin (default-sonar-plugin) @ sonar-widget-lab-plugin --- -[INFO] ------------------------------------------------------- -[INFO] Plugin definition in Marketplace -[INFO] Key: widgetlab -[INFO] Name: Widget Lab -[INFO] Description: Additional widgets -[INFO] Version: 1.9-SNAPSHOT -[INFO] Entry-point Class: org.codehaus.sonar.plugins.widgetlab.WidgetLabPlugin -[INFO] Required Plugins: -[INFO] Use Child-first ClassLoader: false -[INFO] Base Plugin: -[INFO] Homepage URL: https://redirect.sonarsource.com/plugins/widgetlab.html -[INFO] Minimal SonarQube Version: 4.5.1 -[INFO] Licensing: GNU LGPL 3 -[INFO] Organization: Shaw Industries -[INFO] Organization URL: http://shawfloors.com -[INFO] Terms and Conditions: -[INFO] Issue Tracker URL: http://jira.codehaus.org/browse/SONARWIDLB -[INFO] Build date: 2015-12-15T18:28:54+0100 -[INFO] Sources URL: https://github.com/SonarCommunity/sonar-widget-lab -[INFO] Developers: G. Ann Campbell,Patroklos Papapetrou -[INFO] ------------------------------------------------------- -[INFO] Building jar: /dev/sonar-widget-lab/target/sonar-widget-lab-plugin-1.9-SNAPSHOT.jar -``` - -Supported standard pom node properties: - -Maven Property|Manifest Key|Notes ----|---|--- -`version` | Plugin-Version | (required) Plugin version as displayed in page "Marketplace". Default: `${project.version}` -`pluginApiMinVersion` | Sonar-Version | Minimal version of supported Sonar Plugin API at runtime. For example if value is 9.8.0.203, then deploying the plugin on SonarQube versions with `sonar-plugin-api` 9.6.1.114 (ie. SonarQube 9.5) and lower will fail. Default value is given by the version of `sonar-plugin-api` dependency. It can be overridden with the Maven property `pluginApiMinVersion` (since `sonar-packaging-maven-plugin` 1.22). That allows in some cases to use new features of recent API and to still be compatible at runtime with older versions of SonarQube. Default: version of dependency `sonar-plugin-api` -`license` | Plugin-License | Plugin license as displayed in page "Marketplace". Default `${project.licenses}` -`developers` | Plugin-Developers | List of developers displayed in page "Marketplace". Default: `${project.developers}` - -Supported `<configuration>` properties: - -Maven Property|Manifest Key|Notes ----|---|--- -`pluginKey` | Plugin-Key | (required) Contains only letters/digits and is unique among all plugins. Examples: groovy, widgetlab. Constructed from `${project.artifactId}.` Given an artifactId of: `sonar-widget-lab-plugin`, your pluginKey will be: `widgetlab` -`pluginClass` | Plugin-Class | (required) Name of the entry-point class that extends `org.sonar.api.SonarPlugin`. Example: `org.codehaus.sonar.plugins.widgetlab.WidgetLabPlugin` -`pluginName` | Plugin-Name | (required) Displayed in the page "Marketplace". Default: `${project.name}` -`pluginDescription` | Plugin-Description | Displayed in the page "Marketplace". Default: `${project.description}` -`pluginUrl` | Plugin-Homepage | Homepage of website, for example https://github.com/SonarQubeCommunity/sonar-widget-lab `${project.url}` -`pluginIssueTrackerUrl` | Plugin-IssueTrackerUrl | Example: https://github.com/SonarQubeCommunity/sonar-widget-lab/issues. Default: `${project.issueManagement.url}` -`pluginTermsConditionsUrl` | Plugin-TermsConditionsUrl | Users must read this document when installing the plugin from Marketplace. Default: `${sonar.pluginTermsConditionsUrl}` -`useChildFirstClassLoader` | Plugin-ChildFirstClassLoader | Each plugin is executed in an isolated classloader, which inherits a shared classloader that contains API and some other classes. By default the loading strategy of classes is parent-first (look up in shared classloader then in plugin classloader). If the property is true, then the strategy is child-first. This property is mainly used when building plugin against API < 5.2, as the shared classloader contained many 3rd party libraries (guava 10, commons-lang, ...) false -`basePlugin` | Plugin-Base | If specified, then the plugin is executed in the same classloader as basePlugin. -`pluginSourcesUrl` | Plugin-SourcesUrl | URL of SCM repository for open-source plugins. Displayed in page "Marketplace". Default: `${project.scm.url}` -`pluginOrganizationName` | Plugin-Organization | Organization which develops the plugin, displayed in the page "Marketplace". Default: `${project.organization.name}` -`pluginOrganizationUrl` | Plugin-OrganizationUrl | URL of the organization, displayed in the page "Marketplace". Default: `${project.organization.url}` -`sonarLintSupported` | SonarLint-Supported | Whether the language plugin supports SonarLint or not. Only SonarSource analyzers and custom rules plugins for SonarSource analyzers should set this to true. -`pluginDisplayVersion` | Plugin-Display-Version | The version as displayed in SonarQube administration console. By default it's the raw version, for example "1.2", but can be overridden to "1.2 (build 12345)" for instance. Supported in sonar-packaging-maven-plugin 1.18.0.372. Default: `${project.version}` - - -The Maven sonar-packaging-maven-plugin supports also these properties: - -Maven Property|Manifest Key|Notes ----|---|--- -`addMavenDescriptor` |Copy pom file inside the directory META-INF of generated JAR file? | Boolean. Default: `${sonar.addMavenDescriptor}` / `true`. -`skipDependenciesPackaging` | Do not copy Maven dependencies into JAR file. | Default: `${sonar.skipDependenciesPackaging} / `false`. - -Other Manifest fields: - -* `Implementation-Build` - Identifier of build or commit, for example the Git sha1 "94638028f0099de59f769cdca776e506684235d6". It is displayed for debugging purpose in logs when SonarQube server starts. - -## API basics - -### Extension points -SonarQube provides extension points for its three technical stacks: - -* Scanner, which runs the source code analysis -* Compute Engine, which consolidates the output of scanners, for example by - * computing 2nd-level measures such as ratings - * aggregating measures (for example number of lines of code of project = sum of lines of code of all files) - * assigning new issues to developers - * persisting everything in data stores -* Web application - -Extension points are not designed to add new features but to complete existing features. Technically they are contracts defined by a Java interface or an abstract class annotated with @ExtensionPoint. The exhaustive list of extension points is available in the javadoc. - -The implementations of extension points (named "extensions") provided by a plugin must be declared in its entry point class, which implements org.sonar.api.Plugin and which is referenced in pom.xml: - -ExamplePlugin.java -``` -package org.sonarqube.plugins.example; -import org.sonar.api.Plugin; - -public class ExamplePlugin implements Plugin { - @Override - public void define(Context context) { - // implementations of extension points - context.addExtensions(FooLanguage.class, ExampleProperties.class); - } -} -``` -pom.xml -``` -<?xml version="1.0" encoding="UTF-8"?> -<project> - ... - <build> - <plugins> - <plugin> - <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId> - <artifactId>sonar-packaging-maven-plugin</artifactId> - <extensions>true</extensions> - <configuration> - <pluginClass>org.sonarqube.plugins.example.ExamplePlugin</pluginClass> - </configuration> - </plugin> - </plugins> - </build> -</project> -``` -### Lifecycle -A plugin extension exists only in its associated technical stacks. A scanner sensor is for example instantiated and executed only in a scanner runtime, but not in the web server nor in Compute Engine. The stack is defined by the annotations [@ScannerSide](https://javadocs.sonarsource.org/latest/org/sonar/api/batch/ScannerSide.html), [@ServerSide](https://javadocs.sonarsource.org/latest/org/sonar/api/server/ServerSide.html) (for web server) and [@ComputeEngineSide](https://javadocs.sonarsource.org/latest/org/sonar/api/ce/ComputeEngineSide.html). - -An extension can call core components or another extension of the same stack. These dependencies are defined by constructor injection: - -``` -@ScannerSide -public class Foo { - public void call() {} -} - -// Sensor is a scanner extension point -public class MySensor implements Sensor { - private final Foo foo; - private final Languages languages; - - // Languages is core component which lists all the supported programming languages. - public MySensor(Foo foo, Languages languages) { - this.foo = foo; - this.languages = languages; - } - - @Override - public void execute(SensorContext context) { - System.out.println(this.languages.all()); - foo.call(); - } -} - - -public class ExamplePlugin implements Plugin { - @Override - public void define(Context context) { - // Languages is a core component. It must not be declared by plugins. - context.addExtensions(Foo.class, MySensor.class); - } -} -``` - -It is recommended not to call other components in constructors. Indeed, they may not be initialized at that time. Constructors should only be used for dependency injection. - -[[warning]] -| Compilation does not fail if incorrect dependencies are defined, such as a scanner extension trying to call a web server extension. Still it will fail at runtime when plugin is loaded. - -### Third-party Libraries -Plugins are executed in their own isolated classloaders. That allows the packaging and use of 3rd-party libraries without runtime conflicts with core internal libraries or other plugins. Note that since version 5.2, the SonarQube API does not bring transitive dependencies, except SLF4J. The libraries just have to be declared in the pom.xml with default scope "compile": - -pom.xml -``` -<?xml version="1.0" encoding="UTF-8"?> -<project> - ... - <dependencies> - ... - <dependency> - <groupId>commons-codec</groupId> - <artifactId>commons-codec</artifactId> - <version>1.10</version> - </dependency> - </dependencies> -</project> -``` -Technically the libraries are packaged in the directory META-INF/lib of the generated JAR file. An alternative is to shade libraries, for example with maven-shade-plugin. That minimizes the size of the plugin .jar file by copying only the effective used classes. - -[[info]] -| The command `mvn dependency:tree` gives the list of all dependencies, including transitive ones. - -### Configuration -The core component [`org.sonar.api.config.Configuration`](http://javadocs.sonarsource.org/latest/org/sonar/api/config/Configuration.html) provides access to configuration. It deals with default values and decryption of values. It is available in all stacks (scanner, web server, Compute Engine). As recommended earlier, it must not be called from constructors. - -MyExtension.java -``` -public class MyRules implements RulesDefinition { - private final Configuration config; - - public MyRules(Configuration config) { - this.config = config; - } - - @Override - public void define(Context context) { - int value = config.getInt("sonar.property").orElse(0); - } -} -``` -Scanner sensors can get config directly from SensorContext, without using constructor injection: - -MySensor.java -``` -public class MySensor extends Sensor { - @Override - public void execute(SensorContext context) { - int value = context.config().getInt("sonar.property").orElse(0); - } -} -``` - -In the scanner stack, properties are checked in the following order, and the first non-blank value is the one that is used: - -1. System property -1. Scanner command-line (-Dsonar.property=foo for instance) -1. Scanner tool (<properties> of scanner for Maven for instance) -1. Project configuration defined in the web UI -1. Global configuration defined in the web UI -1. Default value - -Plugins can define their own properties so that they can be configured from web administration console. The extension point org.sonar.api.config.PropertyDefinition must be used : -``` -public class ExamplePlugin implements Plugin { - @Override - public void define(Context context) { - context.addExtension( - PropertyDefinition.builder("sonar.my.property") - .name("My Property") - .description("This is the description displayed in web admin console") - .defaultValue("42") - .build() - ); - } -} -``` - -[[info]] -| Values of the properties suffixed with `.secured` are not available to be read by any users. `.secured` is needed for passwords, for instance. - -The annotation [`@org.sonar.api.Property`](https://javadocs.sonarsource.org/latest/apidocs/index.html?org/sonar/api/Property.html) can also be used on an extension to declare a property, but org.sonar.api.config.PropertyDefinition is preferred. -``` -@Properties( - @Property(key="sonar.my.property", name="My Property", defaultValue="42") -) -public class MySensor implements Sensor { - // ... -} - -public class ExamplePlugin implements Plugin { - @Override - public void define(Context context) { - context.addExtension(MySensor.class); - } -} -``` - -### Logging -The class [`org.sonar.api.utils.log.Logger`](https://javadocs.sonarsource.org/latest/org/sonar/api/utils/log/Logger.html) is used to log messages to scanner output, web server logs/sonar.log, or Compute Engine logs (available from administration web console). It's convenient for unit testing (see class [`LogTester`](https://javadocs.sonarsource.org/latest/org/sonar/api/utils/log/LogTester.html)). -``` -import org.sonar.api.utils.log.*; -public class MyClass { - private static final Logger LOGGER = Loggers.get(MyClass.class); - - public void doSomething() { - LOGGER.info("foo"); - } -} -``` -Internally [SLF4J](https://www.slf4j.org/) is used as a facade of various logging frameworks (log4j, commons-log, logback, java.util.logging). That allows all these frameworks to work at runtime, such as when they are required for a 3rd party library. SLF4J loggers can also be used instead of org.sonar.api.utils.log.Logger. Read the [SLF4J manual](https://www.slf4j.org/manual.html) for more details. - -As an exception, plugins must not package logging libraries. Dependencies like SLF4J or log4j must be declared with scope "provided". - -### Exposing APIs to Other Plugins -The common use case is to write a language plugin that will allow some other plugins to contribute additional rules (see for example how it is done for [Java](https://github.com/SonarSource/sonar-java) analysis). The main plugin will expose some APIs that will be implemented/used by the "rule" plugins. - -Plugins are loaded in isolated classloaders. It means a plugin can't access another plugin's classes. There is an exception for package names following pattern `org.sonar.plugins.<pluginKey>.api`. For example all classes in a plugin with the key myplugin that are located in `org.sonar.plugins.myplugin.api` are visible to other plugins. - -### Serving Static Resources -If you need to serve static resources from your plugin such as images or JavaScript files, place them in a directory under `resources` named `static` (`myplugin/src/main/resources/static`). At runtime they'll be available from `https://{server}/static/{pluginKey}/{file}`. - - -## Versioning and API Deprecation -### Versioning Strategy -The goal of this versioning strategy is both to: - -* Release often, release early in order to get quick feedback from the SonarQube community -* Release stable versions of the SonarQube platform for companies whose main priority is to set up a very stable environment. Even if the price for such stable environments is missing out on the latest, sexy SonarQube features -* Support the API deprecation strategy (see next section) - -The rules are: - -* Every ~two months a new version of SonarQube is released. This version should increment the minor digit of the previous version (ex: 8.2 -> 8.3) -* Every ~eighteen months, a bug-fix version is released, and becomes the new LTS. The major digit of the subsequent version is incremented to start a new cycle (ex: 7.9 -> 8.0) - -And here is the strategy in action: -``` -7.8 -> 7.9 -> 8.0 -> 8.1 -> 8.2 -> ... -> 8.9 -> 9.0 -> ... <- New release every ~2 months - | | - 7.9.1 -> 7.9.2 -> ... 8.9.1 -> 8.9.2 -> ... <- New LTS -``` - -### API Deprecation Strategy -The goal of this deprecation strategy is to make sure that deprecated APIs will be dropped without side-effects at a given planned date. The expected consequence of such strategy is to ease the evolution of the SonarQube API by making such refactoring painless. - -The rules are: - -* An API must be deprecated before being dropped. Furthermore, if the underlying feature is not being dropped, a replacement API must immediately be provided. -* A deprecated API must be fully supported until its drop (For instance the implementation of a deprecated method can't be replaced by `throw new UnsupportedOperationException()`) -* If an API is deprecated in version X.Y, this API is planned to be dropped in version (X+1).0. Example: an API deprecated in 9.1 is supported in 9.2, 9.3, and so forth for the entire 9.N cycle; it will be dropped in version 10.0 -* According to this versioning strategy, an API can remain deprecated for up to 18 months, and for as short as 2 months -* Any release of a SonarQube plugin must at least depend on the latest LTS version of the SonarQube API -* For each SonarQube plugin there must at least one release on each LTS version of SonarQube, which means at least one release each ~18 months. -* An API is marked as deprecated with both: - * the annotation @Deprecated - * the javadoc tag @deprecated whose message must start with "in x.y", for example: - - ``` - /** - * @deprecated in 4.2. Replaced by {@link #newMethod()}. - */ - @Deprecated - public void foo() { - ``` - -## API Changes -[[warning]] -| Starting with v9.5, the API is released independently of SonarQube. You can find the changes for newer releases in its [code repository](https://github.com/SonarSource/sonar-plugin-api/releases). - -### Release 9.3 - Added -* `sonar-plugin-api.src.main.java.org.sonar.api.resources.Language#publishAllFiles` to define whether the files identified with the language should be automatically published to SonarQube. -* `org.sonar.api.batch.sensor.SensorDescriptor#processesFilesIndependently` - -### Release 9.0 - Deprecated -* `org.sonar.api.server.rule.RulesDefinitionXmlLoader` is deprecated. Use the `sonar-check-api` to annotate rule classes instead of loading the metadata from XML files - - Removed -* `org.sonar.api.ExtensionProvider` Use `org.sonar.api.Plugin.Context#addExtensions()` to add objects to the container. -* `org.sonar.api.batch.sensor.SensorDescriptor#requireProperty()`. Use `#onlyWhenConfiguration()` instead. -* All API related to preview/issues analysis mode. -* Coverage types (unit, IT, overall) was removed. -* Resource perspectives. Use methods in `SensorContext`. -* `org.sonar.api.platform.Server#getRootDir()`. Use `ServerFileSystem#getHomeDir()`. -* `org.sonar.api.profiles.ProfileDefinition.java`. Define quality profiles with `BuiltInQualityProfilesDefinition`. -* `org.sonar.api.rules.XMLRuleParser`. Use the `sonar-check-api` to annotate rule classes. - -### Release 8.4 - Added -* `org.sonar.api.batch.scm.ScmProvider#forkDate` - - Deprecated -* `org.sonar.api.rules.Rule#getId()` is deprecated and will always throw UnsupportedOperationException. - -### Release 8.3 - Deprecated -* `org.sonar.api.utils.text.JsonWriter` - -### Release 8.2 -No changes - -### Release 8.1 -No changes - -### Release 8.0 -No changes - -### Release 7.9 -No changes - -### Release 7.8 - - Added -* `org.sonar.api.web.WebAnalytics` - - Deprecated -* `org.sonar.api.i18n.I18` -* `org.sonar.api.SonarQubeVersion` use `org.sonar.api.SonarRuntime` instead -* `org.sonar.api.profiles.XMLProfileParser` -* `org.sonar.api.notifications.NotificationChannel` - - Removed -* Pico components relying on reflection to have their `start` or `stop` method called. Make your component implements `org.sonar.api.Startable` instead. - -### Release 7.7 - - Added -* ` org.sonar.api.batch.scm.ScmProvider#ignoreCommand` - - Deprecated -* `org.sonar.api.batch.fs.InputFile::status` -* `org.sonar.api.resources.Qualifiers#BRC` - - Removed -* The preview/issues mode of scanner has been removed - -### Release 7.6 - - Changed - -* `PostJob` moved to project level IoC container -* `InputFileFilter` moved to project level IoC container - - Added - -* New annotation `org.sonar.api.scanner.ScannerSide` to mark (project level) scanner components -* `org.sonar.api.batch.fs.InputProject` to create issues on project -* `org.sonar.api.scanner.ProjectSensor` to declare Sensors that only run at project level - - Deprecated - -* `org.sonar.scanner.issue.IssueFilter` deprecated -* `org.sonar.api.batch.InstantiationStrategy` deprecated -* `org.sonar.api.batch.ScannerSide` deprecated -* `org.sonar.api.batch.fs.InputModule` deprecated -* Concept of global Sensor is deprecated (use `ProjectSensor` instead) - - Removed - -* Support of scanner tasks was removed -* `RulesProfile` is no longer available for scanner side components (use `ActiveRules` instead) - -### Release 7.5 -No changes - -### Release 7.4 - Changed - -* Allow identity provider to not provide login - - Added - -* Allow sensors to report adhoc rules metadata - - Removed - -* `org.sonar.api.rules.RuleFinder` removed from scanner side -* `sonar-channel` removed from plugin classloader -* stop support of plugins compiled with API < 5.2 - -### Release 7.3 - - Added - -* `RulesDefinitions` supports HotSpots and security standards - - Deprecated -* `org.sonar.api.batch.AnalysisMode` and `org.sonar.api.issue.ProjectIssues` since preview mode is already deprecated for a while - -### Release 7.2 - Added -* `org.sonar.api.batch.sensor.SensorContext#newExternalIssue` to report external issues -* `org.sonar.api.batch.sensor.SensorContext#newSignificantCode` to report part of the source file that should be used for issue tracking -* `org.sonar.api.scan.issue.filter.FilterableIssue#textRange` - - Deprecated -* org.sonar.api.scan.issue.filter.FilterableIssue#line - -### Release 7.1 - Added -* `org.sonar.api.Plugin.Context#getBootConfiguration` -* `org.sonar.api.server.rule.RulesDefinition.NewRule#addDeprecatedRuleKey` to support deprecated rule keys - -### Release 7.0 - Added -* `org.sonar.api.batch.scm.ScmProvider#relativePathFromScmRoot`, `org.sonar.api.batch.scm.ScmProvider#branchChangedFiles` and `org.sonar.api.batch.scm.ScmProvider#revisionId` to improve branch and PR support - -### Release 6.7 -No changes diff --git a/server/sonar-docs/src/pages/extend/executable-lines.md b/server/sonar-docs/src/pages/extend/executable-lines.md deleted file mode 100644 index a2cf73060c8..00000000000 --- a/server/sonar-docs/src/pages/extend/executable-lines.md +++ /dev/null @@ -1,109 +0,0 @@ ---- -title: Executable Lines -url: /extend/executable-lines/ ---- - -These are the guidelines that SonarSource uses internally when defining executable lines for a language. Community plugins are not required to adhere to these guidelines. They are provided here only in case they are useful. - -## Things that are executable -Executable lines data is used to calculate missing test coverage for files that are not included in coverage reports. Ideally, executable line counts will be at or just under what coverage engines would calculate. - -Generally, each line containing a statement should count as an executable line, with the exception that compound statements ({}) are ignored, although their contents are not - -So: -``` -void doTheThing () // +0 -{ // +0 - String fname="Finn"; // +1 - etc(); // +1 -} // +0 -``` - -## Things that are ignored -### !Statement: +0 -Since some coverage engines mark these things as executable, it's worth stating explicitly that we will ignore them: - -* lines containing only punctuation: }, });, ; -* the method signature of a method definition - -### Imports, Declarations: +0 -Imports, package and namespace statements, declarations, and a few other things demonstrated below are ignored, -``` -package foo; // +0 -namespace bar { // +0 - ... -} - -import java.util.ArrayList; // +0 -#include <stdio> // +0 - -public interface FooFace { // +0 - void doFoo(); // +0 -} -public class Foo1 implements FooFace { // +0 - private String name; // +0 -} -struct PairWithOperator { // +0 - int x; // +0 - int y; // +0 - - bool operator==(PairWithOperator rhs) const { // +0 - return x == rhs.x && y == rhs.y; // +1 - } -} - -class C { - C(const C&) =default; // +0 (explicit inheritance of parent method) -} - -using Vec = std::vector<T,MyAllocator<T>>; // +0 - -static { // +0 - ... -} - -01 ERROR-MESSAGE. *> +0 - 02 ERROR-TEXT PIC X(132) OCCURS 10 TIMES *> +0 - INDEXED BY ERROR-INDEX. -77 ERROR-TEXT-LEN PIC S9(9) COMP VALUE +132. *> +0 -``` - -### Location -The presence of executable code on a line makes the entire line executable. - -If a statement is split over multiple lines, the line to be marked executable is the first one with executable code. -Given that a for loop is considered executable: -``` -for // +1 - ( // +0 - int i=0; // +0 - i < 10; // +0 - i++ // +0 - ) // +0 -{ // +0 -} -``` -Regardless of the number of lines across which nested statements are spread, the executable line count should only be incremented by one, since typically the execution of one naturally follows from the other. - -``` -foo(1, bar()); // +1 - -foo(1, // +1 - bar()); // +0 -``` -We ignore here the possibility that `bar()` could throw an exception, preventing `foo` from being executed. - -## Exceptions -### Python -`# pragma: no cover` exempts a block from coverage. - - - -### JavaScript -We mark variable declarations executable. - -For example: - -``` -var a; // +1 -``` diff --git a/server/sonar-docs/src/pages/extend/extend-web-app.md b/server/sonar-docs/src/pages/extend/extend-web-app.md deleted file mode 100644 index 28a301ca54d..00000000000 --- a/server/sonar-docs/src/pages/extend/extend-web-app.md +++ /dev/null @@ -1,112 +0,0 @@ ---- -title: Adding pages to the webapp -url: /extend/extend-web-app/ ---- -SonarQube's UI is built as a Single Page Application using [React](https://reactjs.org/). It provides the ability to add a new pages to the UI using JavaScript. A page (or page extension) is a self-contained JavaScript application that runs in the SonarQube environment. You can find the example of page extensions in the [SonarQube](https://github.com/SonarSource/sonarqube) or [sonar-custom-plugin-example](https://github.com/SonarSource/sonar-custom-plugin-example/tree/7.x/) repositories on GitHub. - -Before reading this guide, make sure you know how to [build, deploy, and debug a plugin](/extend/developing-plugin/). - -## Step 1. Create a Java class implementing PageDefinition - -For each page, you'll need to set a key and a name. The page key should have the format `plugin_key/page_id` (e.g.: `governance/project_dump`). The `plugin_key` is computed from the `<artifactId>` in your `pom.xml`, or can be set explicitly in the pom using the `<pluginKey>` parameter in the `sonar-packaging-maven-plugin` configuration. All the pages should be declared in this class. - -Example: - -``` -import org.sonar.api.web.page.Page; -import org.sonar.api.web.page.PageDefinition; -import org.sonar.api.web.page.Context; - -import static org.sonar.api.web.page.Page.Scope.COMPONENT; -import static org.sonar.api.web.page.Page.Qualifier.VIEW; -import static org.sonar.api.web.page.Page.Qualifier.SUB_VIEW; - -public class MyPluginPageDefinition implements PageDefinition { - @Override - public void define(Context context) { - context - .addPage(Page.builder("my_plugin/global_page") - .setName("Global Page") - .build()) - .addPage(Page.builder("my_plugin/project_page") - .setName("Project Page") - .setScope(COMPONENT) - .build()) - .addPage(Page.builder("my_plugin/portfolio_page") - .setName("Portfolio Page") - .setScope(COMPONENT) - .setComponentQualifiers(VIEW, SUB_VIEW) - .build()) - .addPage(Page.builder("my_plugin/admin_page") - .setName("Admin Page") - .setAdmin(true) - .build()); - } -} -``` - -### Configuring each page - -There are 3 settings available when you define the page extensions using the `PageDefinition` class: - -* `setAdmin(boolean admin)`: flag this page as restricted to users with "administer" permission. Defaults to `false`. -* `setScope(org.sonar.api.web.page.Page.Scope scope)`: set the scope of this page. Available scopes are `GLOBAL` (default), which will add this page to the main menu, and `COMPONENT`, which will add the page to a project, application, or portfolio menu (applications and portfolios only apply to Enterprise Edition and above). -* `setComponentQualifiers(org.sonar.api.web.page.Qualifier... qualifiers)`: if `setScope()` is set to `COMPONENT`, this sets to what kind of component the page applies to. Available qualifiers are `PROJECT`, `APP`, `VIEW` (portfolio), and `SUB_VIEW` (`APP`, `VIEW`, and `SUB_VIEW` only apply to Enterprise Edition and above). You can pass multiple qualifiers. If no qualifier is set, it will apply to all types. - -## Step 2. Create a JavaScript file per page - -The `PageDefinition` will register each key as an available route in SonarQube. Whenever this route is visited, SonarQube will asynchronously fetch a single JavaScript file from your plugin's `/static/` directory, and boot up your page's application. This file should have the same name as the `page_id` you defined in your `PageDefinition` class. In the example in Step 1, you would need 4 different JavaScript files: - -* `/static/global_page.js` -* `/static/project_page.js` -* `/static/portfolio_page.js` -* `/static/admin_page.js` - -Each file *must* call the global `window.registerExtension()` function, and pass its *full key* as a first argument (`plugin_key/page_id`, e.g.: `governance/project_dump`). The second argument is the *start* callback. This function will be called once your page is started, and receive information about the current page as an argument (see below). The return value of the start callback depends on how you want to implement your page: - -* If you want to use [React](https://reactjs.org/), you should return a React Component: - ``` - // static/global_page.js - import React from "react"; - import App from "./components/App"; - - window.registerExtension('my_plugin/global_page', function (options) { - return <App options={options} /> - }); - ``` -* If you want to use any other framework, you should perform any start logic directly inside the start function body, and **return a shutdown callback**: - ``` - // static/global_page.js - const init = require("./my-app/init"); - - window.registerExtension('my_plugin/global_page', function (options) { - // Start up my custom application, passing the DOM element which will serve as - // the container. - init.boot(options.el, options.currentUser, options.component); - - // Whenever the user leaves the page, cleanly shut everything down - // (i.e., remove event listeners, stop running timers, etc). - return function () { - init.removeEventListeners(); - init.clearState(); - init.shutdown(); - }; - }); - ``` - -The `options` object will contain the following: -* `options.el`: a DOM node you must use to inject your content. -* `options.currentUser`: information about the current user. -* (optional) `options.component`: contains the information of the current project, application, or portfolio. -* (optional) `options.branchLike`: contains the information of the current branch or pull request. - -[[info]] -| SonarQube doesn't guarantee any JavaScript library availability at runtime (except React). If you need a library, include it in the final file. - -### CSS files - -If you want a static CSS file to be loaded when your extension is bootstrapped, rather than using run-time inclusion of styles, you can pass `true` as a third parameter to the `window.registerExtension()` function. This will trigger the loading of a CSS file that *must* have the same basename as the registering JS file. I.e., if your extension JS file is `/static/global_page.js`, the CSS file must be called `/static/global_page.css`. The bootstrap will wait for the CSS file to be fully loaded before calling the *start* callback. - -## Examples - -It is highly recommended you check out [sonar-custom-plugin-example](https://github.com/SonarSource/sonar-custom-plugin-example/tree/7.x/). It contains detailed examples using several front-end frameworks, and its code is thoroughly documented. It also describes how to run a local development server to speed up the front-end development, without requiring a full rebuild and re-deploy to test your changes. diff --git a/server/sonar-docs/src/pages/extend/i18n.md b/server/sonar-docs/src/pages/extend/i18n.md deleted file mode 100644 index 9d32c4874fd..00000000000 --- a/server/sonar-docs/src/pages/extend/i18n.md +++ /dev/null @@ -1,69 +0,0 @@ ---- -title: Internationalization -url: /extend/i18n/ ---- - -This page gives guidelines to I18n for: - -* Plugin developers who would like to apply the i18n mechanism in their own plugins, so that these plugins can be available in several languages. -* People who would like to help the community by making the platform available in a new language. - -## Principles -Although the basics of the i18n mechanism are the same for every part of the ecosystem, the packaging differs depending on what you are developing: - -* Translations for SonarQube: making SonarQube available in a new language requires you to develop and publish a new Language Pack plugin. - * By default SonarQube embeds the English Pack. - * All other Language Pack plugins, like the French Pack plugin, are maintained by the community, and are available through Marketplace (category "Localization"). -* Translations for the SonarQube Community Plugins: open-source plugins from the SonarQube Community must embed only the bundles for the default locale (en). Translations will be done in the Language Pack plugins. - -* Translations for other Plugins: closed-source/commercial/independent plugins must embed the bundles for the default locale and the translations for every language they want to support. - -## Translation Bundles -Localized messages are stored in properties files: - -* These are regular properties files with key/value pairs where you put most translations -* These files must be stored in the org.sonar.l10n package (usually in the `src/main/resources/org/sonar/l10n` directory) -* The names of these files must follow the convention `<key of the plugin to translate>_<language>.properties`, for example `widgetlabs_fr.properties` or `core_fr.properties` for the core bundle. See `sonar-packaging-maven-plugin` for details on plugin key derivation. -* Messages can accept arguments. Such entries would look like: - * `myplugin.foo=This is a message with 2 params: the first "{0}" and the second "{1}".` -* Messages can accept pluralization. Such entries would look like: - * `myplugin.foo={x, number} {x, plural, one {thing} other {things}}` - * We use it for example with a combination of 2 labels: `component_navigation.last_analysis_had_warnings=Last analysis had {warnings}` and `component_navigation.x_warnings={warningsCount, number} {warningsCount, plural, one {warning} other {warnings}}`. This renders `Last analysis had 1 warning` if `warningsCount` equals 1 and `Last analysis had 2 warnings` otherwise, in this case 2. - * Learn more about this syntax [here](https://formatjs.io/guides/message-syntax/#plural-format). - -[[warning]] -| **UTF-8 encoding** -| In the Java API, properties files are supposed to be encoded in ISO-8859 charset. Without good tooling, it can be quite annoying to write translations for languages that do not fit in this charset. -| This is why we decided to encode the properties files in UTF-8, and let Maven turn them into ASCII at build time thanks to native2ascii-maven-plugin (check the French plugin pom.xml). This makes the process of writing translations with a standard editor far easier. - -### How to read localized messages from a plugin extension? -The component `org.sonar.api.i18n.I18n` is available for web server extensions. Scanner extensions cannot load bundles. - -## Writing a Language Pack -A Language Pack defines bundles for SonarQube and/or plugins. - -### Creating a Language Pack -The easiest way to create a new pack is to copy the [Chinese Pack](https://github.com/SonarQubeCommunity/sonar-l10n-zh) and adapt it to your language. - -### Maintaining a Language Pack -In the pom file, set the versions of SonarQube and of the plugins you want to translate. When it's time to update your language pack for a new version of SonarQube or a plugin, the easiest way to see what keys are missing is to run: -``` -mvn test -``` -If the build fails, it means that some keys are missing. Go to `target/l10n` to check the reports for each bundle. Missing keys are listed under 'Missing translations are:' -``` -Missing translations are: -code_viewer.no_info_displayed_due_to_security=Due to security settings, no information can be displayed. -comparison.version.latest=LATEST -... -``` - -Each time you add a new bundle or update an existing one, please create a JIRA ticket on the corresponding L10n component in order to track changes. - -## Localizing a Plugin -This section applies if you are developing a closed-source plugin. If your plugin falls in this category, it must embed its own bundles. Bundle must be defined in `src/main/resources/org/sonar/l10n/<plugin key>_<language>.properties` - -The default bundle is mandatory, and must be English. For example the plugin with key "mysonarplugin" must define the following files in order to enable the French translation: - -* `org/sonar/l10n/mysonarplugin.properties` -* `org/sonar/l10n/mysonarplugin_fr.properties` diff --git a/server/sonar-docs/src/pages/extend/new-languages.md b/server/sonar-docs/src/pages/extend/new-languages.md deleted file mode 100644 index 7bfa643ae9e..00000000000 --- a/server/sonar-docs/src/pages/extend/new-languages.md +++ /dev/null @@ -1,26 +0,0 @@ ---- -title: Supporting New Languages -url: /extend/new-languages/ ---- - - -The steps to cover a new programming language are: - -1. Write the grammar. This is the hardest part. -1. Write a parser (a parser simply parses an input based on your grammar to yield a parse tree). -1. Test your grammar, to ensure it is able to parse real-life language files. -1. Write a few parse tree visitors. Some visitors will compute metrics such as [executable lines](/extend/executable-lines/), while others will enforce [coding rules](/extend/adding-coding-rules/). A dozen or so visitors is sufficient for an initial release. -1. Write a scanner Sensor, in a SonarQube plugin, to launch the visitors. -1. Compute - 1. issues - 1. raw measures - 1. code duplications - 1. syntax highlighting - 1. symbol table - 1. coverage information (lines/branches to cover, line/branch hits) - -In fulfilling these steps, the [SonarSource Language Recognizer (SSLR)](https://github.com/SonarSource/sslr) can be an important resource. - - - - diff --git a/server/sonar-docs/src/pages/extend/web-api.md b/server/sonar-docs/src/pages/extend/web-api.md deleted file mode 100644 index ab142a176e4..00000000000 --- a/server/sonar-docs/src/pages/extend/web-api.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: Web API -url: /extend/web-api/ ---- -## Documentation - -SonarQube provides web API to access its functionalities from applications. The web services composing the web API are documented within SonarQube, through the URL [/web_api](/#sonarqube#/web_api). You can also access the web API documentation from the top bar in SonarQube: - -  - -## Authentication - -Administrative web services are secured and require the user to have specific permissions. In order to be authenticated, the user must provide credentials as described below. - -### User Token - -This is the recommended way. Benefits are described in the page [User Token](/user-guide/user-token/). The token is sent via the login field of HTTP basic authentication, without any password. -``` -# note that the colon after the token is required in curl to set an empty password -curl -u THIS_IS_MY_TOKEN: https://sonarqube.com/api/user_tokens/search -``` - -### HTTP Basic Access - -Login and password are sent via the standard HTTP Basic fields: -``` -curl -u MY_LOGIN:MY_PASSWORD https://sonarqube.com/api/user_tokens/search -``` -Users who authenticate in web application through an OAuth provider, for instance GitHub or Bitbucket, don't have credentials and can't use HTTP Basic mode. They must generate and use tokens. diff --git a/server/sonar-docs/src/pages/faq.md b/server/sonar-docs/src/pages/faq.md deleted file mode 100644 index 5061733e951..00000000000 --- a/server/sonar-docs/src/pages/faq.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: Frequently Asked Questions -url: /faq/ ---- - -## How do I get rid of issues that are False-Positives? -**False-Positive and Won't Fix** -You can mark individual issues False Positive or Won't Fix through the issues interface. If you're using PR analysis provided by the Developer Edition, issues marked False Positive or Won't Fix will retain that status after merge. This is the preferred approach. - -**//NOSONAR** -For most languages, SonarQube supports the use of the generic mechanism: `//NOSONAR` at the end of the line of the issue. This will suppress all issues - now and in the future - that might be raised on the line. - -## How do I find and remove projects that haven't been analyzed in a while? -In **[Administration > Projects > Management](/#sonarqube-admin#/admin/projects_management)** you can search for **Last analysis before** to filter projects not analyzed since a specific date, and then use bulk **Delete** to remove the projects that match your filter. - -This can be automated by using the corresponding Web API: `api/projects/bulk_delete?analyzedBefore=YYYY-MM-DD`. - -<!-- sonarqube --> -## How do I trigger a full ElasticSearch reindex? -Currently, the only way to force a reindex is to: - -* Stop your server -* Remove the contents of the $SQ_HOME/data/es7 directory -* Start your server - -Before doing this, you should be aware first that processes are in place on the SonarQube side that out-of-sync indices are detected and corrected, and second that a full re-index can be quite lengthy depending on the size of your instance. - -## Why can't I use my HTTP Proxy since I upgraded to Java8u111? - -If you are getting this error in the logs when trying to use the Marketplace: -``` -java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required -``` -... you probably upgraded your Java8 installation with an update greater than 111. To fix that, update _$SONARQUBE_HOME/conf/sonar.properties` like this: -``` -sonar.web.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Djdk.http.auth.tunneling.disabledSchemes="" -``` -Reference: http://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html -<!-- /sonarqube --> - diff --git a/server/sonar-docs/src/pages/index.md b/server/sonar-docs/src/pages/index.md deleted file mode 100644 index 6452000c9cd..00000000000 --- a/server/sonar-docs/src/pages/index.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -title: SonarQube Documentation -url: / ---- - -[SonarQube](http://www.sonarqube.org/), is a self-managed, automatic code review tool that systematically helps you deliver Clean Code. As a core element of our [Sonar solution](https://www.sonarsource.com/), SonarQube integrates into your existing workflow and detects issues in your code to help you perform continuous code inspections of your projects. The tool analyses [30+ different programming languages](https://rules.sonarsource.com/) and integrates into your [CI pipeline](/analysis/ci-integration-overview/) and [DevOps platform](/analysis/github-integration/) to ensure that your code meets high-quality standards. - - -## Writing Clean Code - -Writing Clean Code is essential to maintaining a healthy codebase. We define Clean Code as code that meets a certain defined standard, i.e. code that is reliable, secure, maintainable, readable, and modular, in addition to having other key attributes. This applies to all code: source code, test code, Infrastructure as Code, glue code, scripts, etc. - -Sonar's [Clean as You Code](/user-guide/clean-as-you-code/) approach eliminates many of the pitfalls that arise from reviewing code at a late stage in the development process. The Clean as You Code approach uses your [Quality Gate](/user-guide/quality-gates/) to alert/inform you when there’s something to fix or review in your [New Code (code that has been added or changed](/project-administration/new-code-period/)), allowing you to maintain high standards and focus on code quality. - - -## Developing with Sonar - - - -The Sonar solution performs checks at every stage of the development process: - -* [SonarLint](https://www.sonarlint.org/) provides immediate feedback in your IDE as you write code so you can find and fix issues before a commit. -* SonarQube’s [PR analysis](/analysis/pull-request/) fits into your CI/CD workflows with SonarQube’s PR analysis & use of Quality Gates. -* [Quality Gates](/user-guide/quality-gates/) keep code with issues from being released to production, a key tool in helping you incorporate the Clean as You Code methodology. -* The [Clean as You Code](/user-guide/clean-as-you-code/) approach helps you focus on submitting new, Clean Code for production, knowing that your existing code will be improved over time. - -Learn more about the [types of issues](/user-guide/issues/) that SonarQube detects. - -Organizations start off with a default set of rules and metrics called the [Sonar Way Quality Profile](/instance-administration/quality-profiles/). This can be customized per project to satisfy different technical requirements. Issues raised in the analysis are compared against the conditions defined in the Quality Profile to establish your Quality Gate. - -A [Quality Gate](/user-guide/quality-gates/) is an indicator of code quality that can be configured to give a go/no-go signal on the current release-worthiness of the code. It indicates whether your code is clean and can move forward. - -* A passing (green) Quality Gate means the code meets your standard and is ready to be merged. -* A failing (red) Quality Gate means there are issues to address. - -SonarQube provides feedback through its UI, email, and in decorations on pull or merge requests (in commercial editions) to notify your team that there are issues to address. Feedback can also be obtained in SonarLint supported IDEs when running in [Connected Mode](/user-guide/connected-mode/). SonarQube also provides in-depth guidance on the issues telling you why each issue is a problem and how to fix it, adding a valuable layer of education for developers of all experience levels. Developers can then address issues effectively, so code is only promoted when the code is clean and passes the Quality Gate. - - -## Getting Started - -Now that you've heard about how [SonarQube](https://www.sonarqube.org/) can help you write Clean Code, you are ready to [try out SonarQube](/setup/get-started-2-minutes/) for yourself. You can run a local non-production instance of SonarQube and initial project analysis. Installing a local instance gets you up and running quickly, so you can experience SonarQube firsthand. Then, when you're ready to set up SonarQube in production, you'll need to [Install the Server](/setup/install-server/) before configuring your first code analysis. - -The [Analyzing Source Code](https://docs.sonarqube.org/latest/analysis/overview/) section explains how to set up all flavors of analysis, including how to analyze your project’s branches and pull requests. - - -## More Getting Started Resources - -* [How to set up and upgrade](/setup/overview/) -* [How to administer a project](/project-administration/project-existence/) -* [How to administer an instance](/instance-administration/quality-profiles/) -* [How to set up portfolios](/project-administration/managing-portfolios/) - - -## Learn More - -Check out the entire suite of Sonar Products: [SonarQube](https://www.sonarsource.com/products/sonarqube/), [SonarCloud](https://www.sonarsource.com/products/sonarcloud/), and [SonarLint](https://www.sonarsource.com/products/sonarlint/). - - -## Staying Connected - -Use the following links to get help and support: - -* [Get help in the community](https://www.sonarqube.org/community/) -* [Source code](https://github.com/SonarSource) -* [Issue tracker](https://jira.sonarsource.com/) diff --git a/server/sonar-docs/src/pages/instance-administration/audit-logs.md b/server/sonar-docs/src/pages/instance-administration/audit-logs.md deleted file mode 100644 index bc736abda86..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/audit-logs.md +++ /dev/null @@ -1,26 +0,0 @@ ---- -title: Audit Logs -url: /instance-administration/audit-logs/ ---- -_Audit logs are available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)._ - -Administrators can download audit logs to maintain an audit trail of the security-related changes made to their SonarQube instance. See the following section for the types of changes tracked in the audit logs. - -## Tracked changes -Audit logs track the following changes in SonarQube: -- user accounts -- permissions -- global configuration of security-related settings -- creating, updating, or deleting of projects, applications, and portfolios -- installing or updating plugins -- setting or revoking licenses - -## Downloading audit logs -Administrators can download audit logs at **Administration > Audit logs**. From here, you can select the time period that you want to download audit logs for. This is limited by your housekeeping settings. See the following section for more on setting your audit log housekeeping settings. - -## Audit log housekeeping -You can set how often SonarQube deletes audit logs in the housekeeping settings at **[Administration > General > Housekeeping](/#sonarqube-admin#/admin/settings?category=housekeeping)**. By default, SonarQube deletes audit logs monthly. - -Setting your housekeeping policy to keep your audit logs for a long period of time (for example, only deleting logs yearly) can increase your database size and the amount of time it takes to download audit logs. To avoid this, we recommend downloading your audit logs at shorter intervals and storing them outside of SonarQube. - -We also recommend downloading and storing your audit logs outside of SonarQube if you need to maintain them for a longer period of time than can be set in the housekeeping settings.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/bitbucket-cloud.md b/server/sonar-docs/src/pages/instance-administration/authentication/bitbucket-cloud.md deleted file mode 100644 index a79d8314114..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/bitbucket-cloud.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -title: Bitbucket Cloud -url: /instance-administration/authentication/bitbucket-cloud/ ---- - -To allow users to log in with Bitbucket Cloud credentials, you need to use an [OAuth consumer](https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/) and set the authentication settings in SonarQube. See the following sections for more on setting up authentication. - -## Setting your OAuth consumer settings -Create your OAuth consumer in your Bitbucket Cloud workspace settings and specify the following: - -- **Name** – the name of your OAuth consumer. -- **Callback URL** – your SonarQube instance URL. -- **Permissions**: - * **Account**: **Read** and **Email** access. - * **Workspace membership**: **Read** access. - -## Setting your authentication settings in SonarQube -To set your global authentication settings, navigate to **Administration > Configuration > General Settings > Authentication > Bitbucket Cloud Authentication** and update the following settings: - -- **Enabled** - set to true. -- **OAuth consumer key** - enter the **Key** from your OAuth consumer page in Bitbucket. -- **OAuth consumer secret** - enter the **Secret** from your OAuth consumer page in Bitbucket. -- **Workspaces** - Only users from Bitbucket Workspaces that you add here will be able to authenticate in SonarQube. This is optional, but _highly_ recommended to ensure only the users you want to log in with Bitbucket credentials are able to. diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/github.md b/server/sonar-docs/src/pages/instance-administration/authentication/github.md deleted file mode 100644 index f0987f3f954..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/github.md +++ /dev/null @@ -1,22 +0,0 @@ ---- -title: Github -url: /instance-administration/authentication/github/ ---- - -To allow users to log in with GitHub credentials, you must rely on a GitHub App. You can reuse one that you previously created although we highly recommend to create a dedicated one. - -## Creating a dedicated app for authentication -If you want to use a dedicated app for GitHub authentication, you can create a GitHub OAuth app. You'll find general instructions for creating a GitHub OAuth App [here](https://docs.github.com/en/free-pro-team@latest/developers/apps/creating-an-oauth-app). Specify the following settings in your OAuth App: - -- **Homepage URL** – the public URL of your SonarQube server. For example, `https://sonarqube.mycompany.com`. For security reasons, HTTP is not supported, and you must use HTTPS. The public URL is configured in SonarQube at **[Administration > General > Server base URL](/#sonarqube-admin#/admin/settings)**. -- **Authorization callback URL** – your instance's base URL. For example, `https://yourinstance.sonarqube.com`. - -## Setting your authentication settings in SonarQube - -Navigate to **Administration > Configuration > General Settings > Authentication > GitHub Authentication** and update the following: - -1. **Enabled** – set the switch to `true`. -1. **Client ID** – the Client ID is found below the GitHub App ID on your GitHub App's page. -1. **Client Secret** – the Client secret is found below the Client ID on your GitHub App's page. - -Now, from the login page, your users can connect their GitHub accounts with the new "Log in with GitHub" button. diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/gitlab.md b/server/sonar-docs/src/pages/instance-administration/authentication/gitlab.md deleted file mode 100644 index 8661bde4e46..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/gitlab.md +++ /dev/null @@ -1,39 +0,0 @@ ---- -title: Gitlab -url: /instance-administration/authentication/gitlab/ ---- - -You can delegate authentication to GitLab using a dedicated GitLab OAuth application. - -## Creating a GitLab OAuth app -You can find general instructions for creating a GitLab OAuth app [here](https://docs.gitlab.com/ee/integration/oauth_provider.html). - -Specify the following settings in your OAuth app: - -- **Name** – your app's name, such as SonarQube. -- **Redirect URI** – enter your SonarQube URL with the path `/oauth2/callback/gitlab`. For example, `https://sonarqube.mycompany.com/oauth2/callback/gitlab`. -- **Scopes** – select **api** if you plan to enable group synchronization. Select **read_user** if you only plan to delegate authentication. - -After saving your application, GitLab takes you to the app's page. Here you find your **Application ID** and **Secret**. - -## Setting your authentication settings in SonarQube -Open your SonarQube instance, and navigate to **Administration > Configuration > General Settings > Authentication > GitLab Authentication**. Set the following settings to finish setting up GitLab authentication: - -- **Enabled** – set to `true`. -- **Application ID** – the Application ID is found on your GitLab app's page. -- **Secret** – the Secret is found on your GitLab app's page. - -On the login form, the new "Log in with GitLab" button allows users to connect with their GitLab accounts. - -## GitLab group synchronization -Enable **Synchronize user groups** at **Administration > Configuration > General Settings > Authentication > GitLab Authentication** to associate GitLab groups with existing SonarQube groups of the same name. GitLab users inherit membership to subgroups from parent groups. - -To synchronize a GitLab group or subgroup with a SonarQube group, name the SonarQube group with the full path of the GitLab group or subgroup URL. - -For example, with the following GitLab group setup: - -- GitLab group = My Group -- GitLab subgroup = My Subgroup -- GitLab subgroup URL = `https://YourGitLabURL.com/my-group/my-subgroup` - -You should name your SonarQube group `my-group` to synchronize it with your GitLab group and `my-group/my-subgroup` to synchronize it with your GitLab subgroup. diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/http-header.md b/server/sonar-docs/src/pages/instance-administration/authentication/http-header.md deleted file mode 100644 index e877ef0795d..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/http-header.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -title: HTTP Header -url: /instance-administration/authentication/http-header/ ---- - -You can delegate user authentication to third-party systems (proxies/servers) using HTTP Header Authentication. See `SSO AUTHENTICATION` section within `sonar.properties` file. - -When this feature is activated, SonarQube expects that the authentication is handled prior any query reaching the server. -The tool that handles the authentication should: - -* intercept calls to the SonarQube server -* take care of the authentication -* update the HTTP request header with the relevant SonarQube user information -* re-route the request to SonarQube with the appropriate header information - - - -All the parameters required to activate and configure this feature are available in SonarQube server configuration file (in _$SONARQUBE_HOME/conf/sonar.properties_). - -Using Http header authentication is an easy way integrate your SonarQube deployment with an in-house SSO implementation.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/ldap.md b/server/sonar-docs/src/pages/instance-administration/authentication/ldap.md deleted file mode 100644 index d4240889305..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/ldap.md +++ /dev/null @@ -1,132 +0,0 @@ ---- -title: LDAP -url: /instance-administration/authentication/ldap/ ---- - -You can configure SonarQube authentication and authorization to an LDAP server (including LDAP Service of Active Directory) by configuring the correct values in _$SONARQUBE_HOME/conf/sonar.properties_. - -The main features are: - -* Password checking against the external authentication engine. -* Automatic synchronization of usernames and emails. -* Automatic synchronization of relationships between users and groups (authorization). -* Ability to authenticate against both the external and the internal authentication systems. There is an automatic fallback on SonarQube internal system if the LDAP server is down. -* During the first authentication trial, if the user's password is correct, the SonarQube database is automatically populated with the new user. Each time a user logs into SonarQube, the username, the email and the groups this user belongs to that are refreshed in the SonarQube database. You can choose to have group membership synchronized as well, but this is not the default. - - - | Apache DS | OpenLDAP | Open DS | Active Directory -----|-----------|----------|---------|----------------- -Anonymous |  | | | -Simple|||| -LDAPS||| | -DIGEST-MD5|| || -CRAM-MD5|| || -GSSAPI|| | | - = successfully tested - -## Setup -1. Configure LDAP by editing _$SONARQUBE_HOME/conf/sonar.properties_ (see table below) -2. Restart the SonarQube server and check the log file for: -``` -INFO org.sonar.INFO Security realm: LDAP ... -INFO o.s.p.l.LdapContextFactory Test LDAP connection: OK -``` -1. Log into SonarQube -1. On logout users will be presented a login page (_/sessions/login_), where they can choose to login as technical user or a domain user by passing appropriate credentials - -From SonarScanners, we recommend using [local technical users](/instance-administration/security/) for authentication against SonarQube Server. - -**General Configuration** - -Property|Description|Default value|Required|Example ----|---|---|---|--- -`sonar.security.realm`|Set this to `LDAP` authenticate first against the external sytem. If the external system is not reachable or if the user is not defined in the external system, authentication will be performed against SonarQube's internal database.| none |Yes|`LDAP` (only possible value) -`sonar.authenticator.downcase`|Set to true when connecting to a LDAP server using a case-insensitive setup.|`false`|No -`ldap.url`|URL of the LDAP server. If you are using ldaps, you should install the server certificate into the Java truststore.| none |Yes|`ldap://localhost:10389` -`ldap.bindDn`|The username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory.|none|No|`cn=sonar,ou=users,o=mycompany` -`ldap.bindPassword`|The password of the user to connect with. Leave this blank for anonymous access to the LDAP directory.|none|No|`secret` -`ldap.authentication`|Possible values: `simple`, `CRAM-MD5`, `DIGEST-MD5`, `GSSAPI`. See [the tutorial on authentication mechanisms](http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html)|`simple`|No -`ldap.realm`|See [Digest-MD5 Authentication](http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html), [CRAM-MD5 Authentication](http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html)| none|No|example.org -`ldap.contextFactoryClass`|Context factory class.|`com.sun.jndi.ldap.LdapCtxFactory`|No -`ldap.StartTLS`|Enable use of `StartTLS`|`false`|No -`ldap.followReferrals`|Follow referrals or not. See [Referrals in the JNDI](http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html)|`true` - -**User Mapping** - -Property|Description|Default value|Required|Example for Active Directory ----|---|---|---|--- -`ldap.user.baseDn`|Distinguished Name (DN) of the root node in LDAP from which to search for users.|None|Yes|`cn=users,dc=example,dc=org` -`ldap.user.request`|LDAP user request.|`(&(objectClass=inetOrgPerson)(uid={login}))`|No|`(&(objectClass=user)(sAMAccountName={login}))` -`ldap.user.realNameAttribute`|Attribute in LDAP defining the user’s real name.|`cn`|No| -`ldap.user.emailAttribute`|Attribute in LDAP defining the user’s email.|`mail`|No| - -**Group Mapping** -Only groups (not roles) and static groups (not dynamic groups) are supported. Click [here](http://identitycontrol.blogspot.fr/2007/07/static-vs-dynamic-ldap-groups.html) for more information. - -For the delegation of authorization, [groups must be first defined in SonarQube](/instance-administration/security/). Then, the following properties must be defined to allow SonarQube to automatically synchronize the relationships between users and groups. - -Property|Description|Default value|Required|Example for Active Directory ----|---|---|---|--- -`ldap.group.baseDn`|Distinguished Name (DN) of the root node in LDAP from which to search for groups.|none|No|`cn=groups,dc=example,dc=org` -`ldap.group.request`|LDAP group request.|`(&(objectClass=groupOfUniqueNames)(uniqueMember={dn}))`|No|`(&(objectClass=group)(member={dn}))` -`ldap.group.idAttribute`|Property used to specifiy the attribute to be used for returning the list of user groups in the compatibility mode.|`cn`|No|`sAMAccountName` - -### Configuration sample -``` -# LDAP configuration -# General Configuration -sonar.security.realm=LDAP -ldap.url=ldap://myserver.mycompany.com -ldap.bindDn=my_bind_dn -ldap.bindPassword=my_bind_password - -# User Configuration -ldap.user.baseDn=ou=Users,dc=mycompany,dc=com -ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login})) -ldap.user.realNameAttribute=cn -ldap.user.emailAttribute=mail - -# Group Configuration -ldap.group.baseDn=ou=Groups,dc=sonarsource,dc=com -ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid})) -``` - -## Advanced LDAP Topics -### Authentication Methods -* **`Anonymous`** - Used when only read-only access to non-protected entries and attributes is needed when binding to the LDAP server. -* **`Simple`** Simple authentication is not recommended for production deployments not using the ldaps secure protocol since it sends a cleartext password over the network. -* **`CRAM-MD5`** - The Challenge-Response Authentication Method (CRAM) based on the HMAC-MD5 MAC algorithm ([RFC 2195](http://tools.ietf.org/html/rfc2195)). -* **`DIGEST-MD5`** - This is an improvement on the CRAM-MD5 authentication method ([RFC 2831](http://www.ietf.org/rfc/rfc2831.txt)). -* **`GSSAPI`** - GSS-API is Generic Security Service API ([RFC 2744](http://www.ietf.org/rfc/rfc2744.txt)). One of the most popular security services available for GSS-API is the Kerberos v5, used in Microsoft's Windows 2000 platform. - -For a full discussion of LDAP authentication approaches, see [RFC 2829](http://www.ietf.org/rfc/rfc2829.txt) and [RFC 2251](http://www.ietf.org/rfc/rfc2251.txt). - -### Multiple Servers -To configure multiple servers: -``` -# List the different servers -ldap.servers=server1,server2 - -# Configure server1 -ldap.server1.url=ldap://server1:1389 -ldap.server1.user.baseDn=dc=dept1,dc=com -... - -# Configure server2 -ldap.server2.url=ldap://server2:1389 -ldap.server2.user.baseDn=dc=dept2,dc=com -... -``` - -Authentication will be tried on each server, in the order they are listed in the configurations, until one succeeds. User/Group mapping will be performed against the first server on which the user is found. - -Note that all the LDAP servers must be available while (re)starting the SonarQube server. - -### Migrate users to a new authentication method -If you are changing your delegated authentication method and migrating existing users from your previous authentication method, you can use the `api/users/update_identity_provider` web API to update your users' identity provider. - -### Troubleshooting -* Detailed connection logs (and potential error codes received from LDAP server) are output to SonarQube's _$SONARQUBE_HOME/logs/web.log_, when logging is in `DEBUG` mode. - -* Time out when running SonarQube analysis using LDAP -Java parameters are documented here: http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html. Such parameters can be set in `sonar.web.javaAdditionalOpts` in _$SONARQUBE_HOME/conf/sonar.properties_.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/overview.md b/server/sonar-docs/src/pages/instance-administration/authentication/overview.md deleted file mode 100644 index 9efd51c462d..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/overview.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: Overview -url: /instance-administration/authentication/overview/ ---- - -SonarQube comes with an onboard user database, as well as the ability to delegate authentication via [HTTP Headers](/instance-administration/authentication/http-header/), [GitHub Authentication](/instance-administration/authentication/github/), [GitLab Authentication](/instance-administration/authentication/gitlab/), [Bitbucket Cloud Authentication](/instance-administration/authentication/bitbucket-cloud/), [SAML](/instance-administration/authentication/saml/overview/), or [LDAP](/instance-administration/authentication/ldap/). Each method offers user identity management, group synchronization/mapping, and authentication. - -## Group Mapping -When using group mapping, the following caveats apply regardless of which delegated authentication method is used: -* membership in synchronized groups will override any membership locally configured in SonarQube _at each login_ -* membership in a group is synched only if a group with the same name exists in SonarQube -* membership in the default group `sonar-users` remains (this is a built-in group) even if the group does not exist in the identity provider - -[[warning]] -|When group mapping is configured, the delegated authentication source becomes the only place to manage group membership, and the user's groups are re-fetched with each log in. - -## Revoking tokens for deactivated users -When SonarQube authentication is delegated to an external identity provider, deactivating a user on the identity provider side does not remove any tokens associated with the user on the SonarQube side. We recommend deactivating the user in SonarQube at **Administration > Security > Users** by selecting **Deactivate** from the  drop-down menu to ensure tokens associated with that user can no longer be used. - -## Delete users' personal information -SonarQube offers the possibility to anonymize the data of deactivated users. This comes in handy when you want to ensure that the personal data of deactivated users is not retained, for example, for legal compliance. - -You can delete a user's personal information by following the steps listed above to revoke tokens for any deactivated users and select the checkbox titled **Delete user’s personal information**. - -You can also delete personal information using the API. First, the user needs to be deactivated, then an admin can use the webservice `/api/users/anonymize` and pass to it the login of a deactivated user to replace all personal data of the user with anonymized data. Note that the admin is able to retrieve the logins of deactivated users by using `/api/users/search` endpoint with the appropriate parameter. - - -This feature has the following limitations: -- Deleting the personal information of a user will change its login, making it impossible to reactivate the user by recreating a user with the old login. -- The user’s login may still be stored in issue changelogs and the user’s login, name and email address may still be stored in audit entries. Audit entries are purged by default after 30 days. -- Deleted users may still appear in the list of authors and other locations due to SCM data. -- Some columns in the database may contain parts of the user's login if the user was created before the instance was upgraded to SonarQube 8.3.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/saml/azuread.md b/server/sonar-docs/src/pages/instance-administration/authentication/saml/azuread.md deleted file mode 100644 index f04600b6716..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/saml/azuread.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: How to setup Azure AD -url: /instance-administration/authentication/saml/azuread/ ---- - -The following content may be useful if you're using Azure AD as a SAML Identity Provider. - -To integrate Azure AD (Identity Provider) with SonarQube (Service Provider), both sides need to be configured. - -For SonarQube, navigate to **Administration > Authentication > SAML**. -For Azure AD, login to Azure and navigate to Azure AD. - -## Set up the SonarQube application in Azure AD -1. In Azure AD, navigate to **Enterprise applications** and add a **New Application**. -  -1. Create your **own application** and fill in the **name**. -  - -## Link SonarQube with Azure AD -1. Navigate to **Single sign-on** and select **SAML**. -  -1. Edit the **Basic SAML Configuration** and fill in the **Identifier** and the **Reply URL**. The **Identifier** has to be the same as the **Application ID** in SonarQube. The **Reply URL** must have the format `<Your SonarQube URL>/oauth2/callback/saml`. -  - - [[info]] - |The **Reply URL** uses the **Server base URL** provided in SonarQube under **Administration > General**. -1. Make sure that the **Application ID** in SonarQube has the same value as the **Identifier** in the Identity Provider. -  -1. In the Azure AD SAML configuration, navigate to **Set up <application name>** and copy the **Login URL** and **Azure AD Identifier** -  -1. Paste the **Login URL** into the **SAML login url** and the **Azure AD Identifier** into the **Provider ID** field in the SonarQube SAML configuration. -  - -## Attributes and Claims -1. In the Azure AD SAML configuration, edit **Attributes & Claims** to view, edit or add attributes. -  - SonarQube uses the following attributes: - - **Login** (required) A unique name to identify the user in SonarQube. The default Azure AD attribute `emailaddress` is used in the example. - - **Name** (required) The full name of the user. The default Azure AD attribute `givenname` is used in the example. - - **Email** (optional) The email of the user. - - **Group** (optional) Supports mapping to group names in SonarQube. Group name passed by Azure AD and the group name in SonarQube should match. Otherwise, the default **sonar-users** group is assigned. - [[warning]] - |The **NameID** attribute is *not* used in SonarQube. -1. Corresponding configuration in SonarQube. The namespace + name of the attribute should be used, as defined in Azure AD. -  - -## Certificates & Signatures -1. Navigate to **SAML Certificates** and download **Certificate (Base64)**. -  -1. The certificate should be copied into the **Identity provider certificate** field in the SonarQube SAML configuration. -  -1. (Optional) Encryption for SonarQube requests can be activated by generating an asymmetric key pair. (For more information, see [SAML token encryption in Azure](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/howto-saml-token-encryption?tabs=azure-portal)) - Add the private key in SonarQube. -  - Import the public key certificate (.cer) file in Azure AD and activate token encryption -  -1. (Optional) Azure AD supports signed SAML requests from the Service Provider (under Preview). - Edit the **Verification certificates**, upload a certificate and enable the **Require verification certificates** option. -  - In SonarQube, fill in the corresponding private key and the same certificate and enable the **Sign requests** option. -  - -## Users and Groups -1. In the Azure AD SonarQube application, navigate to **Users and groups** and assign users or groups to the application. -  - -## Group mapping -Group mapping between Azure AD and SonarQube can be achieved either by using the Azure AD roles or the Azure AD groups. -For either case, the corresponding group name should exist in SonarQube under **Administration > Security > Groups**. (For more information, see [Authorization](/instance-administration/security/)) - -- For mapping with the Azure AD groups, a group claim must be added with `sAMAccountName` as a source attribute. - [[warning]] - |According to Azure: This source attribute only works for groups synchronized from an on-premises Active Directory using AAD Connect Sync 1.2.70.0 or above -  -  -- For mapping with the Azure AD app roles, an application role should be assigned to the user. Azure AD sends the role claim automatically with `http://schemas.microsoft.com/ws/2008/06/identity/claims/role` as a key. -  - -## Enabling and testing SAML authentication -1. In the SonarQube SAML settings, enable SAML. -  -1. In the login form, the new button **Log in with SAML** (or a custom name specified in the `sonar.auth.saml.providerName` setting) allows users to connect with their SAML account. - -  - -Before enabling the SAML authentication on SonarQube, you can verify that the configuration is correct by clicking on the “Test Configuration” button. A SAML login will be initiated and useful information about the SAML response obtained from the Identity provider will be returned.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/saml/keycloak.md b/server/sonar-docs/src/pages/instance-administration/authentication/saml/keycloak.md deleted file mode 100644 index b0fdb3f0711..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/saml/keycloak.md +++ /dev/null @@ -1,79 +0,0 @@ ---- -title: How to setup Keycloak -url: /instance-administration/authentication/saml/keycloak/ ---- - -The following content may be useful if you're using Keycloak as a SAML Identity Provider. - -To integrate Keycloak (Identity Provider) with SonarQube (Service Provider), both sides need to be configured. - -## Keycloak server configuration -Create a new SAML client - -1. **Client ID**: Something like "sonarqube", it must not contain whitespace. -1. **Client Protocol**: *saml* -1. **Client SAML Endpoint**: Can be left empty - -Configure the new SAML client - -1. Under *Settings* - 1. **Client Signature Required:** ON only if the signature of the requests will be active on the SonarQube SAML configuration. - 1. **Encrypt Assertions**: ON if the responses from the IdP have to be encrypted. - 1. **Valid Redirect URIs**: "<Your SonarQube URL>/oauth2/callback/saml" (e.g., https://sonarqube.mycompany.com/oauth2/callback/saml). -1. Under *Keys* - 1. (Optional) **Signing Key**: Add the service provider private key and the certificate if the signature of the requests is enabled on the SonarQube side (Keycloak generated keys can be used). This private key will have to be provided in PKCS8 format in SonarQube. - 1. (Optional) **Encryption Key**: Add the service provider certificate if you want to activate the encryption of Keycloak responses. If request signature is used, you must use the same certificate for the encryption. -1. In **Client Scopes > Default Client Scopes**, remove "role_list" from "Assigned Default Client Scopes" (to prevent the error `com.onelogin.saml2.exception.ValidationError: Found an Attribute element with duplicated Name` during authentication) -1. Under *Mappers*, create a mapper for each user attribute: - 1. Create a mapper for the login: - 1. **Name**: "Login" - 1. **Mapper Type**: *User Property* - 1. **Property**: "Username" (note that the login should not contain any special characters other than `.-_@` to meet SonarQube restrictions) - 1. **SAML Attribute Name**: "login" - 1. Create a mapper for the name: - 1. **Name**: "Name" - 1. **Mapper Type**: *User Property* - 1. **Property**: "Username" (it can also be another attribute you would previously have specified for the users) - 1. **SAML Attribute Name**: "name" - 1. (Optional) Create a mapper for the email: - 1. **Name**: "Email" - 1. **Mapper Type**: *User Property* - 1. **Property**: "Email" - 1. **SAML Attribute Name**: "email" - 1. (Optional) Create a mapper for the groups (if you rely on a list of roles defined in "Roles" of the Realm , not in "Roles" of the client): - 1. **Name**: "Groups" - 1. **Mapper Type**: *Role list* - 1. **Role Attribute Name**: "groups" - 1. **Single Role Attribute**: *ON* - 1. If you rely on a list of groups defined in "Groups": - 1. **Name**: "Groups" - 1. **Mapper Type**: *Group list* - 1. **Role Attribute Name**: "groups" - 1. **Single Role Attribute**: *ON* - 1. **Full Group Path**: *OFF* -1. In **Realm Settings > General > Endpoints**, click on "SAML 2.0 Identify Provider Metadata" to obtain the XML configuration file from Keycloak. - -## SonarQube configuration -Configure the SAML authentication: **[Administration > Configuration > General Settings > Authentication > SAML](/#sonarqube-admin#/admin/settings?category=authentication)** - -* **Application ID**: The value of the "Client ID" you set in Keycloak (for example "sonarqube") -* **Provider ID**: The value of the `EntityDescriptor > entityID` attribute in the XML configuration file (e.g., "http://keycloak:8080/auth/realms/sonarqube") -* **SAML login url**: The value of `SingleSignOnService > Location` attribute in the XML configuration file (e.g., "http://keycloak:8080/auth/realms/sonarqube/protocol/saml") -* **Identity provider certificate**: The value you get from **Realm Settings > Keys > RS256**; click on the *Certificate* button -* **SAML user login attribute**: "login" (or whatever you configured above when doing the mapping) -* **SAML user name attribute**: "name" (or whatever you configured above when doing the mapping) -* (Optional) **SAML user email attribute**: "email" (or whatever you configured above when doing the mapping) -* (Optional) **SAML group attribute** "groups" (or whatever you configured above when doing the mapping) -* **Sign requests**: Set to true to activate the signature of the SAML requests. It needs both the service provider private key and certificate to be set. -* **Service provider private key**: The service provider private key shared with the identity provider. This key is required for both request signature and response encryption, which can be activated individually. The key should be provided for SonarQube in PKCS8 format without password protection. -* **Service provider certificate**: The service provider certificate shared with the identity provider in order to activate the requests signature. - -You can find [here](https://manpages.ubuntu.com/manpages/focal/man1/pkcs8.1ssl.html) some instructions to convert different key formats. - -In the login form, the new button "Log in with SAML" allows users to connect with their SAML account. - -## Enabling and testing SAML authentication -1. In the SonarQube SAML settings, enable SAML. -  - -Before enabling the SAML authentication on SonarQube, you can verify that the configuration is correct by clicking on the “Test Configuration” button. A SAML login will be initiated and useful information about the SAML response obtained from the Identity provider will be returned.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/saml/okta.md b/server/sonar-docs/src/pages/instance-administration/authentication/saml/okta.md deleted file mode 100644 index 3e5c7e05471..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/saml/okta.md +++ /dev/null @@ -1,142 +0,0 @@ ---- -title: How to setup Okta -url: /instance-administration/authentication/saml/okta/ ---- - -The following example may be useful if you are using Okta as a SAML Identity Provider. -Note that Okta does not support service provider signed requests even if they are enabled on the SonarQube side. - -To integrate Okta (Identity Provider) with SonarQube (Service Provider), both sides need to be configured. - -## Create a new application in Okta admin dashboard - -1. Under **Applications**, choose **Create App Integration**. - -  - -2. Choose **SAML 2.0** in the **Sign-in Method** dialog. - -3. Under **General Settings**, fill in **App name** with *SonarQube* (or another name that you prefer) and opt-in to **Do not display application icon to users**. - -  - - -### Configure SAML settings - -1. Under *General Settings*, configure the following fields: - - - **Single sign on URL**: `<Your SonarQube URL>/oauth2/callback/saml` (e.g., `https://sonarqube.mycompany.com/oauth2/callback/saml`). - - - **Audience URI (SP Entity ID)**: Something like `sonarqube` (SonarQube default value). It must not contain whitespace. - -  - -2. Assertion signature is mandatory. You must keep the following default settings in *Show Advanced Settings*: - - - **Response**: Choose *Signed*. - - - **Assertion Signature**: Choose *Signed*. - - - **Signature Algorithm**: Choose *RSA-SHA256*. - -3. (Optional) If you want to enable assertion encryption, expand *Show Advanced Settings* and configure the following fields: - - - **Assertion Encryption**: Choose *Encrypted*. - - - **Encryption Algorithm**: Choose *AES256-GCM* for high security. - - - **Key Transport Algorithm**: Choose *RSA-OAEP*. - - - **Encryption Certificate**: Add the service provider certificate. It should be the same certificate as the one found in the SonarQube SAML settings under "Service provider certificate". - -  - -4. Under **Attribute Statements**, add the following attribute mappings: - - - Create a mapping for the *name*: - - 1. **Name**: `name`. - - 2. **Name format**: *Unspecified*. - - 3. **Value**: Choose `user.firstName`. - - - Create a mapping for the *login*: - - 1. **Name**: `login`. - - 2. **Name format**: *Unspecified*. - - 3. **Value**: Choose `user.login`. - - - (Optional) Create a mapping for the *email*: - - 1. **Name**: `email`. - - 2. **Name format**: *Unspecified*. - - 3. **Value**: Choose `user.email`. - -  - - - (Optional) Under *Group Attribute Statements* (See details in [Group Mapping](/instance-administration/authentication/overview/)): - - 1. **Name**: `groups`. - - 2. **Name format**: *Unspecified*. - - 3. **Filter**: Choose *Matches regex* and set the value to `.*`. - -  - -5. Click **Finish** in the **Feedback** dialog to confirm the creation of the application. - -6. You can now add users and groups in the *Assignments* tab of the application. - - - -7. Navigate to the **Sign On** tab of the *SonarQube* application in Okta. - - - -8. Next to the **SAML Signing Certificates** subsection, you will find the configurations needed for setting up SonarQube, under **View SAML setup instructions**. - - - - - -## In SonarQube, Configure SAML authentication - -Go to **[Administration > Configuration > General Settings > Authentication > SAML](/#sonarqube-admin#/admin/settings?category=authentication)** - -- **Application ID**: The value of the *Audience URI (SP Entity ID)* you set in Okta (for example, `sonarqube`). - -- **Provider ID**: The value of *Identity Provider Issuer* provided in **View SAML setup instructions** from Okta. - -- **SAML login url**: The value of *Identity Provider Single Sign-On URL* provided in **View SAML setup instructions** from Okta. - -- **Identity provider certificate**: The value of *X.509 Certificate* provided in **View SAML setup instructions** from Okta. - -- **SAML user login attribute**: `login` (or whatever you configured above when doing the mapping). - -- **SAML user name attribute**: `name` (or whatever you configured above when doing the mapping). - -- (Optional) **SAML user email attribute**: `email` (or whatever you configured above when doing the mapping). - -- (Optional) **SAML group attribute** `groups` (or whatever you configured above when doing the mapping). - -- **Sign requests**: Not supported for Okta. - -- (Optional) **Service provider private key**: The private key is required for assertion encryption support. It must be provided for SonarQube in `PKCS8` format without encryption. You can find instructions for converting to different key formats [here](https://manpages.ubuntu.com/manpages/focal/man1/pkcs8.1ssl.html). - -- (Optional) **Service provider certificate**: The certificate is required for assertion encryption support. It must be shared with Okta in order to activate the assertion encryption. - -The service provider private key and certificate can be either a new self-signed pair or any existing pair available in your infrastructure. - -In the login form, the new button **Log in with SAML** (or a custom name specified in the `sonar.auth.saml.providerName` setting) allows users to connect with their SAML account. - -## Enabling and testing SAML authentication -1. In the SonarQube SAML settings, enable SAML. -  - -Before enabling the SAML authentication on SonarQube, you can verify that the configuration is correct by clicking on the “Test Configuration” button. A SAML login will be initiated and useful information about the SAML response obtained from the Identity provider will be returned. diff --git a/server/sonar-docs/src/pages/instance-administration/authentication/saml/overview.md b/server/sonar-docs/src/pages/instance-administration/authentication/saml/overview.md deleted file mode 100644 index 53ff545ab9e..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/authentication/saml/overview.md +++ /dev/null @@ -1,51 +0,0 @@ ---- -title: Overview -url: /instance-administration/authentication/saml/overview/ ---- - -You can delegate authentication to a SAML 2.0 Identity Provider using SAML Authentication. - -## SAML authentication flow - -1. When a user requests a SonarQube web page and is not already authenticated, SonarQube will start a SAML authentication process. -2. SonarQube creates a SAML request for the configured Identity Provider and sends it back to the user's browser. -3. The user's browser automatically relays the SAML request to the Identity Provider. -4. The Identity Provider authenticates the user and creates a SAML assertion containing the user information and privilege. Optionally, it can encrypt this assertion with the SonarQube certificate. -5. The Identity Provider sends a SAML assertion back to the web browser -6. The user's browser then relays the SAML assertion to SonarQube to authenticate and authorize the user. -7. SonarQube responds with the originally requested resource. - - - -During the process, certificates are used to authenticate the Identity Provider and, optionally, SonarQube. -The Identity Provider public certificate is necessary to ensure that the SAML assertion is genuine. -The SonarQube certificate is optional, but ensures that only SonarQube can use the assertion provided. - -## Settings - -| Property | UI Name | Description | Required | -|------------------------------------------|-------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------| -| `sonar.auth.saml.enabled` | Enabled | Controls whether SAML authentication is enabled on SonarQube. | Yes | -| `sonar.auth.saml.applicationId` | Application ID | The ID under which SonarQube is known to the Identity Provider. | Yes | -| `sonar.auth.saml.providerName` | Provider Name | The name of the Identity Provider displayed in the login page when SAML authentication is active. | Yes | -| `sonar.auth.saml.providerId` | Provider ID | The ID of the Identity Provider. | Yes | -| `sonar.auth.saml.loginUrl` | SAML login url | The URL at which the Identity Provider expects to receive SAML requests. | Yes | -| `sonar.auth.saml.certificate.secured` | Identity provider certificate | The public X.509 certificate used by the Identity Provider to authenticate SAML messages. | Yes | -| `sonar.auth.saml.user.login` | SAML user login attribute | The name of the attribute that the Identity Provider will use to store the authenticated user login. | Yes | -| `sonar.auth.saml.user.name` | SAML user name attribute | The name of the attribute that the Identity Provider will use to store the authenticated user name. | Yes | -| `sonar.auth.saml.user.email` | SAML user email attribute | The name of the attribute that the Identity Provider will use to store the authenticated user email. | No | -| `sonar.auth.saml.group.name` | SAML group attribute | The attribute defining the user group in SAML. If this attribute is not defined, users are associated with the default group. | No | -| `sonar.auth.saml.signature.enabled` | Sign requests | Controls whether SonarQube is expected to sign the SAML requests. If enabled, both the service provider's private key and certificate must be provided. | No | -| `sonar.auth.saml.sp.privateKey.secured` | Service provider private key | The PKCS8 private key without password used by SonarQube to sign SAML requests and to decrypt encrypted SAML responses. | This is only required if `sonar.auth.saml.signature.enabled` is set to `true` or the Identity Provider sends encrypted SAML responses. | -| `sonar.auth.saml.sp.certificate.secured` | Service provider certificate | The public key part of the previously provided private key. | This is only required if `sonar.auth.saml.signature.enabled` is set to `true`. | - -### Testing -After all the mandatory settings are filled, the SAML integration with the Identity Provider can be tested by clicking the **Test configuration** button. -A new tab will open with more information regarding the success of the integration, attributes received from the Identity Provider, and any warnings or errors that occur. - -## SAML configuration related information and limitations - -* **SAML and reverse proxy configuration**: When using SAML, make sure your reverse proxy is properly configured. See [Operating the Server](/setup/operate-server/) for more information. -* **Migrating from LDAP to SAML as Identity Provider**: A guide on how to perform this migration is available [here](https://community.sonarsource.com/t/migrating-sonarqube-users-between-identity-providers-with-a-focus-on-ldap-saml/48653). -* **Identity Provider initiated authentication is not supported**: This is a known limitation of SonarQube when using SAML as the authentication mechanism. Only Service Provider initiated authentication is fully supported. -* **SAML Single Sign Out is not supported**: Logging off from SonarQube when SAML authentication is enabled, will not result in a disconnection from the other services linked to the same Identity Provider. diff --git a/server/sonar-docs/src/pages/instance-administration/backup-restore.md b/server/sonar-docs/src/pages/instance-administration/backup-restore.md deleted file mode 100644 index 26427b45de5..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/backup-restore.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -title: Backup and Restore -url: /instance-administration/backup-restore/ ---- - -## Backing Up Data -Most databases come with backup tools. We recommend using these tools to back up your data. - -## Restoring Data -To restore data from backup, follow these steps: - -1. Stop the server. -1. Restore the backup. -1. Drop the Elasticsearch indexes by deleting the contents of `$SQ_HOME/data/es7 directory`. -1. Restart the server. diff --git a/server/sonar-docs/src/pages/instance-administration/compute-engine-performance.md b/server/sonar-docs/src/pages/instance-administration/compute-engine-performance.md deleted file mode 100644 index 21de969073d..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/compute-engine-performance.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Compute Engine Performance -url: /instance-administration/compute-engine-performance/ ---- - -_The ability to manage Compute Engine performance is available as part of [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) and [above](https://www.sonarsource.com/plans-and-pricing/)._ - - -### How can I get analyses through the Compute Engine Queue faster? -If analyses are taking too long to process, it may be that you need to increase the number of Compute Engine (CE) workers (**[Administration > Projects > Background Tasks > Number of Workers](/#sonarqube-admin#/admin/background_tasks)**). - -There are two cases to consider: - -1. slowness comes from the fact that the queue is often full of pending tasks -1. individual tasks take a long time to process - -In the first case, increasing the number of workers could help. The second case should be carefully evaluated. In either case, when considering increasing the number of CE workers, two questions should be answered. - -* does my infrastructure allow me to increase the number of workers? -* to what extent should I increase the number of workers? I.E. What number should I configure? - -Increasing the number of workers will increase the stress on the resources consumed by the Compute Engine. Those resources are: - -* the DB -* disk I/O -* network -* heap -* CPU - -Of those, only the last two are internal to the CE. - -If slowness comes from any of the external resources (DB, disk I/O, network), then increasing the number of workers could actually slow the processing of individual reports (think of two people trying to go through a door at the same time). However, if your slowness is caused by large individual analysis reports hogging the CE worker for extended periods of time, then enabling parallel processing by adding another worker could help. But if you do, you need to take a look at the internal resources. - -CE workers are not CPU-intensive and memory use depends entirely on the project that was analyzed. Some need a lot of memory, others don't. But with multiple CE workers, you should increase CE heap size by a multiple of the number of workers. The same logic applies to CPU: if running with one worker consumes up to Y% of CPU, then you should plan for Z workers requiring Y*Z% of CPU. - -To accurately diagnose your situation, monitor network latency, the I/O of the SonarQube instance, and the database CPU and memory usage to evaluate whether slowness is mainly/mostly/only related to external resources. diff --git a/server/sonar-docs/src/pages/instance-administration/db-copy.md b/server/sonar-docs/src/pages/instance-administration/db-copy.md deleted file mode 100644 index 2126cb664bb..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/db-copy.md +++ /dev/null @@ -1,182 +0,0 @@ ---- -title: SonarQube DB Copy Tool -url: /instance-administration/db-copy/ ---- - -_The SonarQube DB Copy Tool is available to customers with [SonarSource support](https://www.sonarsource.com/support/)._ - -We provide this tool to help you migrate your SonarQube database from one database vendor to another. For example, if you've been using your SonarQube instance with Oracle and want to migrate to PostgreSQL without losing your analysis history, the SonarQube DB Copy Tool can help. - -In the following lines, we mention "source" and "target" SonarQube database instances. The source instance is the database you're moving from, and the target instance is the one you're moving to. - -Here's an overview of the general procedure: - -* Connect to both the source and target databases. -* Read the data from the source database table by table. -* Save the data into the target database table by table. -* Recreate the sequences, index, ... on the target database. - -## Installation -The SonarQube DB Copy Tool is provided as a standalone JAR file. You need to make sure you're meeting the following conditions: - -* The JAR file must not be installed in your source or target SonarQube instances. You can put the JAR file anywhere on your machine as long as your machine is authorized to access your source and target SonarQube databases. -* You must be using at least version **1.3.3.627** of the JAR file. - -## DB Copy preparation phase -To prepare for the DB Copy Tool, you need to ready the target instance by setting up a SonarQube schema and populating it with the necessary tables so that your source and target instances have the same database schema. - -1. Make sure your target database is up and running. -1. On your target database, create the `sonar` schema. -1. Download and expand a copy of SonarQube that exactly matches the version you're running. -1. Configure your SonarQube copy to connect to the target database. (If you've placed your SonarQube copy on the same server that runs your primary SonarQube instance, you'll also need to configure non-default ports for your copy SonarQube instance.) -1. Start your copy SonarQube instance. It will connect to your empty target and populate the schema. -1. Once your copy instance is up and running (this indicates that the schema is fully populated), you can stop and delete it. -1. Refresh the Database Statistics on the target database before restarting SonarQube - -At this point, you have the exact same list of tables in your source and target databases. - -## DB Copy run phase -To run the DB Copy Tool, perform the following steps: - -1. **Stop your primary SonarQube instance.** -1. Execute the base command jar with the correct parameters. -1. Update your primary SonarQube instance's configuration to point to the target DB -1. Restart your primary SonarQube instance. - -### Base command -``` -java -jar sonar-db-copy-1.3.3.627-jar-with-dependencies.jar -``` - -### Parameters -Name | Description | Required ----|---|---|--- -`-help`|Print this parameters help| no -`-urlSrc`|JDBC URL of the source database|yes -`-userSrc`|Username of the source database|yes -`-pwdSrc`|Password of the source database|yes -`-urlDest`|JDBC URL of the target database|yes -`-userDest`|Username of the target database|yes -`-pwdDest`|Password of the target database|yes -`-driverDest`|JDBC Driver of the target database|no -`-driverSrc`|JDBC Driver of the source database|no -`-T`|Comma separated list of tables to migrate|no - -## Execution Examples -First, sonar-db-copy verifies if URLs can be reached and the database versions: - -``` -***************** CONFIGURATION VERIFICATIONS *************** -Database SOURCE has been reached at : jdbc:h2:tcp://localhost:9092/sonar-db-copy -Database DESTINATION has been reached at : mysql://localhost:13306/sonar?autoReconnect=true -The version of SonarQube schema migration are the same between source (433) and destination (433). -``` - -When the versions are different, the application stops. - -``` -***************** CONFIGURATION VERIFICATIONS *************** -Database SOURCE has been reached at : jdbc:h2:tcp://localhost:9092/sonar-db-copy -Database DESTINATION has been reached at : mysql://localhost:13306/sonar?autoReconnect=true -Exception in thread "main" Version of the schema migration are not the same between source (433) and destination (494). -``` - -Sometimes when you have restarted the copy, the destination database version is 0. This is not a problem, and the copy will continue. - -``` -***************** CONFIGURATION VERIFICATIONS *************** -Database SOURCE has been reached at : jdbc:h2:tcp://localhost:9092/sonar-db-copy -Database DESTINATION has been reached at : mysql://localhost:13306/sonar?autoReconnect=true -! WARNING – The versions of SonarQube schema migration source is (433) when destination is (0). -``` - -Then it searches tables in the source and destination databases: - -``` -*************** SEARCH TABLES *************** -START GETTING METADATA IN SOURCE... - 53 TABLES GETTED. -START GETTING METADATA IN DESTINATION... - 53 TABLES GETTED. -*************** FOUND TABLES *************** - -FOUND TABLE : action_plans - SOURCE: - COLUMNS : (id,kee,name,description,deadline,user_login,project_id,status,created_at,updated_at) - TYPES: : (INTEGER,VARCHAR,VARCHAR,VARCHAR,TIMESTAMP,VARCHAR,INTEGER,VARCHAR,TIMESTAMP,TIMESTAMP) - DESTINATION: - COLUMNS : (id,create_at,updated_at,name,description,deadline,user_login,project_id,status,kee) - TYPES : (BIGINT,TIMESTAMP,TIMESTAMP,VARCHAR,VARCHAR,TIMESTAMP,VARCHAR,INTEGER,VARCHAR,VARCHAR) - -FOUND TABLE : active_dashboards - SOURCE: - COLUMNS : (id,dashboard_id,user_id,order_index) - TYPES : (INTEGER,INTEGER,INTEGER,INTEGER) - DESTINATION: - COLUMNS : (id,dashboard_id,user_id,order_index) - TYPES : (INTEGER,INTEGER,INTEGER,INTEGER) -``` - -If there are missing tables, you will see this log: - -``` -FOUND TABLE : action_plans - SOURCE: - COLUMNS : (id,person_id,login,create_at,updated_at) - TYPES: : (INTEGER,INTEGER,VARCHAR,TIMESTAMP,TIMESTAMP) - DESTINATION: - ! WARNING - TABLE authors is not present in the DESTINATION database. -``` - -Then, sonar-db-copy truncates tables in the target database and indicates the number of tables purged. Of course, the tables missing can not be purged: - -``` -*************** DELETE TABLES FROM DESTINATION *************** -START DELETING... - ! WARNING - Can't DELETE TABLE :authors because it doesn't exist in the destination database. - 52 TABLES DELETED IN DESTINATION. -``` - -Next, sonar-db-copy reproduces data from source to destination and adjusts the sequence of destination database after the copy: - -``` -*************** COPY DATA *************** -action_plans 0 / 0 -action_plans 0 / 0 -active_dashboards 0 / 5 -active_dashboards 5 / 5 -active_rules 0 / 629 -active_rules 629 / 629 -active_rule_changes 0 / 0 -active_rule_changes 0 / 0 -active_rule_notes 0 / 0 -active_rule_notes 0 / 0 -active_rule_parameters 0 / 58 -active_rule_parameters 58 / 58 -``` - -If there are some missing tables, you'll see the following warning: - -``` -! WARNING - Can't WRITE in TABLE :authors because it doesn't exist in destination database. -``` - -If errors appear during the copy, the process does NOT stop but the errors are displayed: - -``` -** ERROR ** IN TABLE: users when read and write at col: 10 and id=1. -** ERROR ** SORUCE COLUMNS ( name,admin,remarks,id,id,login,name). -** ERROR ** DESTINATION COLUMNS ( id,login,name,email,crypted_password). -** ERROR ** LINES NOT COPIED at ROW (0) WITH id = (1). -** ERROR ** Cannot parse "TIMESTAMP" constant "TRUE" [22007-172] -``` - -At the end, sonar-db-copy reiterates the difference between the source and destination databases. An error message is displayed if the databases are different. - -``` -INFO *************** CHECK DESCREPANCIES *************** -WARN TABLE projects has 65 ROWS in SOURCE while 0 ROWS in DESTINATION -INFO ******************************************** -INFO ** THE COPY HAS FINISHED UNSUCCESSFULLY !!! WATCH OUT THE LOG!!! ** -INFO ******************************************** -``` diff --git a/server/sonar-docs/src/pages/instance-administration/housekeeping.md b/server/sonar-docs/src/pages/instance-administration/housekeeping.md deleted file mode 100644 index 9e871734225..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/housekeeping.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -title: Housekeeping -url: /instance-administration/housekeeping/ ---- - -When you run a new analysis of your project or its branches or pull requests(PRs), some data that was previously available is cleaned out of the database. For example the source code of the previous analysis, measures at directory and file levels, and so on are automatically removed at the end of a new analysis. Additionally, some old analysis snapshots, PR analyses, and branches are also removed. - -Why? Well, it's useful to analyze a project frequently to see how its quality evolves. It is also useful to be able to see the trends over weeks, months, years. But when you look back in time, you don't really need the same level of detail as you do for the project's current state. To save space and to improve overall performance, the Database Cleaner deletes some rows in the database. Here is the default configuration: - -- Audit logs (available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html)) are deleted monthly. -- For each project: - - only one snapshot per day is kept after 1 day. Snapshots marked by an event are not deleted. - - only one snapshot per week is kept after 1 month. Snapshots marked by an event are not deleted. - - only one snapshot per month is kept after 1 year. Snapshots marked by an event are not deleted. - - only snapshots with version events are kept after 2 years. Snapshots without events or with only other event types are deleted. - - **all snapshots** older than 5 years are deleted, including snapshots marked by an event. -- All closed issues more than 30 days old are deleted -- History at package/directory level is removed - -These settings can be changed at [Administration > General > Housekeeping](/#sonarqube-admin#/admin/settings?category=housekeeping). diff --git a/server/sonar-docs/src/pages/instance-administration/license-manager.md b/server/sonar-docs/src/pages/instance-administration/license-manager.md deleted file mode 100644 index 783c67e76bc..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/license-manager.md +++ /dev/null @@ -1,100 +0,0 @@ ---- -title: License Administration -url: /instance-administration/license-manager/ ---- - -## License Manager -_Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can access the License Manager at **Administration > Configuration> License Manager**._ - -You can use the License Manager to retrieve your server ID (required for obtaining a License Key) and configure your SonarSource-provided License key. - -[[warning]] -|The server ID is specific to the current database system. Make sure to configure an external database for long-term use prior to requesting your license with this server ID. - -### Retrieving the server ID -The server ID is always available on the License Manager page, as well as in the **System Info** section at **Administration > System**. - -[[info]] -|If the database connection string is updated, the server ID will be re-generated and you'll need a new license. When it is generated, the server ID is unique. The same server ID will never be generated twice, even on the same SonarQube instance. - -### Setting a license -By clicking the **Set new license** button, you can set a new license to enable or disable features in SonarQube or to update your license. - -### Lines of Code consumption -Under **Lines of Code**, the gauge shows how many lines of code (LOC) you are currently scanning and how close you are to your limit. If you're near your limit, you may need to purchase additional LOCs. - -LOCs are computed by summing up the main/program LOCs of each project analyzed. The LOCs used for a project are the LOCs found during the most recent analysis of the project. - -For a given project, the LOCs that count towards License Usage are those of the largest branch (or pull request). Lines of test code do not count towards your License Usage. - -For example: -- If a project has 100 lines of code on its main branch and 200 on a secondary branch, then the number of LOCs counted for the project is 200 -- If a project has 0 lines of code on its main branch (provisioned but never analyzed) and 200 on a secondary branch, then the number of LOCs counted is 200 -- If a project has 200 lines of code on its main branch and 100 on a secondary branch, then the number of LOCs counted is 200 - -### Global Administrator notifications -The License Manager has two built-in notification mechanisms (notifications are sent to Global Administrators). Global administrators will get notifications when: - -- **the license is about to expire** – a reminder is sent two months and again one month before your license expires. -- **the configurable LOC threshold is exceeded** – you can change this threshold using the indicator on the LOC gauge. - - A background job runs at server startup and then every 24 hours to check the LOC threshold and decide if a notification should be sent. - - The background job does not check the validity of SMTP server settings and whether the global administrator email addresses are set up. For global administrators to receive notifications, these settings need to be correctly configured before the LOC threshold is reached or exceeded. - -### Features Included - -This section of the License Manager page lists the commercial features that are enabled by the current license. - -## Staging licenses -_Staging licenses are only available in Enterprise Editions, Data Center Edition, or with commercial support_ - -Your commercial license may include one or more staging licenses. You can use these licenses for non-production instances to test new features, upgrades, new integrations, etc. - -Our license mechanism supports a regular synchronization between your production instance and staging instances. To set up synchronization: - -- First Staging setup: - 1. Create a staging database and copy the production database in it. - 1. Connect your SonarQube staging instance to it. - 1. Start SonarQube and retrieve the generated server ID. - 1. Request your Staging license key for this server ID. - 1. Set it up in the Administration panel. - -- Synchronization on a regular basis: - 1. Empty the staging database and copy the production database in it - 1. Start SonarQube - 1. The server ID will be the same as generated the first time, so you can reuse the same license key - -## Actions that will invalidate your license key - -Certain actions will regenerate your server ID and invalidate your license key. The following are some of the most common of these actions: - -- Moving, upgrading, or changing your database server to another host, available with a different IP or DNS name. -- Changing the existing database server IP or DNS name. -- Changing the database/schema name on the database server. -- Restoring the database content from another SonarQube instance (except for production/staging synchronization). -- Reinstalling SonarQube on an empty database. -- Using DBCopy or MySQL Migrator to copy your old database into a new one. - -If you plan on going through one of these scenarios and you have commercial support, please open a support ticket beforehand to confirm the plan or to explore alternatives. - -In all cases, follow the steps below in **Requesting a new license** if your license key had been invalidated. - -## Requesting a new license -If your license key isn't working: -1. Send an email to contact@sonarsource.com that includes the following information: - - Server ID - Found under **System Info** at **Administration > System** - - SonarQube version - Found under **System Info** at **Administration > System** - - SonarQube edition -1. Clarify what current license (production/staging) and server ID this is replacing. -1. Confirm the status of the existing license. - -A new license key will be issued within 1 business day once we receive an email with the needed information at contact@sonarsource.com. - -## Support - -### Access to SonarSource Support -If your license entitles you to SonarSource Support, A **Support** tab will appear at **[Administration > Support](/#sonarqube-admin#/admin/extension/license/support)** to guide you through interactions with SonarSource Support. - -This page also allows you to collect the Support Information File of your instance. Make sure to provide this file for any interaction with SonarSource Support. - - - diff --git a/server/sonar-docs/src/pages/instance-administration/look-and-feel.md b/server/sonar-docs/src/pages/instance-administration/look-and-feel.md deleted file mode 100644 index 1008e54d7ec..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/look-and-feel.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -title: Look and Feel -url: /instance-administration/look-and-feel/ ---- - -## Home logo -You can set your own "home" logo in **[Administration > General > Look & Feel](/#sonarqube-admin#/admin/settings)**. Simply provide an image URL and width. Ideally, the width will scale the height to 30 pixels. This logo will be used in both the menu bar and on the About page. - -## Content of the "About" page -You also have the ability to add content to the About page, which anonymous users land on by default: **[Administration > General > Look & Feel](/#sonarqube-admin#/admin/settings)**. - -## Gravatar -Gravatar support is enabled by default, using gravatar.com. You can configure a different server or disable the feature altogether. When enabled, gravatars show up next to most uses of the user name. diff --git a/server/sonar-docs/src/pages/instance-administration/marketplace.md b/server/sonar-docs/src/pages/instance-administration/marketplace.md deleted file mode 100644 index 081d842a7e0..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/marketplace.md +++ /dev/null @@ -1,69 +0,0 @@ ---- -title: Marketplace -url: /instance-administration/marketplace/ ---- - -[[info]] -| You can only install and update plugins from the Marketplace in SonarQube Community Edition. With commercial editions, you need manually install and update your plugins. See [Install a Plugin](/setup/install-plugin/) for more information. - -Administrators can access the Marketplace via **[Administration > Marketplace](/#sonarqube-admin#/admin/marketplace)**. The Marketplace is the place for keeping the pieces of the SonarQube platform up to date. It lets you: - -See - -* The currently installed SonarQube Edition -* Which plugins are installed -* Whether plugin updates are available -* Which other plugins are compatible with your version of SonarQube - -Discover - -* Which other Editions are available, to enable more features - -Install - -* New plugins -* Plugin updates - -To view/install plugin updates, your SonarQube server needs internet access. Installations require the platform to be restarted before they take effect. - -[[info]] -| sonarplugins.com is not endorsed by, affiliated with, maintained, authorized, or sponsored by Sonar. - -## Pending Operations - -When you perform an action in the Marketplace (install, update, or uninstall a plugin), a yellow banner appears at the top of the page showing pending operations that will be executed once SonarQube is restarted. Pending operations can be canceled until the server is restarted. - -## Restart SonarQube -Restarting SonarQube can be done manually from the command line by running `sonar.sh restart`. -In SonarQube Community Edition, you can also restart from the UI, in the Update Center. When you have Pending Changes, the restart button will be displayed in the yellow banner (see Pending Operations). Please note that restarting the server won't reload the changes applied to the **sonar.properties**. - -## Manual Updates -If you're using a commercial edition or your server doesn't have internet access, you won't be able to rely on the Marketplace for plugins, and you will have to handle plugin installations and upgrades manually. - -To see what plugins are available and which version of a plugin is appropriate for your server, use the [plugin version matrix](/instance-administration/plugin-version-matrix/), which is kept up to date with current plugin availability and compatibility. - -To install a plugin, simply download it using the manual download link on the plugin documentation page, place it in `$SONARQUBE_HOME/extensions/plugins`, and restart the server. - -### Stopping the Marketplace from searching for plugin updates -Your SonarQube server needs internet access for the Marketplace to search for plugin updates. If your server doesn't have internet access, you may get errors in your logs when the Marketplace tries to search for new plugins. You can stop this by updating `sonar.updatecenter.activate` in `$SONARQUBE_HOME/conf/sonar.properties`. - -## Which URLs does the Marketplace connect to? -The SonarQube Marketplace connects to https://update.sonarsource.org/ to get the list of plugins. Most of the referenced plugins are downloaded from: -* https://binaries.sonarsource.com/ -* https://github.com/ - -## Using the Marketplace behind a Proxy -Marketplace uses HTTP(S) connections to external servers to provide these services. If SonarQube is located behind a proxy, additional information must be provided in the _$SONARQUBE_HOME/conf/sonar.properties_ configuration file: -``` -http.proxyHost=<your.proxy.host> -http.proxyPort=<yout.proxy.port> - -#If proxy authentication is required -http.proxyUser=<your.proxy.user> -http.proxyPassword=<your.proxy.password> -``` -Note: the same properties can be used in the 'https.' form for HTTPS connections. - -## Deploying to the Marketplace - -If you have developed a SonarQube plugin, you can check out the [requirements](https://community.sonarsource.com/t/deploying-to-the-marketplace/35236) to add it to the marketplace in the [Plugin Development community](https://community.sonarsource.com/c/plugins/15).
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/instance-administration/monitoring.md b/server/sonar-docs/src/pages/instance-administration/monitoring.md deleted file mode 100644 index 3c7cb85c301..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/monitoring.md +++ /dev/null @@ -1,152 +0,0 @@ ---- -title: Monitoring -url: /instance-administration/monitoring/ ---- - -Monitoring your SonarQube instance is key to keeping it healthy and having happy users. - -As a start, you can use this Web API to get an overview of the health of your SonarQube installation: - -* [api/system/health](/#sonarqube-admin#/api/system/health) - -## Java Process Memory - -The SonarQube application server consists of three main Java processes: - -* Compute Engine -* Elasticsearch -* Web (including embedded web server) - -Each of these Java processes has its own memory settings that can be configured in the _$SONARQUBE_HOME/conf/sonar.properties_ file. The default memory settings that ship with SonarQube are fine for most instances. If you are supporting a large SonarQube instance (more than 100 users or more than 5,000,000 lines of code) or an instance that is part of your Continuous Integration pipeline, you should monitor the memory and CPU usage of all three key Java processes on your instance, along with overall disk space. Monitoring will allow you to see if any of the processes is running short of resources and take action ahead of resource shortages. There are numerous monitoring tools available, both open source and commercial, to help you with this task. SonarSource does not recommend or endorse any particular tool. - -## Memory settings - -You may need to increase your memory settings if you see the following symptoms: - -* Your monitoring tools show one or more of the SonarQube processes is reaching its memory limit -* Any of the SonarQube processes crashes and/or generates an out-of-memory error in the sonar.log file -* A SonarQube background task fails with an out-of-memory error in the background task log -* The store size of the Issues index of your Elasticsearch instance (visible in the System Info) is greater than or equal to the memory allocated to the Elasticsearch Java process - -You can increase the maximum memory allocated to the appropriate process by increasing the -Xmx memory setting for the corresponding Java process in your _$SONARQUBE_HOME/conf/sonar.properties_ file: - -Java Process | SonarQube Property | Notes ---- | --- | --- -Compute Engine | sonar.ce.javaOpts -Elasticsearch | sonar.search.javaOpts | It is recommended to set the min and max memory to the same value to prevent the heap from resizing at runtime, which diverts JVM resources and can greatly increase response times of in-flight requests. -Web | sonar.web.javaOpts - -The -Xmx parameter accepts numbers in both megabytes (e.g. -Xmx2048m) and gigabytes (e.g. -Xmx2G). The metric suffix is case-insensitive. - -## Exposed JMX MBeans - -The SonarQube Server offers visibility about what happens internally through the exposure of JMX MBeans. - -In addition to the classical Java MBeans providing information about the ClassLoader, OS, Memory, and Threads you have access to three more MBeans in the SonarQube Server: - -* ComputeEngine -* Database -* SonarQube - -All these MBeans are read-only. It's not possible to modify or reset their values in real time. - -[[collapse]] -| ## ComputeEngineTasks MBean -| Attribute Name | Description -| ---|--- -| ProcessingTime | Measure the time (in ms) spent to process Background Tasks since the last restart of SonarQube. Its value will always increase and will be reset by a restart of SonarQube. This measure is very powerful when combined with SuccessCount and ErrorCount measures to get the average time to handle a Background Task, or when used to understand how much time the SonarQube Server is spending during a day to handle Background Tasks. It gives you an indication of the load on your server. -| ErrorCount | Number of Background Tasks which failed since the last restart of SonarQube -| PendingCount | Number of Background Tasks waiting to be processed since the last restart of SonarQube. This measure is the same for all Compute Engine workers since Background Tasks are waiting in a common queue. -| InProgressCount | Number of Background Tasks currently under processing. Its value is either 1 or 0, since SonarQube can process only one task at a time. -| SuccessCount | Number of Background Tasks successfully processed since the last restart of SonarQube -| WorkerCount | Number of Background Tasks that can be processed at the same time -| PendingTime | Pending time (in ms) of the oldest Background Task waiting to be processed. This measure, together with PendingCount, helps you know if analyses are stacking and taking too long to start processing. This helps you evaluate if it might be worth configuring additional Compute Engine workers (Enterprise Edition) or additional nodes (Data Center Edition) to improve SonarQube performance. -| -| Note: -| * the total number of Background Tasks handled since the last restart of SonarQube is equal to SuccessCount + ErrorCount -| * all values reset to their default values after restarting SonarQube - -[[collapse]] -| ## Database MBean -| ### Same attributes are available for both ComputeEngineServer and WebServer. -| Attribute Name | Description -| ---|--- -| MigrationStatus | Possible values are: UP_TO_DATE, REQUIRES_UPGRADE, REQUIRES_DOWNGRADE, FRESH_INSTALL (only available for WebServer). -| PoolActiveConnections | Number of active database connections -| PoolIdleConnections | Number of database connections waiting to be used -| PoolMaxConnections | Maximum number of active database connections -| PoolTotalConnections | Total number of connections currently in the pool -| PoolMaxWaitMillis | Maximum number of milliseconds that a client will wait for a connection from the pool - -[[collapse]] -| ## SonarQube MBean -| Attribute Name | Description -| ---|--- -| LogLevel | Log Level: INFO, DEBUG, TRACE -| ServerId | SonarQube Server ID -| Version | SonarQube Version - -## How do I Activate JMX? - -### Local Access - -There is nothing to activate to view SonarQube MBeans if your tool is running on the same server as the SonarQube Server. - -### Remote Access - -Here are examples of configuration to activate remote access to JMX MBeans. - -* For the WebServer: -``` -# JMX WEB - 10443/10444 -sonar.web.javaAdditionalOpts=-Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.port=10443 -Dcom.sun.management.jmxremote.rmi.port=10444 -Dcom.sun.management.jmxremote.password.file=/opt/sonarsource/sonar/conf/jmxremote.password -Dcom.sun.management.jmxremote.access.file=/opt/sonarsource/sonar/conf/jmxremote.access -``` - -* For the ComputeEngine: - -There is no specific javaAdditionalOpts entry, simply amend sonar.ce.javaOpts. - -Example of `jmxremote.access`: - -``` -# -# JMX Access Control file -# -reader readonly -admin readwrite \ - create javax.management.monitor.*,javax.management.timer.*,com.sun.management.*,com.oracle.jrockit.* \ - unregister -``` - -Example of `jmxremote.password`: - -``` -# -# JMX Access Password file -# -reader readerpassword -admin adminpassword -``` - -Note: on `jmxremote.password`, you should apply `chmod 600` or `400` for security reasons. - -## Prometheus Monitoring -You can monitor your SonarQube instance using SonarQube's native integration with Prometheus. Through this integration, you can ensure your instance is running properly and know if you need to take action to prevent future issues. - -Prometheus monitors your SonarQube instance by collecting metrics from the `/api/monitoring/metrics` endpoint. Results are returned in OpenMetrics text format. See Prometheus' documentation on [Exposition Formats](https://prometheus.io/docs/instrumenting/exposition_formats/) for more information on the OpenMetrics text format. - -Monitoring through this endpoint requires authentication. You can access the endpoint following ways: - -- **`Authorization:Bearer xxxx` header:** You can use a bearer token during database upgrade and when SonarQube is fully operational. Define the bearer token in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **`X-Sonar-Passcode: xxxxx` header:** You can use `X-Sonar-passcode` during database upgrade and when SonarQube is fully operational. Define `X-Sonar-passcode` in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **username:password and JWT token:** When SonarQube is fully operational, system admins logged in with local or delegated authentication can access the endpoint. - -<!-- static --> - -For more information on deploying SonarQube on Kubernetes: - -- For Community, Developer, and Enterprise Edition, see [Deploy SonarQube on Kubernetes](/setup/sonarqube-on-kubernetes/). -- For Data Center Edition, see [Deploy a SonarQube Cluster on Kubernetes](/setup/sonarqube-cluster-on-kubernetes/). - -<!-- /static --> - diff --git a/server/sonar-docs/src/pages/instance-administration/notifications.md b/server/sonar-docs/src/pages/instance-administration/notifications.md deleted file mode 100644 index a042fbcf2d1..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/notifications.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -title: Notifications -url: /instance-administration/notifications/ ---- -At the end of each analysis, notifications are computed for each subscribed user. Then, asynchronously, these notifications are sent via email. - -To set the frequency with which the notification queue is processed, set `the sonar.notifications.delay` property (in seconds) in _$SONARQUBE_HOME/conf/sonar.properties_. The server must be restarted for the new value to be taken into account. - -## Who gets notifications -Only users who subscribe themselves will get notifications. With only one exception, there is no admin functionality to proactively subscribe another user. If you believe a user should be receiving notifications, then it's time to practice the gentle art of persuasion. - -### The exception - -Notifications will automatically (without user opt-in) be sent to users with Quality Profile Administration rights when built-in quality profiles are updated. These updates can only happen through updating SonarQube or updating a third-party analyzer. This type of notification is on by default, and can be toggled globally in **[Administration > General Settings > General](/#sonarqube-admin#/admin/settings/)**. - -## Email Configuration -To configure the email server, go to **[Administration > General Settings > Email](/#sonarqube-admin#/admin/settings)**. - -Check also the Server base URL property at Administration > General Settings > General to make sure that links in those notification emails will redirect to the right SonarQube server URL. diff --git a/server/sonar-docs/src/pages/instance-administration/plugin-version-matrix.md b/server/sonar-docs/src/pages/instance-administration/plugin-version-matrix.md deleted file mode 100644 index 41fa21b0d26..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/plugin-version-matrix.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -title: Plugin Version Matrix -url: /instance-administration/plugin-version-matrix/ ---- - - = Not compatible - -[Open in a new window](https://update.sonarsource.org/plugins/compatibility-matrix.html) - -<iframe src="https://update.sonarsource.org/plugins/compatibility-matrix.html">Your browser does not support iframes.</iframe> diff --git a/server/sonar-docs/src/pages/instance-administration/project-move.md b/server/sonar-docs/src/pages/instance-administration/project-move.md deleted file mode 100644 index c324483b317..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/project-move.md +++ /dev/null @@ -1,60 +0,0 @@ ---- -title: Project Move -url: /instance-administration/project-move/ ---- - -Project Move allows you to export a project from one SonarQube instance and import it into another SonarQube instance. To use Project Move, you must have the Administer permission on the project in the source instance, and access to the file systems of both instances. - -## When to use Project Move -Project Move can help you with the following situations: - -* You want to create a central SonarQube instance at the enterprise level and you want to keep the history created on instances used previously at the team level. -* You want to consolidate your editions and move projects from a Community Edition instance to an [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) instance or [above](https://redirect.sonarsource.com/editions/editions.html). -* Your company is acquiring another company that already has a central SonarQube instance. -* You are at a large company with several SonarQube instances and an application is transferred from one team to another. - -## Prerequisites -To export your project's data from the source instance and then load it on the target instance, make sure the following are true. - -The _target_ instance must: - -* Be [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) or [above](https://redirect.sonarsource.com/editions/editions.html). -* Contain all of the plugins with the same versions as the source instance. - -[[info]] -|The target instance can have additional plugins and languages that aren't in the source instance, but not the other way around. If your source instance has plugins that aren't in your target instance, either remove them and reanalyze your project or add them to your target instance. - -Both _source_ and _target_ instances must have: - -* The exact same SonarQube version -* The same custom metrics -* The same custom rules - -## How to export -_Your source instance can be Community Edition or above, but cannot have plugins or languages that are not in the target instance._ - -On the source instance: -1. Review the branches of the project by navigating to **Project Settings > Branches & Pull Requests** and enable the **Keep when inactive** button for each branch you want to keep. Note that Pull Requests are not saved when exporting a project. -2. Reanalyze the project one last time for each branch that has enabled **Keep when inactive** option to make sure it is populated with data corresponding to your current SonarQube installation. -3. Navigate to the project and at the project level, choose **Project Settings > Import / Export**. -4. Click on the **Export** button to generate a zip file containing the settings and history of your Project (but not the source code). Note that if you need to change the Project's key, you must do it before performing the export. - -A zip file containing all project data is generated in `$SONAR_SOURCE_HOME/data/governance/project_dumps/export` named `<project_key>.zip`. - -## How to import -_Your target instance must be [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) or [above](https://redirect.sonarsource.com/editions/editions.html)._ - -On the target instance: - -1. With a user having the "Administer System" and "Create Projects" permissions, go to [**Administration > Projects > Management**](/#sonarqube-admin#/admin/projects_management/) and [provision the project](/project-administration/project-existence/) using the same key the project had in the source instance. -2. Configure the Project's permissions and the Quality Profiles and Quality Gate associated with the Project. -3. Put the generated zip file into the directory `$SONAR_TARGET_HOME/data/governance/project_dumps/import`. You need to create the `governance/project_dumps/import` folders the first time. -4. Go to the Project's Home Page and choose **Project Settings > Import / Export**. -5. Click on the **Import** button to start importing your data. -6. Source code is not included in the zip file. Once the import is finished, trigger an analysis to import source files into the new instance. - -Notes: - -* If the import is successful, the zip file will automatically be deleted. -* It is not possible to import a project that has been already analyzed on the target instance. -* Security reports in an imported project will be empty until an analysis has run. diff --git a/server/sonar-docs/src/pages/instance-administration/quality-profiles.md b/server/sonar-docs/src/pages/instance-administration/quality-profiles.md deleted file mode 100644 index 0321f9a8536..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/quality-profiles.md +++ /dev/null @@ -1,169 +0,0 @@ ---- -title: Quality Profiles -url: /instance-administration/quality-profiles/ ---- - -Quality profiles are a key part of your SonarQube configuration. -They define the set of [rules](/user-guide/rules/) to be applied during code analysis. - -Every project has a quality profile set for each supported language. -When a project is analyzed, SonarQube determines which languages are used and uses the active quality profile for each of those languages in that specific project. - -Go to **Quality Profiles** to see all the currently defined profiles grouped by language. - - -## Built-in and default profiles - -SonarQube comes with a built-in quality profile defined for each supported language, called the **Sonar way** profile (it is marked with the **BUILT-IN** tag in the interface). -The **Sonar way** activates a set of rules that should be applicable to most projects. - -In a newly set up instance, the **Sonar way** profile is the default for every language (marked with the **DEFAULT** tag in the interface). -The default profile is used for that language if no other profile is explicitly defined at the project level. -The default profile for a given language can be changed. - - -## Customizing a quality profile - -The **Sonar way** profile is designed to be broadly suitable for most projects, but it is intended only as a starting point. -In most cases, you will want to adjust your profile as the project progresses. - -If you have multiple projects, you might also need to have different profiles for each. -You might run into the following situations - -* You have different technical requirements from one project to another. -* You want to ensure stronger requirements for some of your projects than for others. - -New profiles can be created in two ways: - -1. Copying an existing profile and adjusting the copy. -1. Extending an existing profile. - - -### Copying a quality profile - -When you copy a profile, you clone all activated rules of the original. -From here, you independently activate or deactivate rules to fit your needs; your new profile won't inherit changes made to the original profile. - -Follow these steps to copy a profile - -1. Go to the page of the profile you want to copy (**Quality Profiles** > *profile name*). -1. Select **Copy** from the  menu in the upper-right corner of the page. -1. Give your new profile a name and select **Copy**. -1. Modify the copy as needed. - - -### Extending a quality profile - -When you extend a profile, you create a child profile that inherits all the _activated_ rules in the parent profile. -You can then activate additional rules in the child, beyond those that are inherited. -However, you cannot de-activate rules that are activated in the parent. -In other words, extension works by adding rules to the child profile. - -Follow these steps to extend a profile: - -1. Create a base profile with your core set of rules by selecting the **Create** button on the Quality Profiles page, or use an existing profile as a base profile. -1. Find your base profile (**Quality Profiles** > *profile name*) and select **Extend** from the  menu. -1. After giving your new profile a name, SonarQube opens your new profile page. -1. Below the **Rules** table, select **Activate More** to add rules to your extended profile. -1. From the **Inheritance** table, you can see the hierarchy of inheritance for your profile, and you can change the parent profile by selecting **Change Parent**. - -Your new profile has all of the activated rules from the profile you copied, but you can activate or deactivate any rules from the **Rules** table by selecting the numbers in the **Active** and **Inactive** columns. - - -### Differences between copying and extending - -The key differences between an extension of a profile and a copy are: - -* With an extension, you can only activate rules that are deactivated in the parent. - With a copy, you can activate or de-activate any rules you like. -* With an extension, any changes made to the parent will be automatically reflected in the child. - This includes rules activated in the parent, rules deactivated in the parent, and new rules added to the parent by Sonar. - With a copy, changes are not propagated because the copy is entirely independent. - -Copied profiles are typically used to establish a new common profile that you want full control over and that can serve as the base profile for all your projects. -Extension is typically used to provide customized profiles for projects which all follow a common base set of rules, but where each also requires different additional ones. - - -## Quality profile permissions - -By default, only users with the global **Administer Quality Profiles** permission can edit quality profiles. -User permissions are defined at **Administration** > **Security** > **Global Permissions**. - -SonarQube also allows users with the global **Administer Quality Profiles** permission to give an expert or group of experts permission to manage a specific profile. -These experts only have permission for that specific profile. - -Permissions can be granted to manage specific quality profiles on that profile's page (**Quality Profiles** > *profile name*) under **Permissions** by selecting **Grant permissions to more users**. - - -## Comparing two quality profiles - -You can compare the activated rules between two quality profiles. -This is especially useful when you're using a quality profile copied from another profile because you won't automatically inherit new rules added to the original quality profile. - -To compare two profiles: - -1. From the **Quality Profiles** page, select the name of the first profile you'd like to compare. -1. Select **Compare** from the  menu. -1. Select the second profile you'd like to compare from the **Compare with** drop-down menu. - -From here you can push rules between the two profiles using the  buttons. - - -## Finding out what has changed in a quality profile - -When SonarQube notices that an analysis was performed with a quality profile that is different in some way from the previous analysis, a _quality profile event_ is added to the project's event log. -To see the changes in a profile, navigate to the profile (**Quality Profiles** > *profile name*) and choose **Changelog**. -This can help you understand how profile changes impact the issues raised in an analysis. - -Additionally, users with the **Administer Quality Profile** privilege are notified by email each time a built-in profile is updated. -These updates can be caused by updating SonarQube or updating third-party analyzers. - - -## Importing a quality profile from another SonarQube instance - -To import a profile from another SonarQube instance, do the following: - -1. From the source SonarQube instance, open the quality profile you want to use. -1. Select **Back up** from the  menu. - This exports the profile as an XML file. -1. From the target SonarQube instance, select the **Restore** button on the **Quality Profiles** main page. -1. Choose the XML file that you exported previously, and select **Restore**. - - -## Applying profiles to projects - -One profile for each language is marked as the default. -Barring any other intervention, all projects that use that language will be analyzed with that profile. -To have a project analyzed by a non-default profile instead, start from **Quality Profiles**, and navigate to your target profile, then use the **Projects** part of the interface to manage which projects are explicitly assigned to that profile. - - -## Ensuring your quality profile has all relevant new rules - -Each time a new SonarQube version is released, new rules are added. -New rules won't appear automatically in your profile unless you're using a built-in profile or a profile extended from a built-in profile. - -If you're not using a built-in profile, you can compare your profile to the built-in profile to see which rules you're missing. - -Another option is to go to the **Rules** page in SonarQube and use the **Available Since** search facet to see what rules have been added to the platform since the day you upgraded. - -And finally, the **Quality Profiles** main page shows recently added rules in the **Recently Added Rules** section on the right side of the page. - - -## Avoiding deprecated rules - -The **Deprecated Rules** section of the **Quality Profiles** page has a pink background and is your first warning that a profile contains deprecated rules. -This section gives the total number of instances of deprecated rule(s) that are currently active in each Quality Profile, and provides a breakdown of deprecated rule(s) per profile. -Selecting the **Deprecated Rules** section takes you either to the **Rules** page or to the relevant Quality Profile to investigate further. - -Alternatively, you can perform a **Rules** search for the rules in a profile and use the **Status** rule search facet (in the left sidebar) to narrow the list to the ones that need attention. - - -## Security - -The **Quality Profiles** page can be accessed by any user (even anonymous users). -All users can view every aspect of any profile. -That means anyone can see which rules are included in a profile, which rules have been left out, how a profile has changed over time, and compare the rules between any two profiles. - -To create, edit, or delete a profile, a user must be granted the **Administer Quality Profiles** permission. - -A project administrator can choose which profiles their project is associated with. diff --git a/server/sonar-docs/src/pages/instance-administration/security.md b/server/sonar-docs/src/pages/instance-administration/security.md deleted file mode 100644 index 446ab62bc56..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/security.md +++ /dev/null @@ -1,225 +0,0 @@ ---- -title: Security -url: /instance-administration/security/ ---- - -## Overview - -SonarQube comes with a number of global security features: - -* on-board authentication and authorization mechanisms -* the ability to force users to authenticate before they can see any part of a SonarQube instance -* the ability to delegate to authentication (for more see [Authentication](/instance-administration/authentication/overview/)) - -Additionally, you can configure at a group or user level who can: -* see that a project even exists -* access a project's source code -* administer a project (set exclusion patterns, tune plugin configuration for that project, etc.) -* administer Quality Profiles, Quality Gates, and the SonarQube instance itself. - -Another aspect of security is the encryption of settings such as passwords. SonarQube provides a built-in mechanism to encrypt settings. - -## Authentication - -By default, SonarQube forces user authentication. You can disable forced user authentication, and allow anonymous users to browse projects and run analyses in your instance. To do this, log in as a system administrator, go to **[Administration > Configuration > General Settings > Security](/#sonarqube-admin#/admin/settings?category=security)**, and disable the **Force user authentication** property. - -[[warning]] -| Disabling the **Force user authentication** can expose your SonarQube instance to security risks. We strongly recommend forcing user authentication on production instances or carefully configuring the security (user permissions, project visibility, etc.) on your instance. - -### API Endpoints Authentication - -If the **Force user authentication** property is set to false, the following API endpoints are accessible **without authentication** (click **API endpoints** below to expand the list): - -[[collapse]] -| ## API endpoints -| -| * api/components/search -| * api/issues/tags -| * api/languages/list -| * api/metrics/domains -| * api/metrics/search -| * api/metrics/types -| * api/plugins/installed -| * api/project_tags/search -| * api/qualitygates/list -| * api/qualitygates/search -| * api/qualitygates/show -| * api/qualityprofiles/backup -| * api/qualityprofiles/changelog -| * api/qualityprofiles/export -| * api/qualityprofiles/exporters -| * api/qualityprofiles/importers -| * api/qualityprofiles/inheritance -| * api/qualityprofiles/projects -| * api/qualityprofiles/search -| * api/rules/repositories -| * api/rules/search -| * api/rules/show -| * api/rules/tags -| * api/server/version -| * api/settings/login_message -| * api/sources/scm (for public repositories) -| * api/sources/show (for public repositories) -| * api/system/db_migration_status -| * api/system/migrate_db -| * api/system/ping -| * api/system/status -| * api/system/upgrades -| * api/users/search -| * api/webservices/list -| * api/webservices/response_example - -We advise keeping **Force user authentication** enabled if you have your SonarQube instance publicly accessible. - -### Authentication Mechanisms -Authentication can be managed through a number of mechanisms: - -* Via the SonarQube built-in users/groups database -* Via external identity providers such as an LDAP server (including LDAP Service of Active Directory), GitHub etc. See the Authentication & Authorization section of the Plugin Library. -* Via HTTP headers - -### Technical Users -When you create a user in SonarQube's own database, it is considered local and will only be authenticated against SonarQube's own user/group database rather than against any external tool (LDAP, Active Directory, Crowd, etc.). By default `admin` is a local account. - -Similarly, all non-local accounts will be authenticated only against the external tool. - -An Administrator can manage tokens on a user's behalf via **[Administration > Security > Users](/#sonarqube-admin#/admin/users)**. From here, click in the user's **Tokens** column to see the user's existing tokens, and either revoke existing tokens or generate new ones. -An Administrator can only create [user tokens](/user-guide/user-token/) on behalf of another user. -Once established, a token is the only credential needed to run an analysis. Tokens should be passed as the value of the `sonar.login` property. - -See the [Authentication overview](/instance-administration/authentication/overview/) for details on - - * revoking tokens for deactivated users. - * deleting personal user information. - -### Token Maximum Lifetime - -*The ability to configure a maximum lifetime for tokens is available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html).* - -An Administrator can define a maximum lifetime for any *newly* generated token. Non-administrator users can also set a time-to-live, as long as it is less than or equal to the maximum lifetime set by the administrator. Tokens generated after updating this setting will expire either at the maximum lifetime set by the administrator or at the time set by the user, whichever comes first. See [Generating and Using Tokens](/user-guide/user-token/) documentation for more information. - -**Important note:** Updating this setting does *not* affect any existing tokens. It will only impact newly generated tokens. - -### Default Admin Credentials -When installing SonarQube, a default user with Administer System permission is created automatically: - -* Login: admin -* Password: admin - -## Reinstating Admin Access - -If you've deleted `admin` and subsequently locked out the other users with global administrative permissions, you'll need to re-grant `admin` to a user with the following query: -``` -INSERT INTO user_roles(uuid, user_uuid, role) -VALUES ('random-uuid', -(select uuid from users where login='mylogin'), -'admin'); -``` - -If you changed and then lost the `admin` password, you can reset it using the following query, depending on the database engine: - -### PostgreSQL and Microsoft SQL Server -``` -update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password='true', user_local='true' where login='admin'; -``` -### Oracle -``` -update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password=1, user_local=1 where login='admin'; -``` - -## Authorization -The way authorization is implemented in SonarQube is pretty standard. It is possible to create as many users and groups of users as needed. The users can then be attached (or not) to (multiple) groups. Groups and/or users are then given (multiple) permissions. The permissions grant access to projects, services, and functionalities. - -To administer groups and users, choose **Administration > Security**, and use the sub-menu items. - -### User -Multiple integrations that allow the delegation of authentication are available (see the [Plugin Version Matrix](/instance-administration/plugin-version-matrix/)), but you can manually create and edit users at **[Settings > Security > Users](/#sonarqube-admin#/admin/users)**. For manually-created users, login and password can be set at creation. Manually-created users can edit their passwords. - -During both user creation and edit, you can set an account's screen name, email address. User login and email address will be implicitly recognized by the Issue Assignment feature as SCM accounts if applicable, but you can set additional SCM accounts explicitly. - -### Group -A group is a set of users. - -To administer groups, go to **[Administration > Security > Groups](/#sonarqube-admin#/admin/groups)**. - -To edit the membership of a group, click the icon next to the membership total. - -Two groups have a special meaning: - -* **Anyone** is a group that exists in the system, but that cannot be managed. Every user belongs to this group, including anonymous users. -* **sonar-users** is the default group to which users are automatically added. - -### Global Permissions -To set global permissions, log in as a System administrator and go to **[Administration > Security > Global Permissions](/#sonarqube-admin#/admin/permissions)**. - -* **Administer System**: All administration functions for the instance: global configuration. -* **Administer Quality Profiles**: Any action on Quality Profiles, including delegating permissions to specific Quality Profiles. -* **Administer Quality Gates**: Any action on Quality Gates, including delegating permissions to specific Quality Gates. -* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings but excludes secured settings like passwords. -* **Create Projects**: Initialize the structure of a new project before its first analysis. This permission is also required when doing the very first analysis of a project that has not already been created via the GUI. * ** -* **Create Applications**: Create a new Application. * ** -* **Create Portfolios**: Create a new Portfolio. * ** - -\* Users with any explicit create permission will see a "+" item in the top menu giving access to these functions. If these permissions are removed from global administrators, they will lose quick access to them via the "+" menu, **but retain access to creation** via the **Administration** menu. - -** Creating an item does not automatically grant rights to administer it. For that, see _Creators permission_ below. - -### Project Permissions -Project permissions are available from the project-level Administration menu: **Project Settings > Permissions**. - -Project visibility may be toggled between public or private. Making a project private hides its source code and measures from the `Anyone` group. For both public and private projects, four different permissions can be set: - -* **Administer Issues**: Change the type and severity of issues, resolve issues as being "Won't Fix" or "False Positive" (users also need "Browse" permission). -* **Administer Security Hotspots**: Change the status of a Security Hotspot. -* **Administer**: Access project settings and perform administration tasks (users also need "Browse" permission). - By default, a user with this **Administer** permission can manage both configuration and permissions for the current project. To only allow project administrators to update the project configuration, go to **[Administration > Configuration > General Settings > Security](/#sonarqube-admin#/admin/settings?category=security)** and disable the **Enable permission management for project administrators** property. -* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings but excludes secured settings like passwords. - -Private projects have two additional permissions: -* **Browse**: Access a project; browse its measures, issues, and Security Hotspots; perform some issue edits (confirm/resolve/reopen, assignment, comment); comment on or change the user assigned to a Security Hotspot. -* **See Source Code**: View the project's source code. - -Note that permissions _are not_ cumulative. For instance, if you want to be able to administer the project, you also have to be granted the Browse permission to be able to access the project (which is the default for public projects). - -You can either manually grant permissions for each project to some users and groups or apply permission templates to projects. - -## Permission Templates for Default Permissions -SonarQube ships with a default permissions template, which automatically grants specific permissions to certain groups when a project, portfolio, or application is created. It is possible to edit this template and to create additional templates. A separate template can be set for each type of resource. Further, for projects, you can have a template apply only to a subset of new projects using a project key regular expression (the template's **Project Key Pattern**). By default, every new project with a key that matches the supplied pattern will have the template's permissions applied. - -Templates are empty immediately after creation. Clicking on the template name will take you to its permission editing interface. - -Templates are administered through **[Administration > Security > Permission Templates](/#sonarqube-admin#/admin/permission_templates)**. - -### Creators permissions -**Creators** is a special group that appears only in the permission template editing interface. Any permissions assigned to this group will at the time of project/portfolio/application creation be granted to the single user account used to create the project. This allows SonarQube administrators to let users autonomously create and administer their own projects. - -While templates can be applied after project creation, applying a template that includes "Creators" permissions to an existing project/portfolio/application will not grant the relevant permissions to the project's original creator because that association is not stored. - -### Reset project permissions to a template -To apply permission templates to projects go to **[Administration > Projects > Management](/#sonarqube-admin#/admin/projects_management)**. You can either apply a template to a specific project using the project-specific **Actions > Apply Permission Template** option or use the Bulk Apply Permission Template to apply a template to all selected projects. - -Note that there is no relation between a project and a permission template, meaning that: -* the permissions of a project can be modified after a permission template has been applied to this project -* none of the project permissions is changed when a permission template is modified - -## Settings Encryption -Encryption is mostly used to remove clear passwords from settings (database or SCM credentials for instance). The implemented solution is based on a symmetric key algorithm. The key point is that the secret key is stored in a secured file on disk. This file must be owned by and readable only by the system account that runs the SonarQube server. - -The encryption algorithm used is AES with 256 bit keys. - -1. **Generate the secret key** -A unique secret key must be shared between all parts of the SonarQube infrastructure. To generate it, go to **[Administration > Configuration > Encryption](/#sonarqube-admin#/admin/settings/encryption)** and click on Generate Secret Key. -1. **Store the secret key on the SonarQube server** - * Copy the generated secret key to a file on the machine hosting the SonarQube server. The default location is _~/.sonar/sonar-secret.txt_. If you want to store it somewhere else, set its path through the `sonar.secretKeyPath` property in _$SONARQUBE_HOME/conf/sonar.properties_ - * Restrict file permissions to the account running the SonarQube server (ownership and read-access only). - * Restart your SonarQube server -1. **Generate the encrypted values of your settings** -Go back to **[Administration > Configuration > Encryption](/#sonarqube-admin#/admin/settings/encryption)** and use the form that has been added to the interface to generated encrypted versions of your values. - -1. **Use the encrypted values in your SonarQube server configuration** -Encrypted values can either be set in SonarQube or copied into _$SONARQUBE_HOME/conf/sonar.properties_: - ``` - sonar.jdbc.password={aes-gcm}CCGCFg4Xpm6r+PiJb1Swfg== # Encrypted DB password - ... - sonar.secretKeyPath=C:/path/to/my/secure/location/my_secret_key.txt - ``` diff --git a/server/sonar-docs/src/pages/instance-administration/system-info.md b/server/sonar-docs/src/pages/instance-administration/system-info.md deleted file mode 100644 index 675e9e8e1aa..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/system-info.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: Server Logs & System Info -url: /instance-administration/system-info/ ---- - -The System Info page is found at **[Administration > System](/#sonarqube-admin#/admin/system)**. It gives you access to detailed information on the state of your SonarQube instance. - -## System Info - -You can browse details about your running instance on this page. - -### Download - -Additionally, if you have a Support contract, you might be asked by a Support representative to send in your System Info, which can be downloaded from the page **[Administration > System](/#sonarqube-admin#/admin/system)** using the **"Download System Info"** button at the top. - -### Server Id -Your server id can be obtained from this page by expanding the **System** section. If you're running a commercial instance, you can also find this value on the License page (**[Administration > Configuration > License Manager](/#sonarqube-admin#/admin/extension/license/app)**) - -## Logs -Server-side logging is controlled by properties set in _$SONARQUBE_HOME/conf/sonar.properties_. The standard output of SonarQube logs can be converted to Json with the environment variable `SONAR_LOG_JSONOUTPUT=true`. A configuration of the log format is currently not possible. - -Four logs files are created: one per SonarQube process. - -### Log Level -The server-side log level can be customized via the `sonar.log.level` property. Supported values are: - -* **`INFO`** - the default -* **`DEBUG`** - for advanced logs. -* **`TRACE`** - show advanced logs and all SQL and Elasticsearch requests. `TRACE` level logging slows down the server environment, and should be used only for tracking web request performance problems. - -### Log Level by Process -The server-side log level can be adjusted more precisely for the four processes of SonarQube Server via the following properties: - -* **`sonar.log.level.app`** - for the Main process of SonarQube (aka WrapperSimpleApp, the bootstrapper process starting the 3 others) -* **`sonar.log.level.web`** - for the WebServer -* **`sonar.log.level.ce`** - for the ComputeEngineServer -* **`sonar.log.level.es`** - for the SearchServer - -### Log Rotation -To control log rolling, use the `sonar.log.rollingPolicy`. - -* **`time:[value]`** - for time-based rotation. For example, use `time:yyyy-MM-dd` for daily rotation, and * `time:yyyy-MM` for monthly rotation. -* **`size:[value]`** - for size-based rotation. For example, `size:10MB`. -* **`none`** - for no rotation. Typically this would be used when logs are handled by an external system like logrotate. - -`sonar.log.maxFiles` is the maximum number of files to keep. This property is ignored if `sonar.log.rollingPolicy=none`. - -### UI Access to Logs and Log Levels - -The System Info page gives you the ability to download your instance's current log files (log files rotate on a regular basis), and to tune the log level via controls at the top of the page. Changes made here are temporary, and last only until the next time the instance is restarted, at which point the level will be reset to the more permanent value set in _$SONARQUBE_HOME/conf/sonar.properties_. Regardless, if you change your log level _from_ `INFO`, be certain to change it back as soon as it is practical; log files can get very large very quickly at lower log levels. - -## Total Lines of Code -The number of Lines of Code (for licensing purposes) in an instance can be found in the **System** section of the System Info page on, and on the License page (**[Administration > Configuration > License Manager](/#sonarqube-admin#/admin/extension/license/app)** in commercial editions. - -If you're on a commercial edition and using Branch or PR analysis, rest assured that only lines from the single largest branch in a project are considered for licensing purposes. The Lines of Code in the rest of the branches are ignored. diff --git a/server/sonar-docs/src/pages/instance-administration/telemetry.md b/server/sonar-docs/src/pages/instance-administration/telemetry.md deleted file mode 100644 index 08da8150195..00000000000 --- a/server/sonar-docs/src/pages/instance-administration/telemetry.md +++ /dev/null @@ -1,151 +0,0 @@ ---- -title: Telemetry -url: /instance-administration/telemetry/ ---- - -Your SonarQube installation sends telemetry data to SonarSource daily. -This data helps us understand how SonarQube is used, which helps us improve our products. - - -## No personally identifiable information is sent - -The telemetry feature only sends anonymized, non-project-specific data related to which features of the product are being used. - -Personal data, such as usernames or email addresses, is never sent. Neither is source code nor any project-specific data such as project name, repository, or author is ever sent. No IP addresses are ever sent. - -The data is sent securely, held under restricted access, and not published outside of SonarSource. - -Protecting your privacy is important to us. -If you have any concerns about telemetry data collection, please email us at `security@sonarsource.com`. - - -## Turning it off - -You can disable telemetry at any time by setting the `sonar.telemetry.enabled` property to `false` in `$SONARQUBE_HOME/conf/sonar.properties`. -By default, it is set to `true`. - - -## What information is sent? - -Once a day (every 24 hours), SonarQube sends a `JSON` payload to `https://telemetry.sonarsource.com/sonarqube`. - -The data that is sent consists of: - -* Anonymized information about the SonarQube instance (version, license type, edition, database type, etc.) -* Anonymized information about each project on the instance, consisting of: - * A technical identifier that does not reveal any project-specific details. - * Information about the project like language, last analysis time, number of lines of code, etc. -* Anonymized information about each user on the instance, consisting of: - * A technical identifier that does not reveal any personal information about the user. - * Information about the user's usage of the instance like last activity time and current status. - -Here is an example of a telemetry payload: - -``` -{ - "id": "ABB010CE-AVcdRncGX_RgEGt_NVoS", - "version": "9.7.0.59880", - "edition": "datacenter", - "licenseType": "PRODUCTION", - "database": { - "name": "PostgreSQL", - "version": "12.8" - }, - "plugins": [{ - "name": "iac", - "version": "1.10.0.2310" - }, - { - "name": "plsql", - "version": "3.7.0.4372" - }, - ], - "installationDate": "2022-02-01T09:12:32+0000", - "docker": true, - "users": [{ - "userUuid": "UI9126NM8DFghgCCDUI9", - "status": "active", - "lastActivity": "2022-03-22T13:18:56+0000", - "identityProvider": "github" - }, - { - "userUuid": "YY456Uio878YHOJOM891", - "status": "active", - "lastActivity": "2022-09-06T14:08:46+0000" - "identityProvider": "sonarqube" - }, - { - "userUuid": "G5GH76gb65F69Jygf789", - "status": "active", - "lastActivity": "2022-09-07T00:28:14+0000", - "lastSonarlintActivity": "2022-09-07T00:28:14+0000", - "identityProvider": "SAML" - }, - { - "userUuid": "AG7HK457TYITdsYIH67Y", - "status": "inactive", - "identityProvider": "sonarqube" - } - ], - "projects": [ - { - "projectUuid": "AV8WJCz7leTHsONfkGE1", - "lastAnalysis": "2022-04-14T07:39:45+0000", - "language": "css", - "loc": 9722 - }, - { - "projectUuid": "AV8WJCz7leTHsONfkGE1", - "lastAnalysis": "2022-04-14T07:39:45+0000", - "language": "js", - "loc": 251210 - }, - { - "projectUuid": "AWHotC4Cb9YxAwKuZDEk", - "lastAnalysis": "2022-09-05T15:04:31+0000", - "language": "java", - "loc": 462 - }, - { - "projectUuid": "AYAYr6o1Mi128diYBjFX", - "lastAnalysis": "2022-09-05T15:04:31+0000", - "language": "ts", - "loc": 5835 - } - ], - "projects-general-stats": [ - { - "projectUuid": "AV8WJCz7leTHsONfkGE1", - "branchCount": 1, - "pullRequestCount": 0, - "scm": "git", - "ci": "GitLab CI", - "devopsPlatform": "gitlab_cloud", - "hasUnanalyzedC": "true", - "hasUnanalyzedCpp": "false" - }, - { - "projectUuid": "AWHotC4Cb9YxAwKuZDEk", - "branchCount": 1, - "pullRequestCount": 8, - "scm": "git", - "ci": "Azure DevOps", - "devopsPlatform": "azure_devops_cloud", - "hasUnanalyzedC": "false", - "hasUnanalyzedCpp": "true" - }, - { - "projectUuid": "AYAYr6o1Mi128diYBjFX", - "branchCount": 1, - "pullRequestCount": 0, - "scm": "git", - "ci": "Github Actions", - "devopsPlatform": "github_cloud", - "hasUnanalyzedC": "false", - "hasUnanalyzedCpp": "false" - }, - ], - "timestamp": "2022-09-07T01:15:23.901Z", - "type": "ping" -} -``` diff --git a/server/sonar-docs/src/pages/project-administration/managing-application.md b/server/sonar-docs/src/pages/project-administration/managing-application.md deleted file mode 100644 index 0ad9e59283a..00000000000 --- a/server/sonar-docs/src/pages/project-administration/managing-application.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: Managing Applications -url: /project-administration/managing-applications/ ---- - -*Applications are available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html).* - -## Permissions - -### Creating Applications -Both users with the Create Applications permission and global administrators can create Applications: - -* **Create Applications permission** – Users with the Create Applications permission (granted at the global level at **Administration > Security > Global Permissions**) can create Applications by clicking the **Create Application** button in the upper-right corner of the Projects homepage. -* **Global Administrators** – In addition to creating Applications from the Projects homepage, global administrators (with the global Administer System permission granted at [**Administration > Security > Global Permissions**](/#sonarqube-admin#/admin/permissions)) can create Applications from the overall Portfolio administration interface at **Administration > Configuration > Portfolios**. - -### Editing Applications -Users need to have either **Administer** permissions for any Applications that they want to edit (set on the specific Application's page at **Application Settings > Permissions**) or the global **Administer System** permission. - -[[info]] -| Users with **Administer** permissions for an Application can see the list of projects that make up the Application even if they don't have browse permissions for those projects. - -## Populating Applications -Once your Application exists, you can populate it with manually-selected projects. By default, the configuration interface shows the list of projects currently selected for the application. To add additional projects, choose the "Unselected" or "All" filter. - -## Creating Application Branches -Once your Application is populated with projects, you can create application branches by choosing branches from the Application's component projects. This option is available in the Application's **Application Settings > Edit Definition** interface, or from the global administration interface. - -## Calculation -By default, Applications are queued to be recalculated after each analysis of an included project. For each relevant Application, a “Background Task” is created, and you can follow the progress on each in the **[Administration > Projects > Background Tasks](/#sonarqube-admin#/admin/background_tasks)** by looking at the logs available for each item. - -## Reindexing -During Elasticsearch reindexing due to disaster recovery or upgrading, Applications become available as they are indexed.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/project-administration/managing-portfolios.md b/server/sonar-docs/src/pages/project-administration/managing-portfolios.md deleted file mode 100644 index 5c25069c305..00000000000 --- a/server/sonar-docs/src/pages/project-administration/managing-portfolios.md +++ /dev/null @@ -1,81 +0,0 @@ ---- -title: Managing Portfolios -url: /project-administration/managing-portfolios/ ---- - -*Portfolios are available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html).* - -This page has information on managing and setting up Portfolios. For a general overview of Portfolios, see the [Portfolios](/user-guide/portfolios/) page in the User Guide. - -## Permissions - -### Creating Portfolios -Users with the Create Portfolios permission and global administrators can create Portfolios: - -* **Create Portfolios permission** – Users with the Create Portfolios permission (granted at the global level at **Administration > Security > Global Permissions**) can create Portfolios by clicking the **Create Portfolio** button in the upper-right corner of the Portfolios homepage. -* **Global Administrators** – In addition to creating Portfolios from the Portfolios homepage, global administrators (with the global Administer System permission granted at [**Administration > Security > Global Permissions**](/#sonarqube-admin#/admin/permissions)) create portfolios from the overall Portfolio administration interface at **Administration > Configuration > Portfolios**. - -### Editing Portfolios -Users need to have either **Administer** permissions for any Portfolios that they want to edit or the global **Administer System** permission. - -[[info]] -|Giving a user **Administer** permission to an existing portfolio that was created using manual selection allows that user to see all project names and keys for the projects in the Portfolio, even if the user doesn't have access to those projects. - -## Populating Portfolios -After you've created a portfolio, you can populate it with projects, applications, and other portfolios. - -[[info]] -|**Uniqueness in portfolios**<br/><br/> -|Project branches, applications, and portfolios can only appear once in any given hierarchy in order to avoid magnifying their impacts on aggregated ratings. The portfolio configuration interface has some logic to prevent obvious duplications (such as manually adding the same project). However, in case of more subtle duplications (for example, due to regular expression or other bulk definition), the calculation of that portfolio will fail with a helpful error message. - -### Adding another Portfolio to a Portfolio -To add another Portfolio to your Portfolio, from **[Administration > Configuration > Portfolios](/#sonarqube-admin#/admin/extension/governance/views_console)** click the **Add Portfolio** button at the top of the third column, and choose: - -* **Standard** - This option allows you to create a new Portfolio from scratch and add it to the currently selected Portfolio. Once created, you can add projects, applications, and more layers of portfolios. -* **Local Reference** - This option allows you to reference an existing Portfolio in the currently selected Portfolio. Once added, it is not editable here, but must be chosen in the left-most column to be edited. - -### Adding a project to a Portfolio -To add projects to a Portfolio, navigate to the Portfolio you want to add a project to. Select **Edit Definition** from **Portfolio Settings**. Click the pencil icon next to **Project selection mode**, and select one of the following options: - -* **Manual** – choose the projects individually. -* **Tags** - select one or more project tags. Projects with those tags will automatically be included in the Portfolio. -* **Regular Expression** – specify a regular expression and projects with a matching name OR key will be included. -* **All Projects** – choose this option to add all projects not already included in this Portfolio (directly or via -Portfolio). - -By default, adding a project to a portfolio shows the analysis of the project's main branch. See the following section if you want to select a non-main branch or multiple branches for your project. - -#### **Selecting specific project branches for your portfolio** -In some situations, you may want to either monitor a project branch that's not your main branch or multiple project branches. For example: - -* Your project has multiple release branches, and you want to monitor them all in a Portfolio. -* Your project's main branch isn't your release branch, and you want to monitor your release branch in your Portfolio. - -To specify a project branch or branches to monitor in your portfolios, you can do the following: - -* **Manual** – You can use manual selection to select one or multiple project branches. To do this: - 1. From the Portfolio you want to edit, go to **Portfolio Settings > Edit Definition**. - 2. Click the pencil icon next to the **Project selection mode**, set **Manual** as your **Project Selection Mode**, and click **Save**. - 3. click the pencil icon next to the project you want to monitor. - 4. Select the branches you want to monitor. If you don't select a branch, the main branch is selected by default. - -* **Tags, Regular Expressions, All Remaining Projects** – To specify a branch to monitor in your portfolios using the tags, regular expressions, or all remaining projects options, do the following: - 1. From the Portfolio you want to edit, go to **Portfolio Settings > Edit Definition**. - 2. Click the pencil icon next to the **Project selection mode**, and select your desired **Project Selection Mode**. - 3. Enter the name of the branch you want to monitor in the **Branch selection** field, and click **Save**. - -### Adding Applications to a Portfolio -To add an Application to a Portfolio, make sure your Application is [already created](/user-guide/applications/). Then: - -1. Navigate to the Portfolios configuration page by going to **[Administration > Configuration > Portfolios](/#sonarqube-admin#/admin/extension/governance/views_console/)**. -2. Select the Portfolio where you want to add your Application. -3. Click **Add Portfolio**. -4. Select **Local Reference**. -5. Choose your Application from the drop-down menu and click **Add**. - -## Calculation -By default, Portfolios are queued to be recalculated after each analysis of an included project. For each relevant Portfolio, a “Background Task” is created, and you can follow the progress on each in the **[Administration > Projects > Background Tasks](/#sonarqube-admin#/admin/background_tasks)** by looking at the logs available for each item. - -If you're having performance issues related to the automatic recalculation of large portfolios, you can specify the hour(s) at which you want them to be recalculated at **[Administration > Portfolios > Recalculation](/#sonarqube-admin#/admin/settings?category=portfolios)**. Portfolios are queued to be recalculated at the beginning of the hour(s) that you specify. - -## Elasticsearch reindexing -During Elasticsearch reindexing due to disaster recovery or an upgrade, you won't have access to Portfolios until all projects are indexed. diff --git a/server/sonar-docs/src/pages/project-administration/managing-project-history.md b/server/sonar-docs/src/pages/project-administration/managing-project-history.md deleted file mode 100644 index 9ec64565704..00000000000 --- a/server/sonar-docs/src/pages/project-administration/managing-project-history.md +++ /dev/null @@ -1,25 +0,0 @@ ---- -title: Managing Project History -url: /project-administration/managing-project-history/ ---- - -One of the most powerful features of {instance} is that it shows you not just your project health today, but how it has changed over time. It does that by selectively keeping data from previous analyses (see [Housekeeping](/instance-administration/housekeeping/)). It doesn't keep all previous analyses - that would bloat the database. Similarly, for the analyses it does keep, {instance} doesn't keep all the data. Once a project snapshot moves from the "Last analysis" (i.e. the most recent) to being part of the project's history, data below the project level is purged - again to keep from bloating the database. - -Typically these aren't things you need to even think about; {instance} just handles them for you. But occasionally you may need to remove a bad snapshot from a project's history or change the housekeeping algorithms. - -## Managing History -Occasionally, you may need to manually delete a project snapshot, whether because the wrong Quality Profile was used, or because there was a problem with analysis, and so on. Note that the most recent snapshot (labeled "Last snapshot") can never be deleted. - -[[warning]] -|**About deleting snapshots**<br/><br/> -|Deleting a snapshot is a 2-step process:<br/><br/> -|* The snapshot must first be removed from the project history by clicking on Delete snapshot. It won't be displayed anymore on this History page but will still be present in the database. -|* The snapshot is actually deleted during the next project analysis. - -At project level, from the front page **Activity** list, choose **Show More** to see the full activity list. - -For every snapshot, it is possible to manually: - -* Add, rename or remove a version -* Add, rename or remove an event -* Delete the snapshot diff --git a/server/sonar-docs/src/pages/project-administration/narrowing-the-focus.md b/server/sonar-docs/src/pages/project-administration/narrowing-the-focus.md deleted file mode 100644 index ea8b8650cbc..00000000000 --- a/server/sonar-docs/src/pages/project-administration/narrowing-the-focus.md +++ /dev/null @@ -1,404 +0,0 @@ ---- -title: Narrowing the Focus -url: /project-administration/narrowing-the-focus/ ---- - -There are many cases where you do not want to analyze every aspect of every source file in your project. For example, your project may contain generated code, source code from libraries, or intentionally duplicated code. - -In such cases, it makes sense to skip some or all aspects of analysis for these files, thus removing noise and allowing you to focus on the issues that really matter. - -SonarQube gives you several options to precisely configure what will be analyzed and how. - - -## Setting the initial scope - -The initial scope of analysis is controlled by the following parameters: - -* `sonar.sources` defines the initial scope of analysis for non-test code in your project. -* `sonar.tests` defines the initial scope of analysis for test code in your project. - -These parameters define the starting point for analysis scope adjustment: - -* Files outside the scope defined by these parameters _will not_ be analyzed at all. -* Files within the scope defined by these parameters _will_ be analyzed _unless excluded by further adjustments_ (exclusions, inclusions, etc. See below.) - -Additionally, these parameters: - -* Are only set at the project level. There are no global, server-level equivalents for these parameters. -* Are either set automatically by your SonarScanner or set explicitly in the `sonar-project.properties` configuration file or on the command line that invokes the scanner. There are no UI settings for these parameters. -* When they are set explicitly, these parameters both take a comma-delimited list of paths. Pattern matching with wildcards is not supported. - - -### Why is test code scoped separately? - -Test and non-test code are distinguished because - -* Different analysis rules are applied to the two categories. -* The two categories have different metrics -* Test code does not count toward lines-of-code limits defined by your license. -* Test code does not count towards coverage (you don't have to test your test code) - - -### Automatic setting for Maven, Gradle, and .NET - -If you are analyzing code using SonarScanner for Maven, SonarScanner for Gradle, or SonarScanner for .NET, the `sonar.sources` and `sonar.tests` parameters are automatically determined based on information in your project configuration. You do not have to explicitly set the parameters. If you do explicitly set the parameters (for example in your `pom.xml`, in the case of Maven), this will override the automatically determined values. - - -### Defaults settings for other scenarios - -If you are not using Maven, Gradle or .NET then - -* By default, `sonar.sources` is set to the current working directory (the path `.`). -* By default, `sonar.tests` is not set. - - -### Explicit settings - -If the defaults are not suitable (for example, if you _do_ have test code) you must set the parameters explicitly in the scanner invocation or in the appropriate configuration file (see Analysis Parameters). - -When explicitly set, both `sonar.sources` and `sonar.tests` take a comma-delimited list of directories or files. - -* The entries in the list are simple paths, wildcards (`*`, `**`, and `?`, are not allowed). -* A directory in the list means that all analyzable files and directories recursively below it are included. An individual file in the list means that the file is included. -* The paths are interpreted relative to the project base directory. The base directory is defined by the scanner you are using. In most cases, this is the root directory of the project. If you are using the SonarScanner CLI, your base directory will be the current directory from which you invoke the tool (though this can be overridden using the parameter `sonar.projectBaseDir`). - - -### Example - -Let's say your repository looks something like this, with your source and test code clearly separated at the top level. - - - -In this case, you would set your `sonar.sources` like this: - - - -and your `sonar.tests` like this: - - - -If you configure your scoping in the `sonar-project.properties` file, it would look like this: - -``` - # Define separate root directories for sources and tests - sonar.sources = src/ - sonar.tests = test/ -``` - -There is no need for any further fine-tuning. - - -## Wildcard patterns - -While the `sonar.sources` and `sonar.tests` parameters take simple paths, most of the parameters discussed below use path-matching patterns. - -The patterns are defined using the following wildcards: - -* `*` Match zero or more characters (not including the directory delimiter, `/`). -* `**` Match zero or more directory segments within the path. -* `?` Match a single character (not including the directory delimiter, `/`). - -### Examples - -* The pattern `**/*Bean.java` - * matches `org/sonar.api/MyBean.java` - * doesn't match `org/sonar/util/MyDTO.java` -* The pattern `**/*Bean?.java` - * matches `org/sonar/util/MyOtherBean1.java` - * doesn't match `org/sonar/util/MyOtherBean.java` -* The pattern `org/sonar/*` - * matches `org/sonar/MyClass.java` - * doesn't match `org/sonar/util/MyClassUtil.java` -* The pattern `org/sonar/**/*` - * matches `org/sonar/MyClass.java` - * doesn't match `org/radar/MyClass.java` - - -## Location of UI settings - -Unless otherwise noted, all the parameters below are settable at both the global and project level. The UI locations for the settings are found under: - -* **Administration > Configuration > General Settings **(for global settings) -* **Project Settings > General Settings **(for project level settings) - -Any setting made at the global level will apply to all projects unless overridden at the project level (the only exceptions are the global exclusion parameters discussed above). - - -## Exclusion and inclusion - -If the directory structure of your project does not cleanly separate source code from test code at the top level, you may have to adjust the scope using exclusions and inclusions. - -These are set in the UI for both global and project levels, as follows: - - -### Global level - -_Administration > Configuration > General Settings > **Analysis Scope > A. File Exclusions**_ - -* **Global Source File Exclusions**: One or more wildcard patterns defining which files are filtered out from those defined by `sonar.sources`. This setting will apply to all projects on your SonarQube server. It cannot be overridden by any project level source file exclusion. It also cannot be set as a key in a configuration file. If it is set, it must be set in the UI. -* **Source File Exclusions**: The same as the global version above except that it _can_ be overridden by a project level source file exclusion. It cannot be set as a key in a configuration file. If it is set, it must be set in the UI. -* **Global Test File Exclusions**: Same as the Global Source File Exclusions, above, except that it applies to test files. -* **Test File Exclusions**: Same as the Source File Exclusions, above, except that it applies to test files. -* **Source File Inclusions**: One or more wildcard patterns defining which files to retain, while filtering out all others, from those defined by `sonar.sources`. This applies to all projects on your SonarQube server, though it can be overridden at the project level. It cannot be set as a key in a configuration file. If it is set, it must be set in the UI. -* **Test File Inclusions**: Same as the Source File Inclusions, above, except that it applies to test files. - - -### Project level - -_Project Settings > General Settings > **Analysis Scope > A. File Exclusions**_ - -* **Source File Exclusions**: One or more wildcard patterns defining which files are filtered out from those defined by `sonar.sources`. This can also be set in a configuration file using the key `sonar.exclusions`. -* **Test File Exclusions**: One or more wildcard patterns defining which files are filtered out from those defined by `sonar.tests`. This can also be set in a configuration file with the key `sonar.test.exclusions`. -* **Source File Inclusions**: One or more wildcard patterns defining which files to retain, while filtering out all others, from those defined by `sonar.sources`. This can also be set in a configuration file using the key `sonar.inclusions`. -* **Test File Inclusions**: One or more wildcard patterns defining which files to retain, while filtering out all others, from those defined by `sonar.tests`. This can also be set in a configuration file using the key `sonar.test.inclusions`. - -To set these parameters by key you can: - -* Set them in the configuration file `<sonarqube-project>/sonar-project.properties` -* Set them on the command line when invoking the scanner. -* In the case of Maven, Gradle, or .NET projects, set them in the appropriate framework-specific configuration file. - - -### How the parameter values are interpreted - -The wildcard patterns are interpreted relative to the project base directory. - -Exclusions and inclusions apply _on top of_ the `sonar.sources` and `sonar.tests` settings. Both the exclusion and inclusion parameters act as filters. They only ever reduce the number of files in the analyzable set, they never add to the set. - - -### Example - -Let's say your repository looks something like this, with your test code intermingled with your source code. - - - -You would define your `sonar.sources` like this, taking in the whole `src` directory: - - - -and then set **Source File Exclusions** (key `sonar.exclusions`) to - -``` -src/**/test/**/* -``` - -The result is that the set of source files to be scanned is everything under `src` minus every `test` subdirectory. - - - -To define the test files, first set `sonar.tests` to the whole `src` directory - - - -and then set **Test File Inclusions** (key `sonar.test.inclusions`) to - -``` -src/**/test/**/* -``` - -The result is that the set of source files to be scanned is everything under `src` _minus everything that is not_ a `test` subdirectory. - - - -If you configure your scoping in the `sonar-project.properties` file, it would look like this: - -``` - # Define the same root directory for sources and tests - sonar.sources = src/ - sonar.tests = src/ - - # Include test subdirectories in test scope - sonar.test.inclusions = src/**/test/**/* - - # Exclude test subdirectories from source scope - sonar.exclusions = src/**/test/**/* -``` - -### Naming of parameters - -Note that the initial scoping parameter for test code is `sonar.tests` (that's `tests` with an `s`!) while the exclusion and inclusion parameters for test code are `sonar.test.exclusions` and `sonar.test.inclusions` (that's `test`, without an `s`!). - - -### Relation to test coverage reporting - -The test scoping parameters ( `source.tests`, `sonar.test.exclusion`, and `sonar.test.inclusion`) do not have anything to do with setting up test coverage reporting (see [Test Coverage](/analysis/coverage/)). However, SonarQube will report an error if an imported coverage report lists a test file not encountered in the directories specified by the scoping parameters. - -The parameter `sonar.coverage.exclusions`, on the other hand, is directly related to test coverage reporting (see below). - - -## Code Coverage Exclusion - -**Analysis Scope > B. Code Coverage Exclusions** - -This setting lets you exclude specific files or directories from code coverage reporting.** **The value of the parameter is a comma-delimited list of path-matching patterns relative to the current working directory. - -When setting by key, use `sonar.coverage.exclusions` - - -## Duplication Exclusions - -**Analysis Scope > C. Duplication Exclusions** - -This setting lets you exclude specific files or directories from duplication checking. The value is a comma-delimited list of path-matching patterns relative to the current working directory. - -When setting by key, use `sonar.cpd.exclusions` - - -## Scope by file type - -**Languages > _Your Language_** - -Most languages offer a way to restrict the scope of analysis to files matching a set of extensions. You can specify one or more suffixes (file extensions) for each language. For example, for the C language, `.c` and `.h` are set by default. - -When setting by ke,y use the appropriate parameter of the form `sonar.<language>.file.suffixes`. - - -## Ignore files based on content - -**Analysis Scope > D. Issue Exclusions > Ignore Issues on Files** - -You can ignore files that contain a block of code matching a given regular expression. All issues (bugs, code smells, and vulnerabilities), as well as security hotspots, will be ignored within those files. In this setting, you can enter one or more regular expression patterns. Any file containing at least one of the specified patterns will be ignored. - -For example, let's say you have generated class files in your Java project that you wish to exclude. The files look something like this: - -``` - @Generated("com.example.generated") - public class GeneratedClass extends AnotherClass { - // Some generated code - } -``` - -To exclude all such files, you might set this parameter to: - -``` -@Generated\(".*"\) -``` - -Note that since this value is a regular expression, you need to escape the `(` and `)` parentheses characters and use the expression `.*` match the string in between those parentheses. - -The key for this parameter is `sonar.issue.ignore.allfile`, however, because it is a multi-value property, we recommend that it only be set through the UI. - - -## Ignore blocks within files - -**Analysis Scope > D. Issue Exclusions > Ignore Issues on Blocks** - -You can ignore specific blocks of code within a file while continuing to scan the remainder of the file. Blocks to be ignored are delimited within the file by start and end strings. You specify these start and end strings by regular expressions. All issues (bugs, code smells, and vulnerabilities), as well as security hotspots within those blocks, will be ignored. You can enter one or more pairs of regular expression patterns. Any code in any file that lies between the start pattern and its corresponding end pattern will be ignored. Note that: - -* If the first regular expression is found but not the second one, the end of the file is considered to be the end of the block. -* Regular expressions are not matched across multiple lines. - -For example, let's say you want to ignore the code in the method `doSomethingElse` using block delimiters, like this: - -``` - public class MyClass { - public MyClass() { - ... - } - - public void doSomething() { - ... - } - - // BEGIN-NOSCAN - public void doSomethingElse() - { - ... - } - // END-NOSCAN - } -``` - -You could specify the following regular expressions: - -**Start of block: `\s*//\s*START-NOSCAN`** - -**End of block:** `\s*//\s*END-NOSCAN` - -These regular expressions ensure that the start and end block delimiters will be recognized regardless of the number of of spaces around the line comment characters (`//`). - -The key for this parameter is `sonar.issue.ignore.block`. However, because it is a multi-value property, we recommend that it only be set through the UI. - - -## Exclude specific rules from specific files - -**Analysis Scope > D. Issue Exclusions > Ignore Issues on Multiple Criteria** - -You can prevent specific rules from being applied to specific files by combining one or more pairs of strings consisting of a** rule key pattern **and a **file path pattern**. - -The key for this parameter is `sonar.issue.ignore.multicriteria`. However, because it is a multi-value property, we recommend that only be set through the UI. - - -### Rule key pattern - -A rule key pattern consists of a rule repository name, followed by a colon, followed by a rule key or a rule name globbing pattern. - -For example: - -* `java:S1195` matches exactly the [rule S1195 ](https://sonarcloud.io/organizations/sonarsource/rules?q=s1195&open=java%3AS1195)in the Java rule repository. -* `java:*Naming*` matches all rules in the Java repository that include the string `Naming` in their rule name. - -You can find the fully qualified rule ID of the rule definition and the rule name in the rule definition. - -For example, for [this rule](https://sonarcloud.io/organizations/sonarsource/rules?open=css%3AS4655&rule_key=css%3AS4655): - -* Rule ID: `css:S4655` -* Rule name: _"!important" should not be used on "keyframes"_ - - -### File path pattern - -A file path pattern uses the path-matching format described above to specify a set of directories or files. - - -### Examples - -* Ignore all issues in all files: - * Rule key pattern: `*` - * File path pattern: `**/*` -* Ignore all issues in the file `bank/ZTR00021.cbl`: - * Rule key pattern: `*` - * File path pattern: `bank/ZTR00021.cbl` -* Ignore all issues in files located directly in the Java package `com.foo`, but not in its sub-packages: - * Rule key pattern: `*` - * File path pattern: `com/foo/*` -* Ignore all issues against the coding rule `cpp:Union` in files in the directory `object` and its sub-directories: - * Rule key pattern: `cpp:Union` - * File path pattern: `object/**/*` - - -## Only apply specific rules to specific files - -You can only apply specific rules to specific files. - -* Global level: **Administration > Configuration > General Settings > Analysis Scope > D. Issue Exclusions > Restrict Scope of Coding Rules** -* Project level: **Project Settings > General Settings > Analysis Scope > D. Issue Exclusions > Restrict Scope of Coding Rules** - -The mechanics of setting these parameters are the same as for `sonar.issue.ignore.multicriteria`, above: Each entry consists of a rule key pattern and a file path pattern. The difference is that in this case it means that the specified rule will only be applied to the specified set of files. - -The key for this parameter is `sonar.issue.enforce.multicriteria`. However, because it is a multi-value property, we recommend that only be set through the UI. - - -### Examples - -* Only check the rule "Magic Number" on "Bean" objects and not on anything else: - * Rule key pattern: `checkstyle:com.puppycrawl.tools.checkstyle.checks.coding.MagicNumberCheck` - * File path pattern: `**/*Bean.java` -* Only check against the rule _Prevent GO TO statement from transferring control outside current module on COBOL programs_ in the directories `bank/creditcard` and `bank/bankcard` (this restriction requires two criteria): - * Rule key pattern 1: `cobol:COBOL.GotoTransferControlOutsideCurrentModuleCheck` - * File path pattern 1: `bank/creditcard/**/*` - * Rule key pattern 2: `cobol:COBOL.GotoTransferControlOutsideCurrentModuleCheck` - * File path pattern 2: `bank/bankcard/**/*` - - -## SonarQube respects ignored files - -Your SonarQube analysis will automatically exclude files that are ignored by your source code control system. For example, in git repositories, it respects the `.gitignore` file. SonarQube also respects the ignore directives of SVN repositories. - -This behavior can be disabled by setting - -`sonar.scm.exclusions.disabled = true` - -in the configuration file or command line. - -Note that while SonarQube understands standard `.gitignore` directives, it does not understand `.gitignore` _negation patterns_. These are the patterns preceded by an exclamation mark(`!`). We recommend not using them in SonarQube projects. diff --git a/server/sonar-docs/src/pages/project-administration/new-code-period.md b/server/sonar-docs/src/pages/project-administration/new-code-period.md deleted file mode 100644 index 387f32934db..00000000000 --- a/server/sonar-docs/src/pages/project-administration/new-code-period.md +++ /dev/null @@ -1,41 +0,0 @@ ---- -title: Defining New Code -url: /project-administration/new-code-period/ ---- - -Defining what is considered New Code is an important part of SonarQube's Clean as You Code approach to code quality and safety. By focusing on code that's been added or changed since your New Code definition, you can set consistent quality requirements and expectations. Your New Code will be issue free and you'll clean up the code you encounter along the way. For more information on New Code and why it's important, check out [Clean as You Code](/user-guide/clean-as-you-code/). - -## Setting your New Code definition - -You can define New Code at the global, project, or branch level. - -- **Global level** - You can set a global New Code definition at [**Administration > Configuration > General Settings > New Code**](/#sonarqube-admin#/admin/settings?category=new_code_period/). What you define as New Code at the global level will be the default for your projects. - -- **Project level** - You can set a New Code definition for your project at **Project Settings > New Code**. What you define as New Code at the project level will be the default for the project's branches if you're using an edition that supports multiple branches (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)). - -- **Branch level** - You can define New Code for each branch from the **Actions** column of the branches table on the project's **New Code** settings page if you're using an edition that supports multiple branches (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)). - -## New Code definitions - -You can define New Code as changes from a previous version, a specific analysis, a reference branch, or within a specific period (number of days): - -- **Previous Version** – Define New Code as any changes made in your project's current version. This works well for projects with regular versions or releases. - - Available at the global, project, and branch level. - -- **Specific analysis** – Choose a previous analysis as your New Code definition. Any changes made since that analysis are considered New Code. - - Available at the branch level starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) and the project level for community edition. - -[[info]] -| For Community Edition, past analysis is available at the project-level because Community Edition doesn't support multiple branches. Starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can do this at the branch level, and each branch can be set to one of the branch's specific past analyses. - -- **Reference Branch** – Choose a specific branch to define your New Code. Any changes made from your reference branch are considered New Code. - - Available at the project and branch level. You can also specify a reference branch using a scanner parameter, overriding the server's definition. See the [Scanner Analysis Parameters](/analysis/analysis-parameters/). - -- **Number of days** – Specify a number of days for a floating New Code period. For example, setting **Number of Days** to 30 creates a floating New Code period beginning 30 days from the current date. - Available at the global, project, and branch level. diff --git a/server/sonar-docs/src/pages/project-administration/portfolio-pdf-configuration.md b/server/sonar-docs/src/pages/project-administration/portfolio-pdf-configuration.md deleted file mode 100644 index 10debc89626..00000000000 --- a/server/sonar-docs/src/pages/project-administration/portfolio-pdf-configuration.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: PDF Reports -url: /project-administration/portfolio-pdf-configuration/ ---- - -*PDF Reports are available as part of the [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) and [above](https://www.sonarsource.com/plans-and-pricing/).* - -PDF reports give a periodic, high-level overview of the overall code quality and security of your projects, applications, or portfolios. - -## Project and Application PDF Reports - -Users with access to a project or application can download a PDF report or subscribe to receive PDF reports from the **Project/Application PDF Report** drop-down menu in the upper-right corner of the project or application's home page. The frequency that you receive reports is set by a project or application administrator. - -### Changing PDF subscription frequency -Users with administrative rights on a project or application can configure how frequently SonarQube sends PDF reports. You can change the frequency all projects and applications at a global level or for each project or application individually: - -- **Global-level** – To change the frequency setting globally, navigate to **Administration > General Settings > Governance**. Under **Project and Application PDF Reports**, select an option from the **PDF Reports Frequency** drop-down menu. - -- **Project-level** – To change the frequency setting for a specific project, navigate to the project's home page then **Project Settings > General Settings > Governance**. Under **Project and Application PDF Reports**, select an option from the **PDF Reports Frequency** drop-down menu. - -- **Application-level** – To change the frequency setting for a specific application, navigate to the application's home page then **Application Settings > Application Report Settings**, and select an option from the **Application Reports Frequency** drop-down menu. - -You have the following options for subscription frequency: - -- **Daily** – report is sent on a daily basis. -- **Weekly** – report is sent on a weekly basis. -- **Monthly (default)** – report is sent on a monthly basis. - -### Temporary branches -You cannot download or subscribe to a PDF report for a temporary branch. If you are unable to download or subscribe to a PDF report for a branch, go to **Project Settings > Branches & Pull Requests** and make sure that the **Keep when inactive** toggle is on for that branch. - -## Portfolio PDF Reports -Users with access to a portfolio can download a PDF report or subscribe to receive PDF reports from the **Portfolio PDF Report** drop-down menu in the upper-right corner of the portfolio's home page. The frequency that you receive reports is set by a portfolio administrator. See the following section for more information. - -### Changing PDF subscription frequency -Users with administrative rights on a portfolio can configure how frequently SonarQube sends PDF reports. You can change the frequency for all portfolios globally or for each portfolio individually. - -- **Global-level** – To change the frequency setting at a global level, navigate to **Administration > Portfolios**, and select an option from the **Frequency** drop-down menu. - -- **Portfolio-level** – To change the frequency setting for a specific portfolio, navigate to the portfolio's home page then **Portfolio Settings > Executive Report** and select an option under **Frequency**. - -You have the following options for subscription frequency: - -- **Daily** – report is sent during the first portfolio calculation of the day (if any) -- **Weekly** – report is sent during the first portfolio calculation of the week (if any) from Monday -- **Monthly (default)** – report is sent during the first portfolio calculation of the month (if any), starting from the first day of the current month - -### Sending portfolio PDF reports to non-SonarQube users -Users with administrative rights on a portfolio can send the portfolio PDF report to non-SonarQube users by adding their email in the **Other Recipients** field at **Portfolio Settings > Executive Report**. - -## Regulatory PDF Reports - -Users with access to a project can download a regulatory report for any permanent branch of that project. -A permanent branch is one that has been set to **Keep when inactive** (see [Branch Analysis](/branches/overview/) for details on how to adjust this setting). - -To download the regulatory report, go to **Project Information > Regulatory Report** and select the desired branch. -The report will be dynamically generated and downloaded. -This may take a few minutes. - -The report is a zip file containing a snapshot of the selected branch. It contains: - -* An overview of the the selected branch of the project. -* The configuration items relevant to the project's quality (quality profile, quality gate, and analysis exclusions). -* Lists of findings for both new and overall code on the selected branch. diff --git a/server/sonar-docs/src/pages/project-administration/project-existence.md b/server/sonar-docs/src/pages/project-administration/project-existence.md deleted file mode 100644 index 7a0a63718ab..00000000000 --- a/server/sonar-docs/src/pages/project-administration/project-existence.md +++ /dev/null @@ -1,34 +0,0 @@ ---- -title: Project Existence -url: /project-administration/project-existence/ ---- - -Typically, projects are created during their first analysis and never deleted (because old software never dies). For atypical situations, there is the page at **[Administration > Projects > Management](/#sonarqube-admin#/admin/projects_management/)**, which allows you to manage project existence. - -## How do I provision a project before its first analysis? -Provisioning a project allows you to declare and configure it (define permissions, set Quality Profiles, etc.) before running the first analysis. To be able to provision projects, you have to be logged in and be granted the Provision Projects permission. - -To provision a new project, either go to the **Projects** page and click on **Create Project**, or go to **Administration > Projects > Management** and click on **Create Project**. - -Once the project is provisioned, you can configure it (define permissions, set Quality Profiles, etc.), and when you're finished with the configuration, you can simply run the project's first analysis. - -You can also provision and configure projects using the Web API. - -## How do I find provisioned projects (that haven't been analyzed yet)? -The **[Projects Management](/#sonarqube-admin#/admin/projects_management/)** search interface includes a toggle to allow you to narrow your results on this page to only projects that have never been analyzed. From there you can deal with them on this page as a set, or click through to the individual project homepages for individual attention and administration. - -## How do I lock down permissions on a project? (Private vs Public) -By default, any newly created project will be considered "Public". It means every SonarQube user, authenticated or not, will be able to: - -* **Browse**: Access a project, browse its measures, issues and perform some issue edits (confirm, assignment, comment). -* **See Source Code**: View the project's source code. - -If you want to be sure only a limited list of Groups and Users can see the project, you need to mark it Private. Once a project is private you will be able to define which Groups and Users can **Browse** the project or **See Source Code**. - -If you want all newly created projects to be considered "Private", you can change the default visibility in **[Administration > Projects > Management](/#sonarqube-admin#/admin/projects_management/)**. - -## How do I delete projects? -A project may be deleted individually from the Administration page of the project. See Project Settings for more details. To delete projects in bulk, use **[Administration > Projects > Management](/#sonarqube-admin#/admin/projects_management/)**. Here you can select the projects to delete. A deleted project is gone for good, there is no way to undo this action. - -## How do I find projects that are no longer analyzed? -The **[Projects Management](/#sonarqube-admin#/admin/projects_management/)** search interface includes a date picker to help you find all projects last analyzed before your specified date. From there you can deal with them on this page as a set, or click through to the individual project homepages for individual attention and administration. diff --git a/server/sonar-docs/src/pages/project-administration/project-settings.md b/server/sonar-docs/src/pages/project-administration/project-settings.md deleted file mode 100644 index f14eef9da5a..00000000000 --- a/server/sonar-docs/src/pages/project-administration/project-settings.md +++ /dev/null @@ -1,58 +0,0 @@ ---- -title: Project Settings -url: /project-administration/project-settings/ ---- - -## Tags - -Project tags allow you to categorize and group projects for easier selection on the **Projects** page. Project tags can be administered from the project home page. Administrators will see a dropdown menu indicator next to the project's list of current tags (or next to the "No tags" indicator). If the tag you want isn't visible in the dropdown, use the built in "search" input to find what you're looking for or create it on the fly. - -## Administration Items - -Project administration is accessible through the **Project Settings** menu of each project. - -Only project administrators can access project's settings (see [Authorization](/instance-administration/security/)). - -### Adding a Project - -A project is automatically added at its first analysis. Note that you can also [provision projects](/project-administration/project-existence/). - -### Analysis Report Processing - -A project-level Background Tasks page is available at **Project Settings > Background Tasks** to allow project administrators to check their projects' processing. It offers analysis report details and logs. - -### Deleting a Project - -#### **Deleting a Single Project** - -You can delete a project through **Project Settings > Deletion**. - -#### **Deleting Multiple Projects** -You can also delete multiple projects simultaneously from the global **Project Settings > Projects > Management**. - -### Updating the Project Key - -The project key can be updated (without losing the history on the project) at **Project Settings > Update Key**. - -The new key must contain at least one non-digit character. Allowed characters are: 'a' through 'z', 'A' through 'Z', '-' (dash), '\_' (underscore), '.' (dot), ':' (colon) and digits '0' to '9'. This value is case-sensitive. - -### Default Issue Assignee - -When new issues are created during an analysis, they are assigned to the last committer where the issue was raised. When it is not possible to identify the last committer, issues can be assigned to a default assignee, at [Administration > General Settings > Issues](/#sonarqube-admin#/admin/settings). - -### Setting Quality Gate and Quality Profiles - -Project administrators can select which ... - -* Quality profiles (go to **Project Settings > Quality Profiles**) -* Quality gate (go to **Project Settings > Quality Gate**) - -... to use on their project. - -### Setting Exclusions - -See [Narrowing the Focus](/project-administration/narrowing-the-focus/). - -### Customizing Links - -On top of standard links which may only be set as [Analysis Parameters](/analysis/analysis-parameters/), additional custom links can be added through the web interface (under **Project Settings > Links**). Those links will then be displayed in the [Project Page](/user-guide/project-page/). diff --git a/server/sonar-docs/src/pages/project-administration/webhooks.md b/server/sonar-docs/src/pages/project-administration/webhooks.md deleted file mode 100644 index 339210aff5c..00000000000 --- a/server/sonar-docs/src/pages/project-administration/webhooks.md +++ /dev/null @@ -1,147 +0,0 @@ ---- -title: Webhooks -url: /project-administration/webhooks/ ---- - -Webhooks notify external services when a project analysis is complete. An HTTP POST request including a JSON payload is sent to each URL. URLs may be specified at both the project and global levels. Project-level specification does not replace global-level webhooks. All hooks at both levels are called. - -The HTTP(S) call: - -* is made regardless of the status of the Background Task -* includes a JSON document as payload, using the POST method -* has a content type of "application/json", with UTF-8 encoding - -## Configuration - -You can configure up to 10 webhooks at the project level in **Project Settings > Webhooks**. - -An additional set of 10 webhooks can be configured at the global level in **Administration > Configuration > Webhooks**. - -If configured, all 20 will be executed. - -## Delivery and Payload - -### Delivery - -The Webhook administration console shows the result and timestamp of the most recent delivery of each webhook with the payload available via the list icon. Results and payloads of earlier deliveries are available from the tools menu to the right of each webhook. - -Response records are purged after 30 days. - -The URL must respond within 10 seconds or the delivery is marked as failed. - -### Payload - -An HTTP header "X-SonarQube-Project" with the project key is sent to allow quick identification of the project involved. - -The Payload is a JSON document which includes: - -* when the analysis was performed: see "analysedAt" -* the identification of the project analyzed: see "project" -* each Quality Gate criterion checked and its status: see "qualityGate" -* the Quality Gate status of the project: see "qualityGate.status" -* the status and the identifier of the Background Task : see "status" and "taskId" -* user-specified properties: see "properties" - -#### Example - -``` -{ - "serverUrl": "http://localhost:9000", - "taskId": "AVh21JS2JepAEhwQ-b3u", - "status": "SUCCESS", - "analysedAt": "2016-11-18T10:46:28+0100", - "revision": "c739069ec7105e01303e8b3065a81141aad9f129", - "project": { - "key": "myproject", - "name": "My Project", - "url": "https://mycompany.com/sonarqube/dashboard?id=myproject" - }, - "properties": { - }, - "qualityGate": { - "conditions": [ - { - "errorThreshold": "1", - "metric": "new_security_rating", - "onLeakPeriod": true, - "operator": "GREATER_THAN", - "status": "OK", - "value": "1" - }, - { - "errorThreshold": "1", - "metric": "new_reliability_rating", - "onLeakPeriod": true, - "operator": "GREATER_THAN", - "status": "OK", - "value": "1" - }, - { - "errorThreshold": "1", - "metric": "new_maintainability_rating", - "onLeakPeriod": true, - "operator": "GREATER_THAN", - "status": "OK", - "value": "1" - }, - { - "errorThreshold": "80", - "metric": "new_coverage", - "onLeakPeriod": true, - "operator": "LESS_THAN", - "status": "NO_VALUE" - } - ], - "name": "SonarQube way", - "status": "OK" - } -} -``` - -## Securing your webhooks - -After you've configured your server to receive payloads, you want to be sure that the payloads you receive are initiated by {instance} and not by attackers. You can do this by validating a hash signature that ensures that requests originate from {instance}. - -### Setting your secret - -To set your secret in {instance}: - -1. From the project or organization where you're securing your webhooks, navigate to the webhooks settings at **Project Settings > Webhooks** -1. You can either click **Create** to create a new webhook or click an existing webhook's settings drop-down and click **Update**. -1. Enter a random string in the **Secret** text box. This is used as the key to generate the HMAC hex digest value in the `X-Sonar-Webhook-HMAC-SHA256` header. -1. Click **Update**. - -### Validating {instance} Payloads - -After setting your secret, it's used by {instance} to create a hash signature with each payload that's passed using the `X-Sonar-Webhook-HMAC-SHA256` HTTP header. The header value needs to match the signature you are expecting to receive. {instance} uses a HMAC lower-case SHA256 digest to compute the signature of the request body. Here's some sample Java code for your server: - -``` -private static boolean isValidSignature(YourHttpRequest request) { - String receivedSignature = request.getHeader("X-Sonar-Webhook-HMAC-SHA256"); - // See Apache commons-codec - String expectedSignature = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, "your_secret").hmacHex(request.getBody()) - return Objects.equals(expectedSignature, receivedSignature); -} -``` - -If the signatures don't match, then the payload should be ignored. - -## Additional parameters - -A basic authentication mechanism is supported by providing user/password in the URL of the Webhook such as `https://myLogin:myPassword@my_server/foo`. - -If you provide additional properties to your SonarScanner using the pattern `sonar.analysis.*`, these properties will be automatically added to the section "properties" of the payload. - -For example these additional parameters: - -``` -sonar-scanner -Dsonar.analysis.buildNumber=12345 -``` - -Would add this to the payload: - -``` -"properties": { - "sonar.analysis.buildNumber": "12345" -} -``` diff --git a/server/sonar-docs/src/pages/requirements/hardware-recommendations.md b/server/sonar-docs/src/pages/requirements/hardware-recommendations.md deleted file mode 100644 index aef2475b876..00000000000 --- a/server/sonar-docs/src/pages/requirements/hardware-recommendations.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -title: Hardware Recommendations -url: /requirements/hardware-recommendations/ ---- -## Database -We recommend that for large instances, the database used by SonarQube is hosted on a machine that is physically separate from SonarQube Server but close to it on the network. - -### Oracle -In case your SonarQube Server is running on Linux and you are using Oracle, the Oracle JDBC Driver may be blocked due to /dev/random. See [this Oracle article](http://www.usn-it.de/index.php/2009/02/20/oracle-11g-jdbc-driver-hangs-blocked-by-devrandom-entropy-pool-empty/) for more details about this problem. - -To avoid it, you may want to add this JVM parameter to your SonarQube Web Server (`sonar.web.javaOpts`) configuration : - ``` - -Djava.security.egd=file:///dev/urandom - ``` - -## Elasticsearch (ES) -* [Elasticsearch](https://www.elastic.co/) is used by SonarQube in the background in the SearchServer process. To ensure good performance of your SonarQube, you need to follow these recommendations that are linked to ES usage. - -### Disk -* Free disk space is an absolute requirement. ES implements a safety mechanism to prevent the disk from being flooded with index data that locks all indices in read-only mode when a 95% disk usage watermark is reached. For information on recovering from ES read-only indices, see the [Troubleshooting](/setup/troubleshooting/) page. -* Disk can easily become the bottleneck of ES. If you can afford SSDs, they are by far superior to any spinning media. SSD-backed nodes see boosts in both query and indexing performance. If you use spinning media, try to obtain the fastest disks possible (high-performance server disks 15k RPM drives). -* Using RAID 0 is an effective way to increase disk speed, for both spinning disks and SSD. There is no need to use mirroring or parity variants of RAID because of Elasticsearch replicas and database primary storage. -* Do not use remote-mounted storage, such as NFS, SMB/CIFS or network-attached storage (NAS). They are often slower, display larger latencies with a wider deviation in average latency, and are a single point of failure. - -**Advanced** -* If you are using SSD, make sure your OS I/O Scheduler is configured correctly. When you write data to disk, the I/O Scheduler decides when that data is actually sent to the disk. The default under most *nix distributions is a scheduler called cfq (Completely Fair Queuing). This scheduler allocates "time slices" to each process, and then optimizes the delivery of these various queues to the disk. It is optimized for spinning media: the nature of rotating platters means it is more efficient to write data to disk based on physical layout. This is very inefficient for SSD, however, since there are no spinning platters involved. Instead, deadline or noop should be used. The deadline scheduler optimizes based on how long writes have been pending, while noop is just a simple FIFO queue. This simple change can have dramatic impacts. -* If SQ home directory is located on a slow disk, then the property `sonar.path.data` can be used to move data to a faster disk (RAID 0 local SSD for instance). - -### Memory -* Machine available memory for OS must be at least the Elasticsearch heap size. The reason is that Lucene (used by ES) is designed to leverage the underlying OS for caching in-memory data structures. That means that by default OS must have at least 1Gb of available memory. -* Don't allocate more than 32GB. See the following Elasticsearch articles for more details: - * [Elasticsearch Guide: Heap Sizing](https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html) - * [A Heap of Trouble](https://www.elastic.co/blog/a-heap-of-trouble) - * [Elasticsearch Reference: JVM heap size](https://www.elastic.co/guide/en/elasticsearch/reference/7.x/advanced-configuration.html#set-jvm-heap-size) - -### CPU -* If you need to choose between faster CPUs or more cores, then choose more cores. The extra concurrency that multiple cores offer will far outweigh a slightly faster clock speed. -* By nature, data is distributed on multiple nodes, so execution time depends on the slowest node. It's better to have multiple medium boxes than one fast and one slow. diff --git a/server/sonar-docs/src/pages/requirements/requirements.md b/server/sonar-docs/src/pages/requirements/requirements.md deleted file mode 100644 index f0422eb25eb..00000000000 --- a/server/sonar-docs/src/pages/requirements/requirements.md +++ /dev/null @@ -1,143 +0,0 @@ ---- -title: Prerequisites and Overview -url: /requirements/requirements/ ---- -## Prerequisite -You must be able to install Java (Oracle JRE or OpenJDK) on the machine where you plan to run SonarQube. - -## Hardware Requirements -1. A small-scale (individual or small team) instance of the SonarQube server requires at least 2GB of RAM to run efficiently and 1GB of free RAM for the OS. If you are installing an instance for a large teams or Enterprise, please consider the additional recommendations below. -2. The amount of disk space you need will depend on how much code you analyze with SonarQube. -3. SonarQube must be installed on hard drives that have excellent read & write performance. Most importantly, the "data" folder houses the Elasticsearch indices on which a huge amount of I/O will be done when the server is up and running. Great read & write hard drive performance will therefore have a great impact on the overall SonarQube server performance. - -### Enterprise Hardware Recommendations -For large teams or Enterprise-scale installations of SonarQube, additional hardware is required. At the Enterprise level, [monitoring your SonarQube instance](/instance-administration/monitoring/) is essential and should guide further hardware upgrades as your instance grows. A starting configuration should include at least: - -* 8 cores, to allow the main SonarQube platform to run with multiple Compute Engine workers -* 16GB of RAM -For additional requirements and recommendations relating to database and ElasticSearch, see [Hardware Recommendations](/requirements/hardware-recommendations/). - -## Supported Platforms -### Java -The SonarQube server require Java version 11 and the SonarQube scanners require Java version 11 or 17. - -SonarQube is able to analyze any kind of Java source files regardless of the version of Java they comply to. - -We recommend using the Critical Patch Update (CPU) releases. - -| Java | Server | Scanners | -| -------------- |---------------------------|---------------------------| -| Oracle JRE |  17 |  17 | -| |  11 |  11 | -| |  8 |  8 | -| OpenJDK |  17 |  17 | -| |  11 |  11 | -| |  8 |  8 | - -| Database | | -| ----------------------------------------------------------- |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [PostgreSQL](http://www.postgresql.org/) |  15 | -| |  14 | -| |  13 | -| |  12 | -| |  11 | -| |  Must be configured to use UTF-8 charset | -| [Microsoft SQL Server](http://www.microsoft.com/sqlserver/) |  2019 (MSSQL Server 15.0) with bundled Microsoft JDBC driver. Express Edition is supported. | -| |  2017 (MSSQL Server 14.0) with bundled Microsoft JDBC driver. Express Edition is supported. | -| |  2016 (MSSQL Server 13.0) with bundled Microsoft JDBC driver. Express Edition is supported. | -| |  2014 (MSSQL Server 12.0) with bundled Microsoft JDBC driver. Express Edition is supported. | -| |  Collation must be case-sensitive (CS) and accent-sensitive (AS) (example: `Latin1_General_CS_AS`) | -| |  `READ_COMMITTED_SNAPSHOT` must be set on the SonarQube database to avoid potential deadlocks under heavy load | -| |  Both Windows authentication (“Integrated Security”) and SQL Server authentication are supported. See the Microsoft SQL Server section in Installing/installation/installing-the-server page for instructions on configuring authentication. | -| [Oracle](http://www.oracle.com/database/) |  19C | -| |  18C | -| |  12C | -| |  XE Editions | -| |  Must be configured to use a UTF8-family charset (see `NLS_CHARACTERSET`) | -| |  The driver ojdbc14.jar is not supported | -| |  We recommend using the latest Oracle JDBC driver | -| |  Only the thin mode is supported, not OCI | -| |  Only `MAX_STRING_SIZE=STANDARD` parameter is supported, not `EXTENDED` | - -### Web Browser -To get the full experience SonarQube has to offer, you must enable JavaScript in your browser. - -| Browser | | -| --------------------------- | --------------------------------------- | -| Microsoft Edge |  Latest | -| Mozilla Firefox |  Latest | -| Google Chrome |  Latest | -| Opera |  Not tested | -| Safari |  Latest | - -## Platform notes -### Linux -If you're running on Linux, you must ensure that: - -* `vm.max_map_count` is greater than or equal to 524288 -* `fs.file-max` is greater than or equal to 131072 -* the user running SonarQube can open at least 131072 file descriptors -* the user running SonarQube can open at least 8192 threads - -You can see the values with the following commands: -``` -sysctl vm.max_map_count -sysctl fs.file-max -ulimit -n -ulimit -u -``` - -You can set them dynamically for the current session by running the following commands as `root`: -``` -sysctl -w vm.max_map_count=524288 -sysctl -w fs.file-max=131072 -ulimit -n 131072 -ulimit -u 8192 -``` - -To set these values more permanently, you must update either _/etc/sysctl.d/99-sonarqube.conf_ (or _/etc/sysctl.conf_ as you wish) to reflect these values. - -If the user running SonarQube (`sonarqube` in this example) does not have the permission to have at least 131072 open descriptors, you must insert this line in _/etc/security/limits.d/99-sonarqube.conf_ (or _/etc/security/limits.conf_ as you wish): -``` -sonarqube - nofile 131072 -sonarqube - nproc 8192 -``` - -If you are using `systemd` to start SonarQube, you must specify those limits inside your unit file in the section \[service\] : -``` -[Service] -... -LimitNOFILE=131072 -LimitNPROC=8192 -... -``` - -### seccomp filter -By default, Elasticsearch uses [seccomp filter](https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt). On most distribution this feature is activated in the kernel, however on distributions like Red Hat Linux 6 this feature is deactivated. If you are using a distribution without this feature and you cannot upgrade to a newer version with seccomp activated, you have to explicitly deactivate this security layer by updating `sonar.search.javaAdditionalOpts` in _$SONARQUBE_HOME/conf/sonar.properties_: -``` -sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false -``` - -You can check if seccomp is available on your kernel with: -``` -$ grep SECCOMP /boot/config-$(uname -r) -``` - -If your kernel has seccomp, you will see: -``` -CONFIG_HAVE_ARCH_SECCOMP_FILTER=y -CONFIG_SECCOMP_FILTER=y -CONFIG_SECCOMP=y -``` -For more detail, see the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/5.6/breaking-changes-5.6.html). - -### Fonts -Generating [Executive Reports](/project-administration/portfolio-pdf-configuration/) requires that fonts be installed on the server hosting SonarQube. On Windows servers, this is a given. However, this is not always the case for Linux servers. - -The following should be ensured: - -* [Fontconfig](https://en.wikipedia.org/wiki/Fontconfig) is installed on the server hosting SonarQube -* A package of [FreeType](https://www.freetype.org/) fonts is installed on the SonarQube server. The exact packages available will vary by distribution, but a commonly used package is `libfreetype6` - -### FIPS -SonarQube will not run on Linux hosts where FIPS (Federal Information Processing Standard) is enforced. diff --git a/server/sonar-docs/src/pages/setup/before-you-upgrade.md b/server/sonar-docs/src/pages/setup/before-you-upgrade.md deleted file mode 100644 index 0fd96259785..00000000000 --- a/server/sonar-docs/src/pages/setup/before-you-upgrade.md +++ /dev/null @@ -1,45 +0,0 @@ ---- -title: Before You Upgrade -url: /setup/before-you-upgrade/ ---- - -This page contains some concepts and recommendations that you should familiarize yourself with before upgrading. See the [Upgrade Guide](/setup/upgrading/) for information on the actual upgrade process. - -## SonarQube version number format -Version numbers have up to three digits with each digit representing part of the release cycle: - - - -**Major version number** -The major version number represents a series of releases with high-level objectives for the release cycle. It's incremented with the release following an LTS version (for example, the release following 7.9 LTS was 8.0). - -**Minor version number** -The minor version number corresponds to incremental functional changes within a major release cycle. At the time of an LTS release, the release cycle is closed and the minor version number is frozen. - -**Patch release number** -Only on LTS versions, the patch release number represents patches to an LTS that fixed blocker or critical problems. The patch release number isn't considered in your upgrade migration path, and your migration path is the same no matter which patch number you are on. - -## Migration path -Upgrading across multiple non-LTS versions is handled automatically. However, if there are one or multiple LTS versions in your migration path, you must first migrate to each intermediate LTS and then to your target version, as shown in **Example 3** below. - -[[info]] -|If you're migrating from an earlier patch version of an LTS, you can upgrade directly to the next LTS. You don't need to install any intermediate patch versions. - -**Migration Path Examples**: - -**Example 1** – From 8.1 > 9.0, the migration path is 8.1 > 8.9.1 LTS > 9.0 -**Example 2** – From 8.2 > 8.9 LTS, the migration path is 8.2 > the latest 8.9 LTS patch. -**Example 3** – From 6.7.7 LTS > 8.9 LTS, the migration path is 6.7.7 LTS > 7.9.6 LTS > the latest 8.9 LTS patch. - -## Release Upgrade Notes -Usually SonarQube releases come with some specific recommendations for upgrading from the previous version. You should read the [Release Upgrade Notes](/setup/upgrade-notes/) for each version between your current version and the target version. - -## Practice your upgrade -We recommend practicing your upgrade to: -- make sure your infrastructure can run the upgrade. -- get an idea of how long the upgrade will take. -- gain a better understanding of the upgrade process and anticipate what you'll need to do when performing the actual upgrade. -- address any issues you encounter during the practice upgrade on the [SonarSource Community](https://community.sonarsource.com/). - -To practice your upgrade, create a staging environment using a recent backup of your production database. You want your staging environment to be as similar to your production instance as possible because the resources and time needed to upgrade depends on what's stored in your database. Use this staging environment to test the upgrade, observing how long it takes to back up and restore systems and complete the process. - diff --git a/server/sonar-docs/src/pages/setup/get-started-2-minutes.md b/server/sonar-docs/src/pages/setup/get-started-2-minutes.md deleted file mode 100644 index 0dd31064f0a..00000000000 --- a/server/sonar-docs/src/pages/setup/get-started-2-minutes.md +++ /dev/null @@ -1,62 +0,0 @@ ---- -title: Try Out SonarQube -url: /setup/get-started-2-minutes/ ---- -You've heard about how [SonarQube](https://www.sonarqube.org/) and the [Clean as you code](/user-guide/clean-as-you-code/) strategy can help you write cleaner and safer code, and now you're ready to try it out for yourself. This guide shows you how to install a local instance of SonarQube and analyze a project. Installing a local instance gets you up and running quickly, so you can experience SonarQube firsthand. - -Once you're ready to set up a production instance, take a look at the [Install SonarQube](/setup/install-server/) documentation. - -## Installing a local instance of SonarQube -You can evaluate SonarQube using a traditional installation with the [zip file](https://www.sonarqube.org/downloads/) or you can spin up a Docker container using one of our [Docker images](https://hub.docker.com/_/sonarqube/). Click the method you prefer below to expand the installation instructions: - -[[collapse]] -| ## From the zip file -| -| 1. [Download](https://adoptium.net/releases.html?variant=openjdk11&jvmVariant=hotspot) and install Java 11 on your system. -| -| 2. [Download](https://www.sonarqube.org/downloads/) the SonarQube Community Edition zip file. -| -| 3. As a **non-`root` user**, unzip it, let's say in _C:\sonarqube_ or _/opt/sonarqube_. -| -| 4. As a **non-`root` user**, start the SonarQube Server: -| -| ``` -| # On Windows, execute: -| C:\sonarqube\bin\windows-x86-64\StartSonar.bat -| -| # On other operating systems, as a non-root user execute: -| /opt/sonarqube/bin/[OS]/sonar.sh console -| ``` -| -|  If your instance fails to start, check your [logs](/setup/troubleshooting/) to find the cause. - -[[collapse]] -| ## From the Docker image -| Find the Community Edition Docker image on [Docker Hub](https://hub.docker.com/_/sonarqube/). -| -| 1. Start the server by running: -| -| ```console -| $ docker run -d --name sonarqube -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p 9000:9000 sonarqube:latest -| ``` - -Once your instance is up and running, Log in to [http://localhost:9000](http://localhost:9000) using System Administrator credentials: -- login: admin -- password: admin - -## Analyzing a Project -Now that you're logged in to your local SonarQube instance, let's analyze a project: - -1. Click the **Create new project** button. - -1. Give your project a **Project key** and a **Display name** and click the **Set Up** button. - -1. Under **Provide a token**, select **Generate a token**. Give your token a name, click the **Generate** button, and click **Continue**. - -1. Select your project's main language under **Run analysis on your project**, and follow the instructions to analyze your project. Here you'll download and execute a Scanner on your code (if you're using Maven or Gradle, the Scanner is automatically downloaded). - -After successfully analyzing your code, you'll see your first analysis on SonarQube: - - - -Your first analysis is a measure of your current code. As a developer, you focus on maintaining high standards and taking responsibility specifically for the New Code you're working on. Code that has been added or changed from this point should be your focus moving forward. For more information about the [Clean as you code](/user-guide/clean-as-you-code/) strategy, please review the SonarQube [User Guide Concepts](https://docs.sonarqube.org/latest/user-guide/concepts/). diff --git a/server/sonar-docs/src/pages/setup/install-cluster.md b/server/sonar-docs/src/pages/setup/install-cluster.md deleted file mode 100644 index 9d32300a72e..00000000000 --- a/server/sonar-docs/src/pages/setup/install-cluster.md +++ /dev/null @@ -1,364 +0,0 @@ ---- -title: Install the Server as a Cluster -url: /setup/install-cluster/ ---- - -_Running SonarQube as a Cluster is only possible with a [Data Center Edition](https://www.sonarsource.com/plans-and-pricing/data-center/)_. - -The Data Center Edition allows SonarQube to run in a clustered configuration to make it resilient to failures. - -## Overview - -The default configuration for the Data Center Edition comprises five servers, a load balancer, and a database server: - -- Two application nodes responsible for handling web requests from users (WebServer process) and handling analysis reports (ComputeEngine process). You can add application nodes to increase computing capabilities. -- Three search nodes that host the Elasticsearch process that will store data indices. SSDs perform significantly better than HDDs for these nodes. -- A reverse proxy / load balancer to load balance traffic between the two application nodes. The installing organization must supply this hardware or software component. -- PostgreSQL, Oracle, or Microsoft SQL Server database server. This software must be supplied by the installing organization. - - -With this configuration, one application node and one search node can be lost without impacting users. Here is a diagram of the default topology: - - - -## Requirements - -### Network - -All servers, including the database server, must be located within the same region. - -All application and search nodes should have static IP addresses (reference via hostname is not supported). Network traffic should not be restricted between application and search nodes. - -### Servers - -You need a minimum of five servers (two application nodes and three search nodes) to form a SonarQube application cluster. Servers can be virtual machines; it is not necessary to use physical machines. You can also add application nodes to increase computing capabilities. - -The operating system requirements for servers are available on the [Requirements](/requirements/requirements/) page. - -All application nodes should be identical in terms of hardware and software. Similarly, all search nodes should be identical to each other. Application and search nodes, however, can differ from one another. Generally, search nodes are configured with more CPU and RAM than application nodes. - -Search nodes can be located in different availability zones, but they must be in the same region. In this case, each search node should be located in a separate availability zone to maintain availability in the event of a failure in one zone. - -#### **Example Machines** -Here are the machines we used to perform our validation with a 200M issues database. You can use this as a minimum recommendation to build your cluster. - -- App Node made of [Amazon EC2 m4.xlarge](https://aws.amazon.com/ec2/instance-types/): 4 vCPUs, 16GB RAM -- Search Node made of [Amazon EC2 m4.2xlarge](https://aws.amazon.com/ec2/instance-types/): 8 vCPUs, 32GB RAM - 16GB allocated to Elasticsearch. SSDs perform significantly better than HDDs for these nodes. - -### Database Server - -Supported database systems are available on the [Requirements](/requirements/requirements/) page. - -### Load Balancer - -SonarSource does not provide specific recommendations for reverse proxy / load balancer or solution-specific configuration. The general requirements for SonarQube Data Center Edition are: - -- Ability to balance HTTP requests (load) between the application nodes configured in the SonarQube cluster. -- If terminating HTTPS, meets the requirements set out in [Securing SonarQube Behind a Proxy](/setup/operate-server/). -- No requirement to preserve or sticky sessions; this is handled by the built-in JWT mechanism. -- Ability to check for node health for routing - -#### Example with HAProxy - -``` -frontend http-in - bind *:80 - bind *:443 ssl crt /etc/ssl/private/<server_certificate> - http-request redirect scheme https unless { ssl_fc } - default_backend sonarqube_server -backend sonarqube_server - balance roundrobin - http-request set-header X-Forwarded-Proto https - option httpchk GET /api/system/status - http-check expect rstring UP|DB_MIGRATION_NEEDED|DB_MIGRATION_RUNNING - default-server check maxconn 200 - server node1 <server_endpoint_1> - server node2 <server_endpoint_2> -``` - -### License - -You need a dedicated license to activate the Data Center Edition. If you don't have one yet, please contact the SonarSource Sales Team. - -### Support - -Don't start this journey alone! As a Data Center Edition subscriber, SonarSource will assist with the setup and configuration of your cluster. Get in touch with [SonarSource Support](https://support.sonarsource.com) for help. - -## Installing SonarQube from the ZIP file - -Additional parameters are required to activate clustering capabilities and specialize each node. These parameters are in addition to standard configuration properties used in a single-node configuration. - -The **sonar.properties** file on each node will be edited to configure the node's specialization. A list of all cluster-specific configuration parameters is available in the [Operate the Cluster](/setup/operate-cluster/) documentation. - -Prior to configuration, you will need to generate a value for the `sonar.auth.jwtBase64Hs256Secret` property for the application nodes. The value is a HS256 key encoded with base64 and will be the same for both nodes. The following is an example on how to generate this value on a Unix system: - -``` -echo -n "your_secret" | openssl dgst -sha256 -hmac "your_key" -binary | base64 -``` - -### Sample Configuration - -The following example represents a sample configuration of a SonarQube cluster. The example assumes: - -- The VMs having IP addresses ip1 and ip2 (server1, server2) are application nodes -- The VMs having IP addresses ip3, ip4, and ip5 (server3, server4 and server5) are search nodes - -The configuration to be added to sonar.properties for each node is the following: - -#### Application Nodes - -**server1** -``` -... -sonar.cluster.enabled=true -sonar.cluster.node.type=application -sonar.cluster.node.host=ip1 -sonar.cluster.node.port=9003 -sonar.cluster.hosts=ip1,ip2 -sonar.cluster.search.hosts=ip3:9001,ip4:9001,ip5:9001 -sonar.auth.jwtBase64Hs256Secret=YOURGENERATEDSECRET -... -``` - -**server2** -``` -... -sonar.cluster.enabled=true -sonar.cluster.node.type=application -sonar.cluster.node.host=ip2 -sonar.cluster.node.port=9003 -sonar.cluster.hosts=ip1,ip2 -sonar.cluster.search.hosts=ip3:9001,ip4:9001,ip5:9001 -sonar.auth.jwtBase64Hs256Secret=YOURGENERATEDSECRET -... -``` - -#### Search Nodes - -**server3** -``` -... -sonar.cluster.enabled=true -sonar.cluster.node.type=search -sonar.cluster.node.search.host=ip3 -sonar.cluster.node.search.port=9001 -sonar.cluster.node.es.host=ip3 -sonar.cluster.node.es.port=9002 -sonar.cluster.es.hosts=ip3:9002,ip4:9002,ip5:9002 -... -``` - -**server4** -``` -... -sonar.cluster.enabled=true -sonar.cluster.node.type=search -sonar.cluster.node.search.host=ip4 -sonar.cluster.node.search.port=9001 -sonar.cluster.node.es.host=ip4 -sonar.cluster.node.es.port=9002 -sonar.cluster.es.hosts=ip3:9002,ip4:9002,ip5:9002 -... -``` - -**server5** -``` -... -sonar.cluster.enabled=true -sonar.cluster.node.type=search -sonar.cluster.node.search.host=ip5 -sonar.cluster.node.search.port=9001 -sonar.cluster.node.es.host=ip5 -sonar.cluster.node.es.port=9002 -sonar.cluster.es.hosts=ip3:9002,ip4:9002,ip5:9002 -... -``` - -### Sample Installation Process - -The following is an example of the default SonarQube cluster installation process. You need to tailor your installation to the specifics of the target installation environment and the operational requirements of the hosting organization. - -**Prepare the cluster environment:** - -1. Prepare the cluster environment by setting up the network and provisioning the nodes and load balancer. -2. Follow the [Installing the Server](/setup/install-server/) documentation to configure the database server. - -**Prepare a personalized SonarQube package:** - -1. On a single application node of the cluster, download and install SonarQube Data Center Edition, following the usual [Installing the Server](/setup/install-server/) documentation. -2. Add cluster-related parameters to `$SONARQUBE_HOME/conf/sonar.properties`. -3. This is also a good opportunity to install plugins. Download and place a copy of each plugin JAR in `$SONARQUBE_HOME/extensions/plugins`. Be sure to check compatibility with your SonarQube version using the [Plugin Version Matrix](/instance-administration/plugin-version-matrix/). -4. Zip the directory `$SONARQUBE_HOME`. This archive is a customized SonarQube Data Center Edition package that can be copied to other nodes. - -**Test configuration on a single node:** - -1. On the application node where you created your Zip package, comment out all cluster-related parameters in `$SONARQUBE_HOME/conf/sonar.properties`. -2. Configure the load balancer to proxy with single application node. -3. Start server and test access through load balancer. -4. Request license from SonarSource Sales Team. -5. After applying license, you will have a full-featured SonarQube system operating on a single node. - -**Deploy SonarQube package on other nodes:** - -1. Unzip SonarQube package on the other four nodes. -2. Configure node-specific parameters on all five nodes in `$SONARQUBE_HOME/conf/sonar.properties` and ensure application node-specific and search node-specific parameters are properly set. -3. Start all search nodes. -4. After all search nodes are running, start all application nodes. -5. Configure the load balancer to proxy with both application nodes. - -## Installing SonarQube from the Docker Image - -You can also install a cluster using our docker images. The general setup is the same but is shifted to a docker specific terminology. - -## Requirements - -### Network - -All containers should be in the same network. This includes search and application nodes. -For the best performance, it is advised to check for low latency between the database and the cluster nodes. - -### Limits - -The limits of each container depend on the workload that each container has. A good starting point would be: - -* cpus: 0.5 -* mem_limit: 4096M -* mem_reservation: 1024M - -The 4Gb mem_limit should not be lower as this is the minimal value for Elasticsearch. - -### Scalability - -Application nodes can be scaled using replicas. This is not the case for the Search nodes as Elasticsearch will not become ready. See the [Configure and Operate a Cluster](/setup/operate-cluster/) for more information. - -### Volumes -You'll use the following volumes in your configuration: - -- `sonarqube_data` – In the Docker Compose configuration example in the following section, volumes are shared between replicas in the application nodes, so you don't need a `sonarqube_data` volume on your application nodes. In the search nodes, the `sonarqube_data` volume contains the Elasticsearch data and helps reduce startup time, so we recommend having a `sonarqube_data` volume on each search node. -- `sonarqube_extensions` – For application nodes, we recommend sharing a common `sonarqube_extensions` volume which contains any plugins you install and the Oracle JDBC driver if necessary. -- `sonarqube_logs` – For both application and search nodes, we recommend sharing a common `sonarqube_logs` volume which contains SonarQube logs. The volume will be populated with a new folder depending on the container's hostname and all logs of this container will be put into this folder. This behavior also happens when a custom log path is specified via the [Docker Environment Variables](/setup/environment-variables/). - -## Example Docker Compose configuration - -Click the heading below to expand the docker-compose.yml file example. - -[[info]] -| The example below will use the latest version of the SonarQube Docker image. If want to use the LTS version of SonarQube, you need to update the example with the `sonarqube:lts-datacenter-app` and `sonarqube:lts-datacenter-search` image tags. - -[[collapse]] -| ## docker-compose.yml file example -| -| ```yaml -|version: "3" -| -|services: -| sonarqube: -| image: sonarqube:datacenter-app -| depends_on: -| - db -| - search-1 -| - search-2 -| - search-3 -| networks: -| - sonar-network -| deploy: -| replicas: 2 -| environment: -| SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar -| SONAR_JDBC_USERNAME: sonar -| SONAR_JDBC_PASSWORD: sonar -| SONAR_WEB_PORT: 9000 -| SONAR_CLUSTER_SEARCH_HOSTS: "search-1,search-2,search-3" -| SONAR_CLUSTER_HOSTS: "sonarqube" -| SONAR_AUTH_JWTBASE64HS256SECRET: "dZ0EB0KxnF++nr5+4vfTCaun/eWbv6gOoXodiAMqcFo=" -| VIRTUAL_HOST: sonarqube.dev.local -| VIRTUAL_PORT: 9000 -| volumes: -| - sonarqube_extensions:/opt/sonarqube/extensions -| - sonarqube_logs:/opt/sonarqube/logs -| search-1: -| image: sonarqube:datacenter-search -| hostname: "search-1" -| depends_on: -| - db -| networks: -| - sonar-network -| environment: -| SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar -| SONAR_JDBC_USERNAME: sonar -| SONAR_JDBC_PASSWORD: sonar -| SONAR_CLUSTER_ES_HOSTS: "search-1,search-2,search-3" -| SONAR_CLUSTER_NODE_NAME: "search-1" -| volumes: -| - search-data-1:/opt/sonarqube/data -| search-2: -| image: sonarqube:datacenter-search -| hostname: "search-2" -| depends_on: -| - db -| networks: -| - sonar-network -| environment: -| SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar -| SONAR_JDBC_USERNAME: sonar -| SONAR_JDBC_PASSWORD: sonar -| SONAR_CLUSTER_ES_HOSTS: "search-1,search-2,search-3" -| SONAR_CLUSTER_NODE_NAME: "search-2" -| volumes: -| - search-data-2:/opt/sonarqube/data -| search-3: -| image: sonarqube:datacenter-search -| hostname: "search-3" -| depends_on: -| - db -| networks: -| - sonar-network -| environment: -| SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar -| SONAR_JDBC_USERNAME: sonar -| SONAR_JDBC_PASSWORD: sonar -| SONAR_CLUSTER_ES_HOSTS: "search-1,search-2,search-3" -| SONAR_CLUSTER_NODE_NAME: "search-3" -| volumes: -| - search-data-3:/opt/sonarqube/data -| db: -| image: postgres:12 -| networks: -| - sonar-network -| environment: -| POSTGRES_USER: sonar -| POSTGRES_PASSWORD: sonar -| volumes: -| - postgresql:/var/lib/postgresql -| - postgresql_data:/var/lib/postgresql/data -| proxy: -| image: jwilder/nginx-proxy -| ports: -| - "80:80" -| volumes: -| - /var/run/docker.sock:/tmp/docker.sock:ro -| networks: -| - sonar-network -| - sonar-public -| -|networks: -| sonar-network: -| ipam: -| driver: default -| config: -| - subnet: 172.28.2.0/24 -| sonar-public: -| driver: bridge -| -|volumes: -| sonarqube_extensions: -| sonarqube_logs: -| search-data-1: -| search-data-2: -| search-data-3: -| postgresql: -| postgresql_data: -| ``` - -## Next Steps -Once you've complete these steps, check out the [Operate your Cluster](/setup/operate-cluster/) documentation. diff --git a/server/sonar-docs/src/pages/setup/install-plugin.md b/server/sonar-docs/src/pages/setup/install-plugin.md deleted file mode 100644 index c5c5db5804a..00000000000 --- a/server/sonar-docs/src/pages/setup/install-plugin.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: Install a Plugin -url: /setup/install-plugin/ ---- - -There are two ways to install plugins in SonarQube: - -- **Marketplace** - With Community Edition, you can use Marketplace to automatically install plugins from the SonarQube. With commercial editions, you can browse plugins in the Marketplace, but you need to manually install and update your plugins. -- **Manual Installation** - You need to manually install plugins when using commercial editions of SonarQube. You can also manually install plugins if your SonarQube instance doesn't have internet access or the plugin you're installing isn't in the Marketplace. - -[[warning]] -| Plugins are not provided by SonarSource, and you therefore install them at your own risk. A SonarQube administrator needs to acknowledge this risk in the Marketplace before installing plugins or when prompted in SonarQube after installing a plugin manually. - -## Installing plugins from the Marketplace - -[[info]] -|You can only install and update plugins from the Marketplace in SonarQube Community Edition. With commercial editions, you need manually install and update plugins. - -If your instance has internet access and you're connected with a SonarQube user with the **Administer System** global permission, you can find the Marketplace at **Administration > Marketplace**. From here: - -- Find the plugin you want to install -- Click **Install** and wait for the download to be processed - -Once the download is complete, a **Restart** button will be available to restart your instance. Restarting will enable the new plugin. This restart will not take into account any change to sonar-properties settings. - -See [Marketplace](/instance-administration/marketplace/) for more details on how to configure your SonarQube Server to connect to the internet. - -## Manual installing plugins - -To manually install a plugin: - -1. Download the plugin you want to install. The version needs to be compatible with your SonarQube version. -2. Put the downloaded jar in `$SONARQUBE_HOME/extensions/plugins`, and remove any previous versions of the same plugins. -3. Restart your SonarQube server. - -## Uninstalling plugins - -To uninstall a plugin: -1. Delete the plugin from the `$SONARQUBE_HOME/extensions/plugins` folder. -2. Restart your SonarQube server. diff --git a/server/sonar-docs/src/pages/setup/install-server.md b/server/sonar-docs/src/pages/setup/install-server.md deleted file mode 100644 index 92381119c7a..00000000000 --- a/server/sonar-docs/src/pages/setup/install-server.md +++ /dev/null @@ -1,345 +0,0 @@ ---- -title: Install the Server -url: /setup/install-server/ ---- - -## Overview - -This section describes a single-node SonarQube instance. For details on clustered setup, see [Install the Server as a Cluster](/setup/install-cluster/). - -### Instance components - -A SonarQube instance comprises three components: - - - -1. The SonarQube server running the following processes: - - a web server that serves the SonarQube user interface. - - a search server based on Elasticsearch. - - the compute engine in charge of processing code analysis reports and saving them in the SonarQube database. - -2. The database to store the following: - - Metrics and issues for code quality and security generated during code scans. - - The SonarQube instance configuration. - -3. One or more scanners running on your build or continuous integration servers to analyze projects. - -### Hosts and locations - -For optimal performance, the SonarQube server and database should be installed on separate hosts, and the server host should be dedicated. The server and database hosts should be located in the same network. - -All hosts must be time-synchronized. - -## Installing the database - -Several [database engines](/requirements/requirements/) are supported. Be sure to follow the requirements listed for your database. They are real requirements not recommendations. - -Create an empty schema and a `sonarqube` user. Grant this `sonarqube` user permissions to `create`, `update`, and `delete` objects for this schema. - -[[collapse]] -| ## Microsoft SQL Server -| -|[[warning]] -|| Collation **MUST** be case-sensitive (CS) and accent-sensitive (AS). -|| `READ_COMMITED_SNAPSHOT` **MUST** be set on the SonarQube database. -| -|MS SQL database's shared lock strategy may impact SonarQube runtime. Making sure that `is_read_committed_snapshot_on` is set to `true` to prevent SonarQube from facing potential deadlocks under heavy loads. -| -|Example of query to check `is_read_committed_snapshot_on`: -|``` -|SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='YourSonarQubeDatabase'; -|``` -|Example of query to update `is_read_committed_snapshot_on`: -|``` -|ALTER DATABASE YourSonarQubeDatabase SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE; -|``` -|### Encryption -| -|_If your Microsoft SQL Server doesn't support encryption_, you must add `encrypt=false` to the JDBC URL connection string. -| -|_If your Microsoft SQL Server requires encryption but_ you don't want SonarQube to validate the certificate, you must add `trustServerCertificate=true` to the JDBC URL connection string. -| -|### Integrated Security -| -|To use integrated security: -| -|1. Download the [Microsoft SQL JDBC Auth 11.2.1 package](https://github.com/microsoft/mssql-jdbc/releases/download/v11.2.1/mssql-jdbc_auth.zip) and copy `mssql-jdbc_auth-11.2.1.x64.dll` to any folder in your path. -| -|2. _If you're running SonarQube as a Windows service_, make sure the Windows account under which the service is running has permission to connect your SQL server. The account should have `db_owner` database role membership. -| -| _If you're running the SonarQube server from a command prompt_, the user under which the command prompt is running should have `db_owner` database role membership. -| -|3. Ensure that `sonar.jdbc.username` or `sonar.jdbc.password` properties are commented out or SonarQube will use SQL authentication. -| -|``` -|sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true -|``` -| -|### SQL Authentication -| -|To use SQL Authentication, use the following connection string. Also ensure that `sonar.jdbc.username` and `sonar.jdbc.password` are set appropriately: -| -|``` -|sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar -|sonar.jdbc.username=sonarqube -|sonar.jdbc.password=mypassword -|``` - -[[collapse]] -| ## Oracle -| -|If there are two SonarQube schemas on the same Oracle instance, especially if they are for two different versions, SonarQube gets confused and picks the first it finds. To avoid this issue: -| -|- Either privileges associated to the SonarQube Oracle user should be decreased -|- Or a trigger should be defined on the Oracle side to automatically alter the SonarQube Oracle user session when establishing a new connection: -| `ALTER SESSION SET current_schema="MY_SONARQUBE_SCHEMA"` -| -|[[warning]] -|| Oracle JDBC driver versions 12.1.0.1 and 12.1.0.2 have major bugs, and are not recommended for use with the SonarQube ([see more details](https://groups.google.com/forum/#!msg/sonarqube/Ahqt1iarqJg/u0BVRJZnBQAJ)). - -[[collapse]] -| ## PostgreSQL -| -|If you want to use a custom schema and not the default "public" one, the PostgreSQL `search_path` property must be set: -| -|``` -|ALTER USER mySonarUser SET search_path to mySonarQubeSchema -|``` - -## Installing SonarQube from the ZIP file - -First, check the [requirements](/requirements/requirements/). Then download and unzip the [distribution](https://www.sonarqube.org/downloads/) (do not unzip into a directory starting with a digit). - -SonarQube cannot be run as `root` on Unix-based systems, so create a dedicated user account for SonarQube if necessary. - -_$SONARQUBE_HOME_ (below) refers to the path to the directory where the SonarQube distribution has been unzipped. - -### Setting the Access to the Database - -Edit _$SONARQUBE_HOME/conf/sonar.properties_ to configure the database settings. Templates are available for every supported database. Just uncomment and configure the template you need and comment out the lines dedicated to H2: - -``` -Example for PostgreSQL -sonar.jdbc.username=sonarqube -sonar.jdbc.password=mypassword -sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube -``` - -### Adding the JDBC Driver - -Drivers for the supported databases (except Oracle) are already provided. Do not replace the provided drivers; they are the only ones supported. - -For Oracle, copy the JDBC driver into _$SONARQUBE_HOME/extensions/jdbc-driver/oracle_. - -### Configuring the Elasticsearch storage path - -By default, Elasticsearch data is stored in _$SONARQUBE_HOME/data_, but this is not recommended for production instances. Instead, you should store this data elsewhere, ideally in a dedicated volume with fast I/O. Beyond maintaining acceptable performance, doing so will also ease the upgrade of SonarQube. - -Edit _$SONARQUBE_HOME/conf/sonar.properties_ to configure the following settings: - -``` -sonar.path.data=/var/sonarqube/data -sonar.path.temp=/var/sonarqube/temp -``` - -The user used to launch SonarQube must have read and write access to those directories. - -### Starting the Web Server - -The default port is "9000" and the context path is "/". These values can be changed in _$SONARQUBE_HOME/conf/sonar.properties_: - -``` -sonar.web.host=192.168.0.1 -sonar.web.port=80 -sonar.web.context=/sonarqube -``` - -Execute the following script to start the server: - -- On Linux: bin/linux-x86-64/sonar.sh start -- On macOS: bin/macosx-universal-64/sonar.sh start -- On Windows: bin/windows-x86-64/StartSonar.bat - -You can now browse SonarQube at _http://localhost:9000_ (the default System administrator credentials are `admin`/`admin`). - -### Adjusting the Java Installation - -By default, the scripts will use the Java executable available in the PATH. -If there are multiple versions of Java installed on your server, you may need to explicitly define which version of Java is used. - -It is possible to overwrite the default Java executable by setting the environmental variable SONAR_JAVA_PATH - -#### Linux / MacOS -``` -export SONAR_JAVA_PATH="path/to/java_home/bin/java" -``` - -#### Windows -``` -setx SONAR_JAVA_PATH "C:\Program Files\java_home\bin\java.exe" -``` - -### Advanced Installation Features - -- Running SonarQube as a Service on [Windows](/setup/operate-server/) or [Linux](/setup/operate-server/) -- Running SonarQube [behind a Proxy](/setup/operate-server/) -- Monitoring and adjusting [Java Process Memory](/instance-administration/monitoring/) - -## Installing SonarQube from the Docker Image - -Follow these steps for your first installation: - -1. Creating the following volumes helps prevent the loss of information when updating to a new version or upgrading to a higher edition: - - `sonarqube_data` – contains data files, such as the embedded H2 database and Elasticsearch indexes - - `sonarqube_logs` – contains SonarQube logs about access, web process, CE process, and Elasticsearch - - `sonarqube_extensions` – will contain any plugins you install and the Oracle JDBC driver if necessary. - - Create the volumes with the following commands: - ```bash - $> docker volume create --name sonarqube_data - $> docker volume create --name sonarqube_logs - $> docker volume create --name sonarqube_extensions - ``` - [[warning]] - | Make sure you're using [volumes](https://docs.docker.com/storage/volumes/) as shown with the above commands, and not [bind mounts](https://docs.docker.com/storage/bind-mounts/). Using bind mounts prevents plugins from populating correctly. - -2. Drivers for supported databases (except Oracle) are already provided. If you're using an Oracle database, you need to add the JDBC driver to the `sonar_extensions` volume. To do this: - - a. Start the SonarQube container with the embedded H2 database: - - ``` - $ docker run --rm \ - -p 9000:9000 \ - -v sonarqube_extensions:/opt/sonarqube/extensions \ - <image_name> - ``` - - b. Exit once SonarQube has started properly. - - c. Copy the Oracle JDBC driver into `sonarqube_extensions/jdbc-driver/oracle`. - -3. Run the image with your database properties defined using the -e environment variable flag: - - ```bash - $> docker run -d --name sonarqube \ - -p 9000:9000 \ - -e SONAR_JDBC_URL=... \ - -e SONAR_JDBC_USERNAME=... \ - -e SONAR_JDBC_PASSWORD=... \ - -v sonarqube_data:/opt/sonarqube/data \ - -v sonarqube_extensions:/opt/sonarqube/extensions \ - -v sonarqube_logs:/opt/sonarqube/logs \ - <image_name> - ``` - - For docker based setups, environment variables supersede all parameters that were provided with properties. See [Docker Environment Variables](/setup/environment-variables/). - - [[warning]] - | Use of the environment variables `SONARQUBE_JDBC_USERNAME`, `SONARQUBE_JDBC_PASSWORD`, and `SONARQUBE_JDBC_URL` is deprecated and will stop working in future releases. - -####**Example Docker Compose configuration** -If you're using [Docker Compose](https://docs.docker.com/compose/), use the following example as a reference when configuring your `.yml` file. Click the heading below to expand the `.yml` file. - -[[info]] -| The example below will use the latest version of the SonarQube Docker image. If want to use the LTS version of SonarQube, you need to update the example with the `sonarqube:lts-community` image tag. - -[[collapse]] -| ## Docker Compose .yml file example -| -| ``` -| version: "3" -| -| services: -| sonarqube: -| image: sonarqube:community -| depends_on: -| - db -| environment: -| SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar -| SONAR_JDBC_USERNAME: sonar -| SONAR_JDBC_PASSWORD: sonar -| volumes: -| - sonarqube_data:/opt/sonarqube/data -| - sonarqube_extensions:/opt/sonarqube/extensions -| - sonarqube_logs:/opt/sonarqube/logs -| ports: -| - "9000:9000" -| db: -| image: postgres:12 -| environment: -| POSTGRES_USER: sonar -| POSTGRES_PASSWORD: sonar -| volumes: -| - postgresql:/var/lib/postgresql -| - postgresql_data:/var/lib/postgresql/data -| -| volumes: -| sonarqube_data: -| sonarqube_extensions: -| sonarqube_logs: -| postgresql: -| postgresql_data: -| ``` - -## Next Steps - -Once your server is installed and running, you may also want to [Install Plugins](/setup/install-plugin/). Then you're ready to begin [Analyzing Source Code](/analysis/overview/). - -## Troubleshooting/FAQ - -### Failed to connect to the Marketplace via proxy - -Double check that settings for proxy are correctly set in `$SONARQUBE_HOME/conf/sonar.properties`. -Note that if your proxy username contains a backslash, then it should be escaped - for example username "domain\user" in file should look like: - -``` -http.proxyUser=domain\\user -``` - -For some proxies, the exception "java.net.ProtocolException: Server redirected too many times" might mean an incorrect username or password has been configured. - -### Exception java.lang.RuntimeException: can not run elasticsearch as root - -SonarQube starts an Elasticsearch process, and the same account that is running SonarQube itself will be used for the Elasticsearch process. Since Elasticsearch cannot be run as `root`, that means SonarQube can't be either. You must choose some other, non-`root` account with which to run SonarQube, preferably an account dedicated to the purpose. - -### Sonarqube DNS cache - -When reporting Quality Gate status to DevOps platforms, SonarQube uses a DNS cache time to live policy of 30 seconds. If necessary, you can change this setting in your JVM: - -```bash -echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security" -``` - -Please be aware that low values increases the risk of DNS spoofing attacks. - -### Self Signed Certificates of DevOps platforms - -When running in an environment where the DevOps platform or other related tooling is secured by self signed certificates, the CA needs to be added to the java truststore of SonarQube. - -On a zip installation the systems truststore can be found in `$JAVA_HOME/lib/security/cacerts`. In order to add a new certificate to the truststore you can use the following command as an example: - -```bash -keytool -importcert -file $PATH_TO_CERTIFICATE -alias $CERTIFICATE_NAME -keystore /$JAVA_HOME/lib/security/cacerts -storepass changeit -trustcacerts -noprompt -``` - -In our official Docker images you can find the systems truststore in `$JAVA_HOME/lib/security/cacerts`. In order to add new certificates here as well you can: - -* bind mount an existing truststore containing your certificates to `$JAVA_HOME/lib/security/cacerts` - -[[collapse]] -| ## Example -| -| ```bash -| docker run -d --name sonarqube -v /path/to/your/cacerts.truststore:/usr/lib/jvm/java-11-openjdk/lib/security/cacerts:ro -p 9000:9000 sonarqube -| ``` - -* import your CA certificate the same way as in the zip installation but inside the container. - -If you deploy SonarQube on Kubernetes using the official Helm Chart, you can create a new secret containing your required certificates and reference this via: - -```yaml -caCerts: - enabled: true - image: adoptopenjdk/openjdk11:alpine - secret: your-secret -``` diff --git a/server/sonar-docs/src/pages/setup/lts-to-lts-upgrade-notes.md b/server/sonar-docs/src/pages/setup/lts-to-lts-upgrade-notes.md deleted file mode 100644 index a88258c359b..00000000000 --- a/server/sonar-docs/src/pages/setup/lts-to-lts-upgrade-notes.md +++ /dev/null @@ -1,143 +0,0 @@ ---- -title: LTS to LTS Release Upgrade Notes -url: /setup/lts-to-lts-upgrade-notes/ ---- - -These Upgrade Notes are intended for users who are directly upgrading from SonarQube _v7.9 LTS_ to _v8.9 LTS_. Just upgrading a few minor versions? Refer to the regular [Upgrade Notes](/setup/upgrade-notes/). - -## Authentication -**Default Authentication and Administrator credentials (8.6)** -On a fresh install to avoid misconfiguration and related security risks, authentication is now required by default, and you need to change the default password for the administrator account. - -When upgrading, if you were still using default credentials, you'll be asked to change the password the next time you authenticate with the admin account. ([MMF-1352](https://jira.sonarsource.com/browse/MMF-1352), [MMF-2146](https://jira.sonarsource.com/browse/MMF-2146)). - -**Additional SAML checks (8.4)** -SAML authentication adds additional checks for validating SAML responses from the identity provider. This could reveal a non-standard configuration that needs to be updated. Information will appear in the logs upon a failed login attempt in the event that the configuration needs to be tweaked. - -**GitLab Authentication now available (8.0)** -GitLab OAuth2 authentication is now available in all editions. If you were using the community plugin, you need to remove it from SonarQube before upgrading. The configured variable of the plugin will be migrated, so the authentication will work without having to rewrite the configuration. Due to changes in group mapping, GitLab subgroups mapped using the community plugin will need to be renamed in SonarQube for the mapping to work. ([SONAR-12460](https://jira.sonarsource.com/browse/SONAR-12460)). - -## Analysis -**Updated built-in Quality Profiles (8.0-8.9)** -The built-in Quality Profiles for each language have been updated, meaning rules may have been added, changed, deprecated or dropped. If you are using or extending any of the “Sonar way” built-in Quality Profiles, make sure to check their Changelog to see what has changed. - -**JavaScript security analysis can take longer (8.8)** -The JavaScript security analysis in commercial editions has been overhauled for far better accuracy. This overhaul results in an expected increase in memory requirement for analysis. - -**JavaScript, TypeScript, and CSS analysis now requires Node.js 10+ (8.7, 8.8)** -In order to analyze Javascript, Typescript, and CSS code, you now need to have Node.js 10+ installed on the machine running the scan. - -**SonarScanner for MSBuild compatibility (and renaming) (8.5)** -Analyzing a C# / VB.NET solution in SonarQube 8.5 requires SonarScanner for MSBuild 4.0+. - -The SonarScanner for MSBuild has been renamed to the [SonarScanner for .NET](/analysis/scan/sonarscanner-for-msbuild/) - -**New Code Period values simplified (8.0, 8.4)** -It's now easier to set your New Code Period in the UI. With the new settings, specific analysis has replaced setting the New Code Period to a specific date or version. If you were using a specific date or version for your New Code Period, now you'll need to use a specific analysis. - -It is now also possible to set the New Code Period to be defined against an already analyzed branch, mimicking the New Code Period of what were previously short-lived branches. - -See the [Setting Your New Code Period](/project-administration/new-code-period/) for more info. ([MMF-1579](https://jira.sonarsource.com/browse/MMF-1579)). - -**Security Hotspots in the built-in Quality Gate (8.3)** -We've added a new condition to the built-in "Sonar way" Quality Gate to make sure all Security Hotspots on New Code are reviewed. The Quality Gate fails if the percentage of new Hotspots reviewed is less than 100%. ([MMF-1907](https://jira.sonarsource.com/browse/MMF-1907)). - -**Jenkins automatic branch and Pull Request detection (8.3)** -With [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) and [above](https://www.sonarsource.com/plans-and-pricing/), Scanners now automatically detect branches and Pull Requests in Jenkins Multibranch Pipelines. You no longer need to pass branch and Pull Request parameters. When upgrading from Community Edition or an old commercial edition version, the branch name in your SonarQube project needs to match the branch name in your code repository to continue writing history to the branch. Because SonarQube names the Main Branch "master" by default, you may have to rename it before running analysis again. See the [Jenkins CI Integration](/analysis/jenkins/) page for more information. ([MMF-1676](https://jira.sonarsource.com/browse/MMF-1676)). - -**Updated .NET code coverage (8.3)** -The code coverage for .NET projects now takes into account the branch/condition coverage in addition to the line coverage. The coverage of your projects may decrease to be closer to reality, and it can impact your Quality Gate. (See more details [here](https://community.sonarsource.com/t/c-vb-net-sonarqube-and-sonarcloud-support-branch-condition-coverage-data/22384)). - -**Support for `.exec` format JaCoCo Coverage Reports dropped (8.2)** -The `.exec` format for JaCoCo coverage reports is no longer supported. - -Once upgraded, you will only be able to import `.xml` style reports. You should ensure that you are now [Importing JaCoCo coverage reports in XML format](https://community.sonarsource.com/t/coverage-test-data-importing-jacoco-coverage-report-in-xml-format/12151). - -**Short-lived and Long-lived branches are now just branches (8.1, 8.4)** -The concept for branches is now simplified, with a single way to handle all of them. ([MMF-1786](https://jira.sonarsource.com/browse/MMF-1786)). -* Analysis is the same for all branches. The parameter `sonar.branch.target` is no longer used and can be removed. -* All branches behave as previous Long-lived branches: all measures are available. The New Code period is configurable and starts by default after the first analysis. The Quality Gate check applies on all conditions. -* As a consequence, branches that were previously Short-Lived branches may display incomplete measures before they are analyzed again. With the first analysis, measures on New Code and the Quality Gate status may change. -* New housekeeping settings replace the Long-lived branch pattern and allow you to choose the branches which should be kept when inactive. -* Detection of new issues in branches and PRs is simplified. The list of issues reported as new may change slightly. ([SONAR-12627](https://jira.sonarsource.com/browse/SONAR-12627)). - -## Integration -**GitHub Enterprise compatibility (8.9)** -SonarQube 8.9 only supports GitHub Enterprise 2.21+ for pull request decoration (the previous minimum version was 2.15). - -**Azure DevOps Services and Bitbucket Cloud are now supported (8.7)** -SonarQube now officially supports Azure DevOps Services and Bitbucket Cloud. If you were running analysis using Bitbucket Pipelines previously, when you upgrade, the Main branch name in your SonarQube project needs to match the branch name in your code repository to continue writing history to the branch. You may have to rename it before running analysis again. - -**Analysis summary for GitHub Pull Requests (8.3)** -* Pull Request analysis can be shown under the Conversation tab in GitHub. You can enable or disable it at **Project Settings > General Settings > Pull Request Decoration**. -* If you already have Pull Request analysis under the GitHub Checks tab, you'll need to update your GitHub App to give Pull Requests read & write access. For more information see [Pull Requests](/analysis/pull-request/). ([MMF-1892](https://jira.sonarsource.com/browse/MMF-1892)). - -**Configuration of Pull Request decoration (8.1)** -The configuration of Pull Request decoration changes. Previous settings are replaced by a new configuration in the UI. Also, decoration of Pull Requests now supports multiple instances of a same ALM provider in Enterprise Edition and above. ([MMF-1814](https://jira.sonarsource.com/browse/MMF-1814)). - -## Operations -**Plugins require risk consent (8.9)** -When upgrading, if you're using plugins, a SonarQube administrator needs to acknowledge the risk involved with plugin installation when prompted in SonarQube. ([MMF-2301](https://jira.sonarsource.com/browse/MMF-2301)). - -**Database support updated (8.9)** -SonarQube 8.9 supports the following database versions: - -* PostgreSQL versions 9.6 to 13. PostgreSQL versions <9.6 are no longer supported. -* MSSQL Server 2014, 2016, 2017, and 2019. -* Oracle XE, 12C, 18C, and 19C. Oracle 11G is no longer supported. - -**Webhooks aren't allowed to target the instance (8.9)** -To improve security, webhooks, by default, aren't allowed to point to the SonarQube server. You can change this behavior in the configuration. ([SONAR-14682](https://jira.sonarsource.com/browse/SONAR-14682)). - -**Docker Images for commercial SonarQube Editions (8.2, 8.7)** -If you wish to deploy SonarQube in a containerized environment, we recommend using the Docker Images provided by SonarSource available on [Docker Hub](https://hub.docker.com/_/sonarqube), now for all SonarQube editions. - -**Microsoft SQL Server and Integrated Authentication (8.7)** -If you are using Microsoft SQL Server with Integrated Authentication, you will need to replace the `sqljdbc_auth.dll` file on your `PATH` with `mssql-jdbc_auth-9.2.0.x64.dll` from the [Microsoft SQL JDBC Driver 9.2.0 package](https://docs.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver15#92). See [Install the Server](/setup/install-server/) for more information. - -**Elasticsearch update and change in cluster configuration (8.6)** -For non-DCE editions, the Elasticsearch upgrade doesn't change the configuration. SonarQube automatically binds to the loopback address an additional Elasticsearch port which can be configured optionally. - -When running a cluster with Data Center Edition, the configuration of search nodes has changed. The old search properties will now fail. You need to configure two new sets of properties. See [Configure and Operate a Cluster](/setup/operate-cluster/) for more information. - -We recommend only giving external access to the application nodes and to the main port. ([SONAR-12686](https://jira.sonarsource.com/browse/SONAR-12686)). - -**Upgrade simplified: Languages, Git and SVN, LDAP/GitHub/SAML support now built-in (8.0, 8.5)** -All plugins related to languages, Git/SVN support, and LDAP/GitHub/SAML authentication are now built into SonarQube itself. If you were using these plugins, you need to remove them from your extensions/plugins directory before upgrading. Read more in this community guide: [SonarQube v8.5 and Beyond: Where did all the plugins go?](https://community.sonarsource.com/t/sonarqube-v8-5-and-beyond-where-did-all-the-plugins-go/32792) ([MMF-2042](https://jira.sonarsource.com/browse/MMF-2042)) - -**Updated system settings recommendation (8.4)** -In previous versions, the recommended limits regarding threads, file descriptors, and vm.max_map_count were taken from Elasticsearch dependencies. This release can reach these limits occasionally, so we recommend increasing the following settings of your OS when upgrading: - -* `vm.max_map_` count is greater than or equal to 524288 -* `fs.file-max` is greater than or equal to 131072 -* the user running SonarQube can open at least 131072 file descriptors -* the user running SonarQube can open at least 8192 threads - -For more information, see the [Requirements](/requirements/requirements/) documentation. - -**Project, Application, and Portfolio availability when rebuilding Elasticsearch indexes (8.4)** -From now on if your upgrade requires the rebuild of Elasticsearch indexes, your projects and Applications will become available as they are reindexed. Portfolios won't be available until all projects are reindexed. ([MMF-2010](https://jira.sonarsource.com/browse/MMF-2010)) - -**Deprecated configuration (8.2)** -The old way of referencing environment variables in server configuration is deprecated and replaced with the support of default environment variables. ([SONAR-13113](https://jira.sonarsource.com/browse/SONAR-13113)). - -## User Interface -**Applications on the Projects page (8.3)** -[Applications](/user-guide/applications/) are now found on the Projects page. You can filter, favorite, and tag applications like you can with projects. ([MMF-1382](https://jira.sonarsource.com/browse/MMF-1382)). - -**Security Hotspots: dedicated space and workflow (8.2)** -* The Security Hotspots have a brand new space where developers can perform security reviews. The review process has been simplified. It's no longer necessary to transform a Security Hotspot into a Manual Vulnerability and back. A developer can now simply mark a Security Hotspot as Safe, Fixed, or leave it as-is if more time is needed. ([MMF-1868](https://jira.sonarsource.com/browse/MMF-1868)). -* Manual Vulnerabilities created from Security Hotspots are migrated to Security Hotspots with the status "To Review". A comment "Migrated from Manual Vulnerability" is added to the review history to recognize them. -* The formula to compute the Security Review Rating, which was previously only available at the portfolio level, has been updated to be more meaningful. Historical values for this indicator have been removed to avoid confusion. ([MMF-1890](https://jira.sonarsource.com/browse/MMF-1890)). -* A Security Hotspots Reviewed metric has been added and is available to Quality Gates along with the Security Review Rating. - -**New project homepage (8.2)** -The project homepage has been redesigned to focus on New Code. ([MMF-1886](https://jira.sonarsource.com/browse/MMF-1886)). Projects details are now tucked into a new "Project information" pane. The project administration menu has been renamed "Project Settings". - -## Web/Plugin API -**Deprecated web services have been dropped (8.1, 8.8)** -Web services that were deprecated in 6.x versions have been dropped. ([SONAR-13848](https://jira.sonarsource.com/browse/SONAR-13848)). - -**Changes in web services and plugin APIs (8.4)** -The format of several IDs exposed in web services changed and their use is deprecated. See [SONAR-13248](https://jira.sonarsource.com/browse/SONAR-13248), [SONAR-13249](https://jira.sonarsource.com/browse/SONAR-13249), and [SONAR-13300](https://jira.sonarsource.com/browse/SONAR-13300). -A related change is introduced in a plugin API method. See [SONAR-13420](https://jira.sonarsource.com/browse/SONAR-13420). diff --git a/server/sonar-docs/src/pages/setup/operate-cluster.md b/server/sonar-docs/src/pages/setup/operate-cluster.md deleted file mode 100644 index 7d1a6f4501d..00000000000 --- a/server/sonar-docs/src/pages/setup/operate-cluster.md +++ /dev/null @@ -1,218 +0,0 @@ ---- -title: Configure & Operate a Cluster -url: /setup/operate-cluster/ ---- - -_High availability and cluster scalability are features of the [Data Center Edition](https://redirect.sonarsource.com/editions/datacenter.html)._ - -Once the [SonarQube cluster is installed](/setup/install-cluster/), you have a high availability configuration that allows your SonarQube instance to stay up and running even if there is a crash or failure in one of the cluster's nodes. Your SonarQube cluster is also scalable, and you can add application nodes to increase your computing capabilities. - -## Start, Stop, or Upgrade the Cluster - -### Start the Cluster -To start a cluster, you need to follow these steps in order: - -1. Start the search nodes -1. Start the application nodes - -### Stop the Cluster -To stop a cluster, you need to follow these steps in order: - -1. Stop the application nodes -1. Stop the search nodes - -### Upgrade SonarQube -1. Stop the cluster. -1. Upgrade SonarQube on all nodes (application part, plugins, JDBC driver if required) following the usual upgrade procedure but without triggering the /setup phase. -1. Once all nodes have the same binaries: restart the cluster. -1. At this point, only one of the application nodes is up. Try to access `node_ip:port/setup` on each application node, and trigger the setup operation on the one that responds. - -## Start or Stop a Node -You can start or stop a single node in the same way as starting and stopping an instance using a single server. By default, it's a graceful shutdown where no new analysis report processing can start, but the tasks in progress are allowed to finish. - -## Install or Upgrade a Plugin -1. Stop the application nodes. -1. Install or upgrade the plugin on the application nodes. - * If upgrading, remove the old version. - * You don't need to install plugins on search nodes. -1. Restart the application nodes. - -## Scalability -You have the option of adding application nodes (up to 10 total application nodes) to your cluster to increase computing capabilities. - -### Scaling in a Traditional Environment - -#### **Adding an Application Node** -To add an Application Node: - -1. Configure your new application node in sonar.properties. The following is an example of the configuration to be added to sonar.properties for a sixth application node (server6, ip6) in a cluster with the default five servers: - - **server6** - ``` - ... - sonar.cluster.enabled=true - sonar.cluster.node.type=application - sonar.cluster.node.host=ip6 - sonar.cluster.node.port=9003 - sonar.cluster.hosts=ip1,ip2,ip6 - sonar.cluster.search.hosts=ip3:9001,ip4:9001,ip5:9001 - sonar.auth.jwtBase64Hs256Secret=YOURGENERATEDSECRET - ... - ``` -2. Update the configuration of the preexisting nodes to include your new node. - - While you don't need to restart the cluster after adding a node, you should ensure the configuration is up to date on all of your nodes to avoid issues when you eventually do need to restart. - -#### **Removing an Application Node** -When you remove an application node, make sure to update the configuration of the remaining nodes. Much like adding a node, while you don't need to restart the cluster after removing a node, you should ensure the configuration is up to date on all of your nodes to avoid issues when you eventually do need to restart. - -### Scaling in a Docker Environment - -#### **Adding Application Nodes** - -If you're using docker-compose, you can scale the application nodes using the following command: - -`docker-compose up -d --scale sonarqube=3` - -#### Removing Application Nodes -You can reduce the number of application nodes with the same command used to add application nodes by lowering the number. - -## Monitoring -CPU and RAM usage on each node have to be monitored separately with an APM. - -In addition, we provide a Web API _api/system/health_ you can use to validate that all of the nodes in your cluster are operational. - -* GREEN: SonarQube is fully operational -* YELLOW: SonarQube is usable, but it needs attention in order to be fully operational -* RED: SonarQube is not operational - -To call it from a monitoring system without having to give admin credentials, it is possible to setup a system passcode. You can configure this through the `sonar.web.systemPasscode` property in _$SONARQUBE_HOME/conf/sonar.properties_ if you're using a traditional environment or through the corresponding environment variable if you're using a Docker environment. - -### Cluster Status -On the System Info page at **Administration > System**, you can check whether your cluster is running safely (green) or has some nodes with problems (orange or red). - -### Maximum Pending Time for Tasks -On the global Background Tasks page at **Administration > Projects > Background Tasks**, you can see the number of **pending** tasks as well as the maximum **pending time** for the tasks in the queue. This shows the pending time of the oldest background task waiting to be processed. You can use this to evaluate if it might be worth configuring additional Compute Engine workers (Enterprise Edition) or additional nodes (Data Center Edition) to improve SonarQube performance. - -## Compute Engine Workers -If you change the number of [Compute Engine workers](/instance-administration/compute-engine-performance/) in the UI, you must restart each application node to have the change take effect. - -## Project Move -When the [Project Move](/instance-administration/project-move/) feature is used in a DC installation: - -* Projects are exported on only one of the application nodes -* The archive of the exported projects must be copied to all the applications nodes in the target server - -## Configuration details -There are three TCP networks to configure: - -- the network of application nodes that relies on Hazelcast. -- the network used for Elasticsearch internal communication between search nodes (`es` properties). -- the network between application nodes and search nodes (`search` properties). - -[Hazelcast](https://hazelcast.org/) is used to manage the communication between the cluster's application nodes. You don't need to install it yourself, it's provided out of the box. - -## Docker Environment Configuration -In a Docker environment, your properties are configured using [Environment Variables](/setup/environment-variables/). - -## Traditional Environment Configuration -The following properties may be defined in the _$SONARQUBE_HOME/conf/sonar.properties_ file of each node in a cluster. When defining a property that contains a list of hosts (`*.hosts`) the port is not required if the default port was not overridden in the configuration. - -[[warning]] -| Ports can be unintentionally exposed. We recommend only giving external access to the application nodes and to main port (`sonar.web.port`). - -### All nodes -Property | Description | Default | Required | ----|---|---|---| -`sonar.cluster.enabled`|Set to `true` in each node to activate the cluster mode|`false`|yes -`sonar.cluster.name`|The name of the cluster. **Required if multiple clusters are present on the same network.** For example this prevents mixing Production and Preproduction clusters. This will be the name stored in the Hazelcast cluster and used as the name of the Elasticsearch cluster.|`sonarqube`|no -`sonar.cluster.node.name`|The name of the node that is used on Elasticsearch and stored in Hazelcast member attribute (NODE_NAME) for sonar-application|`sonarqube-{UUID}`|no -`sonar.cluster.node.type`|Type of node: either `application` or `search`| |yes - -### Application nodes -Property | Description | Required ----|---|--- -`sonar.cluster.hosts`|Comma-delimited list of all **application** hosts in the cluster. This value must contain **only application hosts**. Each item in the list must contain the port if the default `sonar.cluster.node.port` value is not used. Item format is `sonar.cluster.node.host` or `sonar.cluster.node.host:sonar.cluster.node.port`.|yes -`sonar.cluster.node.host`|IP address of the network card that will be used by Hazelcast to communicate with the members of the cluster.|yes -`sonar.cluster.node.port`|The Hazelcast port for communication with each application member of the cluster. Default: `9003`|no -`sonar.cluster.node.web.port`|The Hazelcast port for communication with the WebServer process. Port must be accessible to all other application nodes. If not specified, a dynamic port will be chosen and all ports must be open among the nodes.|no -`sonar.cluster.node.ce.port`|The Hazelcast port for communication with the ComputeEngine process. Port must be accessible to all other application nodes. If not specified, a dynamic port will be chosen and all ports must be open among the nodes.|no -`sonar.cluster.search.hosts`|Comma-delimited list of search hosts in the cluster. The list can contain either the host or the host and port, but not both. The item format is `sonar.cluster.node.search.host` for host only or`sonar.cluster.node.search.host:sonar.cluster.node.search.port` for host and port.| yes -`sonar.auth.jwtBase64Hs256Secret`|Required for authentication with multiple web servers. It is used to keep user sessions opened when they are redirected from one web server to another by the load balancer. See _$SONARQUBE_HOME/conf/sonar.properties_) for details about how to generate this secret key.| yes - -### Search nodes -Property | Description | Default | Required ----|---|---|--- -`sonar.cluster.node.search.host`|Elasticsearch host of the current node used for HTTP communication between search and application nodes. IP must be accessible to all application nodes.|`127.0.0.1`|yes -`sonar.cluster.node.search.port`|Elasticsearch port of the current node used for HTTP communication between search and application nodes. Port must be accessible to all application nodes.|`9001`|yes -`sonar.cluster.es.hosts`|Comma-delimited list of search hosts in the cluster. The list can contain either the host or the host and port but not both. The item format is `sonar.cluster.node.es.host` for host only or`sonar.cluster.node.es.host:sonar.cluster.node.es.port` for host and port.| |yes -`sonar.cluster.node.es.host`|Elasticsearch host of the current node used by Elasticsearch internal communication to form a cluster (TCP transport).|localhost|yes -`sonar.cluster.node.es.port`|Elasticsearch port of the current node used by Elasticsearch internal communication to form a cluster (TCP transport). Port must be accessible to all other search nodes|9002| yes -`sonar.search.initialStateTimeout`|The timeout for the Elasticsearch nodes to elect a primary node. The default value will be fine in most cases, but in a situation where startup is failing because of a timeout, this may need to be adjusted. The value must be set in the format: `{integer}{timeunit}`. Valid `{timeunit}` values are: `ms` (milliseconds); `s` (seconds); `m` (minutes); `h` (hours); `d` (days); `w` (weeks)|cluster: 120s; standalone: 30s|no - -### Elasticsearch authentication - -[[info]] -| This configuration is optional. To secure access to your setup, you may want to first limit access to the nodes in your network. Elasticsearch authentication just adds another layer of security. - -[[warning]] -| When creating the PKCS#12 container, make sure it is created with an algorithm that is readable by Java 11. - -For Elasticsearch authentication, the following properties need to be configured on specific nodes: - -#### Application nodes -Property | Description | Default | Required ----|---|---|--- -`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be used on the client site. If provided, it enables authentication. If this property is set, `sonar.cluster.search.password` on the search nodes must also be set to exact same value.| |no - -#### Search nodes -Property | Description | Default | Required ----|---|---|--- -`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be set in ES. If provided, it enables authentication, and the instance will require additional properties to be set. If this property is set, `sonar.cluster.search.password` on the application nodes must also be set to exact same value.| |no -`sonar.cluster.es.ssl.keystore`|File path to a keystore in PKCS#12 format. The user running SonarQube must have READ permission to that file. Required if password provided.| |no -`sonar.cluster.es.ssl.truststore`|File path to a truststore in PKCS#12 format. The user running SonarQube must have READ permission to that file. Required if password provided.| |no -`sonar.cluster.es.ssl.keystorePassword`|Password to the keystore.| |no -`sonar.cluster.es.ssl.truststorePassword`|Password to the truststore.| | no - -When you're using the SonarSource Docker images, the truststore/keystore should be provided as volumes. -On Kubernetes, you need to create a new Secret from the truststore/keystore and provide the name to the Helm chart. - -## Secure your Network - -To further lock down the communication in between the nodes in your SonarQube Cluster, you can define the following network rules: - -Protocol | Source | Destination | Port | default ----|---|---|---|--- -TCP | Reverse Proxy | App Node | `sonar.web.port` | 9000 -TCP | App Node | Search Node | `sonar.cluster.node.search` | 9001 -TCP | Search Node | Search Node | `sonar.cluster.node.es.port` | 9002 -TCP | App Node | App Node | `sonar.cluster.node.port` | 9003 - -you can further segrement your network configuration if you specify a frontend, a backend and a search network. - -Network | Parameter | Description ----|---|--- -Frontend | `sonar.web.host` | Frontend HTTP Network -Backend | `sonar.cluster.node.host` | Backend App to App Network -Backend | `sonar.cluster.search.hosts` | Backend App to Search Network -Search | `sonar.cluster.node.search.host` | Backend Search to Search Network - -## Limitations -* Cluster downtime is required for SonarQube upgrades or plugin installations. -* All application nodes must be stopped when installing, uninstalling, or upgrading a plugin. -* Plugins are not shared, meaning if you install/uninstall/upgrade a given plugin on one application node, you need to perform the same actions on the other application node. -* There is no way to perform actions on the cluster from a central app - all operations must be done manually on each node of the cluster. - -## Frequently Asked Questions - -### Does Elasticsearch discover automatically other ES nodes? -No. Multicast is disabled. All hosts (IP+port) must be listed. - -### Can different nodes run on the same machine? -Yes, but it's best to have one machine for each node to be resilient to failures. To maintain an even higher level of availability, each of your three search nodes can be located in a separate availability zone *within the same region*. - -### Can the members of a cluster be discovered automatically? -No, all nodes must be configured in _$SONARQUBE_HOME/conf/sonar.properties_ - -### My keystore/truststore cannot be read by SonarQube -Make sure that the keystore/truststore in question was generated with an algorithm that is known to Java 11. See [JDK-8267599](https://bugs.openjdk.java.net/browse/JDK-8267599) for reference
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/setup/operate-server.md b/server/sonar-docs/src/pages/setup/operate-server.md deleted file mode 100644 index eb18f9e0a13..00000000000 --- a/server/sonar-docs/src/pages/setup/operate-server.md +++ /dev/null @@ -1,300 +0,0 @@ ---- -title: Operating the Server -url: /setup/operate-server/ ---- - -## Running SonarQube as a Service on Windows -### Install or Uninstall SonarQube as a Service - -``` -> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat install -> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat uninstall -``` - -### Start or Stop the Service - -``` -> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat start -``` -**Note:** By default, the service will use the Java executable available on the Windows PATH. This setting can be changed by setting the environmental variable SONAR_JAVA_PATH. See more in [Adjusting the Java Installation](https://docs.sonarqube.org/latest/setup/install-server/). -``` -> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat stop -``` -**Note:** `> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat stop` does a graceful shutdown where no new analysis report processing can start, but the tasks in progress are allowed to finish. The time a stop will take depends on the processing time of the tasks in progress. You'll need to kill all SonarQube processes manually to force a stop. - -### Service Status -Check if the SonarQube service is running -``` -> %SONAR_HOME%\bin\windows-x86-64\SonarService.bat status -``` - -## Running SonarQube Manually on Linux - -### Start or Stop the Instance - -``` -Start: -$SONAR_HOME/bin/linux-x86-64/sonar.sh start - -Graceful shutdown: -$SONAR_HOME/bin/linux-x86-64/sonar.sh stop - -Hard stop: -$SONAR_HOME/bin/linux-x86-64/sonar.sh force-stop -``` -**Note:** Stop does a graceful shutdown where no new analysis report processing can start, but the tasks in progress are allowed to finish. The time a stop will take depends on the processing time of the tasks in progress. Use force stop for a hard stop. - -## Running SonarQube as a Service on Linux with SystemD - -On a Unix system using SystemD, you can install SonarQube as a service. You cannot run SonarQube as `root` in 'nix systems. Ideally, you will have created a new account dedicated to the purpose of running SonarQube. -Let's suppose: - -* The user used to start the service is `sonarqube` -* The group used to start the service is `sonarqube` -* The Java Virtual Machine is installed in `/opt/java/` -* SonarQube has been unzipped into `/opt/sonarqube/` - -Then create the file `/etc/systemd/system/sonarqube.service` _based on_ the following - -``` -[Unit] -Description=SonarQube service -After=syslog.target network.target - -[Service] -Type=simple -User=sonarqube -Group=sonarqube -PermissionsStartOnly=true -ExecStart=/bin/nohup /opt/java/bin/java -Xms32m -Xmx32m -Djava.net.preferIPv4Stack=true -jar /opt/sonarqube/lib/sonar-application-8.5.jar -StandardOutput=syslog -LimitNOFILE=131072 -LimitNPROC=8192 -TimeoutStartSec=5 -Restart=always -SuccessExitStatus=143 - -[Install] -WantedBy=multi-user.target -``` -**Note** -* Because the sonar-application jar name ends with the version of SonarQube, you will need to adjust the `ExecStart` command accordingly on install and at each upgrade. -* All SonarQube directories should be owned by the `sonarqube` user. - -Once your `sonarqube.service` file is created and properly configured, run: -``` -sudo systemctl enable sonarqube.service -sudo systemctl start sonarqube.service -``` - -## Running SonarQube as a Service on Linux with initd - -The following has been tested on Ubuntu 20.04 and CentOS 6.2. - -You cannot run SonarQube as `root` in 'nix systems. Ideally, you will have created a new account dedicated to the purpose of running SonarQube. Let's suppose the user used to start the service is `sonarqube`. Then create the file `/etc/init.d/sonar` _based on_ the following: - -``` -#!/bin/sh -# -# rc file for SonarQube -# -# chkconfig: 345 96 10 -# description: SonarQube system (www.sonarsource.org) -# -### BEGIN INIT INFO -# Provides: sonar -# Required-Start: $network -# Required-Stop: $network -# Default-Start: 3 4 5 -# Default-Stop: 0 1 2 6 -# Short-Description: SonarQube system (www.sonarsource.org) -# Description: SonarQube system (www.sonarsource.org) -### END INIT INFO - -su sonarqube -c "/usr/bin/sonar $*" -``` - -Register SonarQube at boot time (RedHat, CentOS, 64 bit): - -``` -sudo ln -s $SONAR_HOME/bin/linux-x86-64/sonar.sh /usr/bin/sonar -sudo chmod 755 /etc/init.d/sonar -sudo chkconfig --add sonar -``` -Register SonarQube at boot time (Ubuntu, 64 bit): - -``` -sudo ln -s $SONAR_HOME/bin/linux-x86-64/sonar.sh /usr/bin/sonar -sudo chmod 755 /etc/init.d/sonar -sudo update-rc.d sonar defaults -``` -Once registration is done, run: -``` -sudo service sonar start -``` - -## Securing the Server Behind a Proxy - -This section helps you configure the SonarQube Server if you want to run it behind a proxy. This can be done for security concerns or to consolidate multiple disparate applications. To run the SonarQube server over HTTPS, see the HTTPS Configuration section below. - -[[warning]] -|For security reasons, we recommend only giving external access to the main port. - -### Using an Apache Proxy - -We assume that you've already installed Apache 2 with module mod\_proxy, that SonarQube is running and available on `http://private_sonar_host:sonar_port/`, and that you want to configure a Virtual Host for `www.public_sonar.com`. - -At this point, edit the HTTPd configuration file for the `www.public_sonar.com` virtual host. Include the following to expose SonarQube via `mod_proxy` at `http://www.public_sonar.com/`: - -``` -ProxyRequests Off -ProxyPreserveHost On -<VirtualHost *:80> - ServerName www.public_sonar.com - ServerAdmin admin@somecompany.com - ProxyPass / http://private_sonar_host:sonar_port/ - ProxyPassReverse / http://www.public_sonar.com/ - ErrorLog logs/somecompany/sonar/error.log - CustomLog logs/somecompany/sonar/access.log common -</VirtualHost> -``` - -Apache configuration is going to vary based on your own application's requirements and the way you intend to expose SonarQube to the outside world. If you need more details about Apache HTTPd and mod\_proxy, please see [http://httpd.apache.org](http://httpd.apache.org). - -### Using Nginx - -We assume that you've already installed Nginx, that you are using a Virtual Host for www.somecompany.com and that SonarQube is running and available on `http://sonarhost:sonarport/`. - -At this point, edit the Nginx configuration file. Include the following to expose SonarQube at http://www.somecompany.com/: - -``` -# the server directive is Nginx's virtual host directive -server { - # port to listen on. Can also be set to an IP:PORT - listen 80; - # sets the domain[s] that this vhost server requests for - server_name www.somecompany.com; - location / { - proxy_pass http://sonarhost:sonarport; - } -} -``` - -Nginx configuration will vary based on your own application's requirements and the way you intend to expose SonarQube to the outside world. If you need more details about Nginx, please see [https://www.nginx.com/resources/admin-guide/reverse-proxy/](https://www.nginx.com/resources/admin-guide/reverse-proxy/). - -Note that you may need to increase the max URL length since SonarQube requests can have URLs longer than 2048. - -### Using IIS on Windows - -Using IIS on Windows, you can create a website that acts as a reverse proxy and access your SonarQube instance over SSL. - -[[info]] -Info: The setup described here is not appropriate for SAML through IIS. - -#### Prerequisites - -Internet Information Services (IIS) enabled. In the following example, IIS is enabled on the same machine as the SonarQube instance. -The [Url Rewrite extension for IIS](https://www.iis.net/downloads/microsoft/url-rewrite) -The [Application Based Routing extension for IIS](https://www.iis.net/downloads/microsoft/application-request-routing) -[A self-signed SSL certificate, or a real one](https://learn.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis#obtain-a-certificate) - -[[info]] -To make sure the extensions are enabled, restart your IIS Manager after you install them. - -#### Creating an IIS website - -1. In the IIS Manager, select *Your machine* > **Sites** > **Add Website…**. -2. Under **Site name**, enter a name for your website. -3. Under **Content Directory** > **Physical path**, select a physical path for your website’s folder. Based on the default IIS website, we recommend creating a `%SystemDrive%\inetpub\wwwroot_sonarqube` folder and using it as physical path. -4. In **Binding**, select **Type** > **https**. -5. Under **SSL certificate**, select an SSL certificate. -6. Click **OK**. - -#### Using your IIS website as a reverse proxy - -Once you’ve created your website using the IIS Manager, you can use the URL Rewrite extension to use that website as a reverse proxy. - -1. From the IIS Manager home page, select your website and open **URL Rewrite**. -2. Click **Add Rule(s)** to create a new rule. -3. Select **Reverse Proxy** from the list of templates. -4. Enter the destination server URL. It can be http://localhost:9000 or a remote server. -5. click **OK** to create the rule. - -The URL Rewrite page now displays a reverse proxy inbound rule. - -#### Adding the X_FORWARDED_PROTO server variable - -Using the URL Rewrite module, you can create a server variable to handle the `X-Forwarded-Proto` header and pass it to SonarQube. See the HTTPS Configuration section on this page for more information on that server variable. - -From the URL Rewrite page: - -1. Click **View Server Variables**. This opens the **Allowed Server Variables** page. -2. To add a server variable, click **Add...**, enter `X_FORWARDED_PROTO` in the field and click **OK**. The server variable is now displayed on the **Allowed Server Variables** page. -3. Click **Back to Rules** to go to the URL Rewrite rules list. -4. Select the reverse proxy inbound rule for your website. Under **Inbound Rules**, click **Edit**. -5. Expand the **Server variables** section of the rule definition. -6. Add the `X_FORWARDED_PROTO` server variable and give it the value **https**. -7. Apply the changes. - -SonarQube can now be accessed over SSL. - -#### Check that the connection is enabled - -With your SonarQube instance and your IIS website running, open the IIS Manager and click the link under **Your website** > **Browse Website** > **Browse**, or enter the website’s URL in a browser. You should see the log-in or home page of your SonarQube instance. - -#### Next steps - -You can configure your SonarQube instance to only accept traffic from your reverse proxy, by adding the following line to the `sonar.properties` file: - -`sonar.web.host=127.0.0.1` - -Another option is to use the Windows Firewall to only accept traffic from localhost. - -#### Resources - -The setup described here is inspired by this [Configure SSL for SonarQube on Windows](https://jessehouwing.net/sonarqube-configure-ssl-on-windows/) blog post. - -### HTTPS Configuration - -The reverse proxy must be configured to set the value `X_FORWARDED_PROTO: https` in each HTTP request header. Without this property, redirection initiated by the SonarQube server will fall back on HTTP. - -For example, with Nginx as a reverse proxy, you can paste the following or a similar snippet into the configuration file: - - ``` -# the server directive is Nginx's virtual host directive -server { - # port to listen on. Can also be set to an IP:PORT - listen 443 ssl; - ssl_certificate ${path_to_your_certificate_file} - ssl_certificate_key ${path_to_your_certificate_key_file} - location / { - proxy_pass ${address_of_your_sonarqube_instance_behind_proxy} - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Proto https; - } -} -``` - -### Forward SonarQube custom headers -SonarQube adds custom HTTP headers. The reverse proxy should be configured to forward the following headers: - -* `SonarQube-Authentication-Token-Expiration` -This header is added to a web service response when using [tokens](/user-guide/user-token/) to authenticate. Forwarding this header is not required for the SonarQube features to work properly. - -## Secure your Network - -To further lock down the communication in between the reverse proxy and SonarQube, you can define the following network rules: - -Protocol | Source | Destination | Port | default ----|---|---|---|--- -TCP | Reverse Proxy | SonarQube | `sonar.web.port` | 9000 -TCP | SonarQube | SonarQube | `sonar.search.port` | 9001 -TCP | SonarQube | SonarQube | `sonar.es.port` | random - -you can further segrement your network configuration if you specify a frontend network and keep Elasticsearch restricted to the loopback NiC. - -Network | Parameter | Description | default ----|---|---|--- -Frontend | `sonar.web.host` | Frontend HTTP Network | 0.0.0.0 -Elasticsearch | `sonar.search.host` | Elasticsearch Network | 127.0.0.1 diff --git a/server/sonar-docs/src/pages/setup/overview.md b/server/sonar-docs/src/pages/setup/overview.md deleted file mode 100644 index 91b05962368..00000000000 --- a/server/sonar-docs/src/pages/setup/overview.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -title: Overview -url: /setup/overview/ ---- - -### Try out SonarQube -To try out the SonarQube platform, follow the [Try Out SonarQube](/setup/get-started-2-minutes/) guide. - -### Install a production instance -To install a production instance, read the [Requirements](/requirements/requirements/), and then follow the [Installation Guide](/setup/install-server/). - -### After the installation -After your server is up and running, you'll need to install one or more [SonarScanners](/analysis/overview/) on the machines where analysis will be performed. - -### Upgrade your production instance -To upgrade your production instance, read the [Upgrade Guide](/setup/upgrading/) and the relevant, version-specific upgrade notes. diff --git a/server/sonar-docs/src/pages/setup/scanner-environment.md b/server/sonar-docs/src/pages/setup/scanner-environment.md deleted file mode 100644 index 6caabaf4812..00000000000 --- a/server/sonar-docs/src/pages/setup/scanner-environment.md +++ /dev/null @@ -1,198 +0,0 @@ ---- -title: Scanner Environment -url: /analysis/scanner-environment/ ---- - -A Java runtime environment is always required to run the scanner that performs (CI-based) analysis. -This applies to all scanner variants (CLI, CI-specific, etc.) - -Additionally, in order to analyze JavaScript, TypeScript or CSS, the scanner also requires a Node.js runtime. - -The required versions for these runtimes change with successive versions of the scanner. -The current requirements and recommendations are: - -* You must use either **Java 11 or 17**. -* You should use at least **Node.js 14**, though we recommend that you use the **latest Node.js LTS**, which is currently **Node.js 16**. - -## Scanner vs project - -The requirements above refer only to the versions of Java and Node.js *used by the scanner* itself to run. -It does not restrict the versions of Java, JavaScript, TypeScript or CSS that can be analyzed by the scanner. - - -## Java configuration - -### GitHub Actions - -The SonarQube GitHub Action can be configured for different target build technologies (.NET, Gradle, Maven, etc). - - -### Maven / Gradle - -If your whole Maven or Gradle build doesn't run on Java 11 or 17, we suggest first to try to base the whole build on one of those two versions of Java. -If it's not compatible, then you can override the JAVA_HOME environment variable just before the analysis step, as shown here: - -``` -# Maven build -mvn verify ... -export JAVA_HOME=/path/to/java-11-or-17 -mvn sonar:sonar ... -``` - -``` -# Gradle build -gradle build ... -export JAVA_HOME=/path/to/java-11-or-17 -gradle sonarqube ... -``` - -### Azure DevOps - -All VM images available in Azure Pipelines for Microsoft-hosted agents already contain Java 11. -There is no further action required. -For self-hosted agents you must ensure that you are using Java 11 or 17. -You can either modify your build pipeline to ensure that it runs with Java 11 or 17 by default, or override the JAVA_HOME environment variable just before running the analysis. - - -#### Xamarin - -For the specific case of Xamarin, which only allows Java 8, you will need to specify a Java 8 path separately when invoking MSBuild (using, for example, XAMARIN_JAVA_HOME), and then leave the JAVA_HOME environment variable for the scanner only. - -``` -$env:JAVA_HOME=/path/to/java-11-or-17 -$env:XAMARIN_JAVA_HOME=/path/to/java-8 -msbuild.exe /p:JavaSdkDirectory=$env:XAMARIN_JAVA_HOME -``` - - -### Dockerfile - -Multiple base images can be used to run your build with Java 11 or 17, here are some examples: - -* `openjdk:11-jre-slim` -* `debian:buster and above` -* `gradle:jre11-slim` - -If your build is not compatible with Java 11 or 17, then you can override the `JAVA_HOME` environment variable to point to Java 11 or 17 immediately before running the analysis. - - -### Jenkins - -You can define a new JDK in **Manage Jenkins > Global Tool Configuration**, if you have the [JDK Tool Plugin](https://plugins.jenkins.io/jdk-tool/) installed. - - -#### Declarative Pipelines - -If you are using a declarative pipeline with different stages, you can add a 'tools' section to the stage in which the code scan occurs. -This will make the scanner use the JDK version that is specified. - -``` -stage('SonarQube analysis') { - tools { - jdk "jdk11" // the name you have given the JDK installation in Global Tool Configuration - } - environment { - scannerHome = tool 'SonarQube Scanner' // the name you have given the Sonar Scanner (in Global Tool Configuration) - } - steps { - withSonarQubeEnv(installationName: 'SonarQube') { - sh "${scannerHome}/bin/sonar-scanner -X" - } - } -} -``` - -If you are analyzing a Java 8 project, you probably want to continue using Java 8 to build your project. -The following example allows you to continue building in Java 8, but will use Java 11 to scan the code: - -``` -stage('Build') { - tools { - jdk "jdk8" // the name you have given the JDK installation using the JDK manager (Global Tool Configuration) - } - steps { - sh 'mvn compile' - } -} -stage('SonarQube analysis') { - tools { - jdk "jdk11" // the name you have given the JDK installation using the JDK manager (Global Tool Configuration) - } - environment { - scannerHome = tool 'SonarQube Scanner' // the name you have given the Sonar Scanner (Global Tool Configuration) - } - steps { - withSonarQubeEnv(installationName: 'SonarQube') { - sh 'mvn sonar:sonar' - } - } -} -``` - -This example is for Maven but it can be easily modified to use Gradle. - -#### Classical pipelines - -**Set Job JDK version** - -You can easily set the JDK version to be used by a job in the **General** section of your configuration. -This option is only visible if you have configured multiple JDK versions under **Manage Jenkins > Global Tool Configuration**. - -**Set 'Execute SonarQube Scanner' JDK version** - -If you are using the **Execute SonarQube Scanner** step in your configuration, you can set the JDK for this step in the configuration dialog. -By using this approach, you can use JDK 11 or 17 only for the code scanning performed by SonarQube. -All the other steps in the job will use the globally configured JDK. - -**Java 8 projects** - -Jenkins does not offer functionality to switch JDKs when using a **Freestyle project** or **Maven project** configuration. -To build your project using Java 8, you have to manually set the `JAVA_HOME` variable to Java 11 or 17 when running the analysis. - -To do this use the [Tool Environment Plugin](https://plugins.jenkins.io/toolenv/). This plugin lets expose the location of the JDK you added under **Manage Jenkins > Global Tool Configuration**. -The location of the JDK can then be used to set the `JAVA_HOME` variable in a post step command, like this: - -``` -export JAVA_HOME=$OPENJDK_11_HOME/Contents/Home -mvn $SONAR_MAVEN_GOAL -``` - -## Node.js configuration - -### GitHub Actions - -The SonarQube GitHub Action already uses Node.js 14+. If you are using the official SonarQube Action, there is nothing further to do. If you are using your own GitHub Action and invoke the SonarScanner manually within that Action, then you should ensure that you are also using at least Node.js 14. See **Other cases** below. - - -### Bitbucket Pipelines - -The `sonarqube-scan` Bitbucket Pipe uses Node.js 14+. We recommend using the latest version of the pipe declaration in your `bitbucket-pipelines.yml`. For example: - -`- pipe: sonarsource/sonarqube-scan:1.1.0` - - -### Azure Pipelines - -All VM images available in Azure Pipelines for Microsoft-hosted agents already contain Node.js 14+. There is no further action required. For self-hosted agents you must ensure that you are using Node.js 14+. - - -### GitLab CI/CD - -The recommended setup for your `.gitlab-ci.yml` specifies `sonar-scanner-cli:latest` which already uses Node.js 14+. If you are using the recommended setup there is nothing further to do. - - -### Jenkins - -You should ensure that the Node.js version used by your Jenkins jobs is at least version 14. If you want to manage multiple versions of Node.js in Jenkins, the NodeJS Jenkins plugin may be useful. - - -### Other cases - -If your build set up falls into one of the following categories, then you will need to ensure that the build environment within which the SonarScanner runs has Node.js 14+ installed: - -* Manual invocation of the SonarScanner from the command line. -* Custom local build script invoking the SonarScanner. -* Non-standard use of a CI listed above. For example, using GitHub Actions but not using the provided SonarQube GitHub Action and instead using some other custom Action. -* Use of a CI which is not listed above. - -In general, if you are running the SonarScanner command line tool as an executable, then Node.js 14+ needs to be installed on the machine where it is run. Alternatively, if you are using the SonarScanner Docker image, then you just have to ensure that you are using at least version 4.6 of the image, as it already bundles the correct version of Node.js. diff --git a/server/sonar-docs/src/pages/setup/sonar-properties.md b/server/sonar-docs/src/pages/setup/sonar-properties.md deleted file mode 100644 index e98e179aa1a..00000000000 --- a/server/sonar-docs/src/pages/setup/sonar-properties.md +++ /dev/null @@ -1,416 +0,0 @@ ---- -title: Environment Variables -url: /setup/environment-variables/ ---- - -This page provides environment variables used for configuring SonarQube with Docker. The values provided in the following environment variables are the default values. - -## Database - -[[info]] -|- The embedded H2 database is used by default. It is recommended for tests but not for production use. Supported databases are Oracle, PostgreSQL, and Microsoft SQLServer. -|- Changes to the database connection URL (sonar.jdbc.url) can affect SonarSource licensed products. - -### User Credentials - -**`SONAR_JDBC_USERNAME=`** -**`SONAR_JDBC_PASSWORD=`** -Permissions to create tables, indices, and triggers must be granted to JDBC user. The schema must be created first. - -### Embedded Database (default) - -**`SONAR_EMBEDDEDDATABASE_PORT=9092`** -H2 embedded database server listening port, defaults to 9092. - -### Oracle 12c/18c/19c - -**`SONAR_JDBC_URL=jdbc:oracle:thin:@localhost:1521/XE`** -The Oracle JDBC driver must be copied into the directory extensions/jdbc-driver/oracle/. Only the thin client is supported, and we recommend using the latest Oracle JDBC driver. See https://jira.sonarsource.com/browse/SONAR-9758 for more details. If you need to set the schema, please refer to http://jira.sonarsource.com/browse/SONAR-5000. - -### PostgreSQL 9.6 or greater - -**`SONAR_JDBC_URL=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema`** -By default the schema named "public" is used. It can be overridden with the parameter "currentSchema". - -### Microsoft SQLServer 2014/2016/2017/2019 and SQL Azure - -**`SONAR_JDBC_URL=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true`** -A database named sonar must exist and its collation must be case-sensitive (CS) and accent-sensitive (AS). Use this connection string if you want to use integrated security with Microsoft Sql Server. Do not set the `SONAR_JDBC_USERNAME` or `SONAR_JDBC_PASSWORD` property if you are using Integrated Security. - -For Integrated Security to work, you have to download the Microsoft SQL JDBC Auth 11.2.1 package [here](https://github.com/microsoft/mssql-jdbc/releases/download/v11.2.1/mssql-jdbc_auth.zip) and copy `mssql-jdbc_auth-11.2.1.x64.dll` to your path. - -**`SONAR_JDBC_URL=jdbc:sqlserver://localhost;databaseName=sonar`** -Use this connection string if you want to use SQL Auth while connecting to MS Sql Server. Set the `SONAR_JDBC_USERNAME` and `SONAR_JDBC_PASSWORD` appropriately. - -### Connection pool settings - -**`SONAR_JDBC_MAXACTIVE=60`** -The maximum number of active connections that can be allocated at the same time, or negative for no limit. The recommended value is 1.2 * max sizes of HTTP pools. For example, if HTTP ports are enabled with default sizes (50, see property `sonar.web.http.maxThreads`) then `SONAR_JDBC_MAXACTIVE` should be 1.2 * 50 = 60. - -**`SONAR_JDBC_MAXIDLE=5`** -The maximum number of connections that can remain idle in the pool, without extra ones being released, or negative for no limit. - -**`SONAR_JDBC_MINIDLE=2`** -The minimum number of connections that can remain idle in the pool, without extra ones being created, or zero to create none. - -**`SONAR_JDBC_MAXWAIT=5000`** -The maximum number of milliseconds that the pool will wait (when there are no available connections) for a connection to be returned before throwing an exception, or <= 0 to wait indefinitely. - -**`SONAR_JDBC_MINEVICTABLEIDLETIMEMILLIS=600000`** -**`SONAR_JDBC_TIMEBETWEENEVICTIONRUNSMILLIS=30000`** - -## Web Server - -**`SONAR_WEB_JAVAOPTS=`** -the web server is executed in a dedicated Java process. Use this property to customize JVM options. - -[[info]] -| The HotSpot Server VM is recommended. The property -server should be added if server mode -| is not enabled by default on your environment. See [here](http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html). -| -| Startup can be long if the entropy source is short of entropy. Adding -| -Djava.security.egd=file:/dev/./urandom is an option to resolve the problem. See [Here](https://cwiki.apache.org/confluence/display/TOMCAT/HowTo+FasterStartUp#HowToFasterStartUp-EntropySource) - -**`SONAR_WEB_JAVAADDITIONALOPTS=`** -Same as previous property, but allows to not repeat all other settings like -Xmx - -**`SONAR_WEB_HOST=0.0.0.0`** -Binding IP address. For servers with more than one IP address, this property specifies which address will be used for listening on the specified ports. By default, ports will be used on all IP addresses associated with the server. - -**`SONAR_WEB_CONTEXT=`** -Web context. When set, it must start with a forward slash (for example /sonarqube). -The default value is root context (empty value). - -**`SONAR_WEB_PORT=9000`** -TCP port for incoming HTTP connections. Default value is 9000. - -**`SONAR_WEB_HTTP_MAXTHREADS=50`** -The maximum number of connections that the server will accept and process at any given time. When this number has been reached, the server will not accept any more connections until the number of connections falls below this value. The operating system may still accept connections based on the `SONAR_WEB_CONNECTIONS_ACCEPTCOUNT` property. The default value is 50. - -**`SONAR_WEB_HTTP_MINTHREADS=5`** -The minimum number of threads always kept running. The default value is 5. - -**`SONAR_WEB_HTTP_ACCEPTCOUNT=25`** -The maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 25. - -**`SONAR_WEB_HTTP_KEEPALIVETIMEOUT=60000`** -The number of milliseconds this Connector will wait for another HTTP request before closing the connection. Use a value of -1 to indicate no (i.e. infinite) timeout. The default value is 60000 (ms). - -**`SONAR_AUTH_JWTBASE64HS256SECRET=`** -By default users are logged out and sessions closed when server is restarted. If you prefer keeping user sessions open, a secret should be defined. Value is HS256 key encoded with base64. It must be unique for each installation of SonarQube. Example of command-line: -echo -n "type_what_you_want" | openssl dgst -sha256 -hmac "key" -binary | base64 - -**`SONAR_WEB_SESSIONTIMEOUTINMINUTES=4320`** -The inactivity timeout duration of user sessions, in minutes. After the configured period of time, the user is logged out. The default value is 3 days (4320 minutes). The value cannot be less than 6 minutes or greater than 3 months (129600 minutes). Value must be strictly positive. - -**`SONAR_WEB_SYSTEMPASSCODE=`** -A passcode can be defined to access some web services from monitoring tools without having to use the credentials of a system administrator. Check the Web API documentation to know which web services are supporting this authentication mode. The passcode should be provided in HTTP requests with the header "X-Sonar-Passcode". By default feature is disabled. - -## SSO Authentication - -**`SONAR_WEB_SSO_ENABLE=false`** -Enable authentication using HTTP headers - -**`SONAR_WEB_SSO_LOGINHEADER=X-Forwarded-Login`** -Name of the header to get the user login. Only alphanumeric, '.' and '@' characters are allowed - -**`SONAR_WEB_SSO_NAMEHEADER=X-Forwarded-Name`** -Name of the header to get the user name - -**`SONAR_WEB_SSO_EMAILHEADER=X-Forwarded-Email`** -Name of the header to get the user email (optional) - -**`SONAR_WEB_SSO_GROUPSHEADER=X-Forwarded-Groups`** -Name of the header to get the list of user groups, separated by comma (optional). If the SONAR_SSO_GROUPSHEADER is set, the user will belong to those groups if groups exist in SonarQube. If none of the provided groups exists in SonarQube, the user will only belong to the default group. Note that the default group will always be set. - -**`SONAR_WEB_SSO_REFRESHINTERVALINMINUTES=5`** -Interval used to know when to refresh name, email, and groups. During this interval, if for instance the name of the user is changed in the header, it will only be updated after X minutes. - -## LDAP Configuration - -**`SONAR_SECURITY_REALM=LDAP`** -Enable the LDAP feature - -**`SONAR_AUTHENTICATOR_DOWNCASE=true`** -Set to true when connecting to a LDAP server using a case-insensitive setup. - -**`LDAP_URL=ldap://localhost:10389`** -URL of the LDAP server. Note that if you are using LDAPS, then you should install the server certificate into the Java truststore. - -**`LDAP_BINDDN=cn=sonar,ou=users,o=mycompany`** -Bind DN is the username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory (optional) - -**`LDAP_BINDPASSWORD=secret`** -Bind Password is the password of the user to connect with. Leave this blank for anonymous access to the LDAP directory (optional) - -**`LDAP_AUTHENTICATION=simple`** -Possible values: simple | CRAM-MD5 | DIGEST-MD5 | GSSAPI See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html (default: simple) - -**`LDAP_REALM=example.org`** -See : - * http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html - * http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html -(optional) - -**`LDAP_CONTEXTFACTORYCLASS=com.sun.jndi.ldap.LdapCtxFactory`** -Context factory class (optional) - -**`LDAP_STARTTLS=true`** -Enable usage of StartTLS (default : false) - -**`LDAP_FOLLOWREFERRALS=false`** -Follow or not referrals. See http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html (default: true) - -### User Mapping - -**`LDAP_USER_BASEDN=cn=users,dc=example,dc=org`** -Distinguished Name (DN) of the root node in LDAP from which to search for users (mandatory) - -**`LDAP_USER_REQUEST=(&(objectClass=user)(sAMAccountName={login}))`** -LDAP user request. (default: (&(objectClass=inetOrgPerson)(uid={login})) ) - -**`LDAP_USER_REALNAMEATTRIBUTE=name`** -Attribute in LDAP defining the user’s real name. (default: cn) - -**`LDAP_USER_EMAILATTRIBUTE=email`** -Attribute in LDAP defining the user’s email. (default: mail) - -### Group Mapping - -**`LDAP_GROUP_BASEDN=cn=groups,dc=example,dc=org`** -Distinguished Name (DN) of the root node in LDAP from which to search for groups. (optional, default: empty) - -**`LDAP_GROUP_REQUEST=(&(objectClass=group)(member={dn}))`** -LDAP group request (default: (&(objectClass=groupOfUniqueNames)(uniqueMember={dn})) ) - -**`LDAP_GROUP_IDATTRIBUTE=sAMAccountName`** -Property used to specifiy the attribute to be used for returning the list of user groups in the compatibility mode. (default: cn) - -## Compute Engine - -**`SONAR_CE_JAVAOPTS=** -The Compute Engine is responsible for processing background tasks. -Compute Engine is executed in a dedicated Java process. -Use the following property to customize JVM options. - -[[info]] -| The HotSpot Server VM is recommended. The property -server should be added if server mode -| is not enabled by default on your environment: -| http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html - -**`SONAR_CE_JAVAADDITIONALOPTS=`** -Same as previous property, but allows to not repeat all other settings like -Xmx - -## Elasticsearch - -Elasticsearch is used to facilitate fast and accurate information retrieval. -It is executed in a dedicated Java process. - -[[warning]] -| Linux users on 64-bit systems, ensure Virtual Memory on your system is correctly configured for Elasticsearch to run properly (see [here](https://www.elastic.co/guide/en/elasticsearch/reference/5.5/vm-max-map-count.html) for details). -| -| When SonarQube runs standalone, a warning such as the following may appear in logs/es.log: -| "max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]" -| -| When SonarQube runs as a cluster, however, Elasticsearch will refuse to start. - -**`SONAR_SEARCH_JAVAOPTS=`** -JVM options of Elasticsearch process - -**`SONAR_SEARCH_JAVAADDITIONALOPTS=`** -Same as previous property, but allows to not repeat all other settings like -Xmx - -**`SONAR_SEARCH_PORT=9001`** -Elasticsearch port. Default is 9001. Use 0 to get a free port. -As a security precaution, should be blocked by a firewall and not exposed to the Internet. - -**`SONAR_SEARCH_HOST=`** -Elasticsearch host. The search server will bind this address and the search client will connect to it. -Default is loopback address. -As a security precaution, should NOT be set to a publicly available address. - -## Update Center - -**`SONAR_UPDATECENTER_ACTIVATE=true`** -Update Center requires an internet connection to request https://update.sonarsource.org -It is enabled by default. - -**`HTTP_PROXYHOST=`** -**`HTTP_PROXYPORT=`** -HTTP proxy (default none) - -**`HTTPS_PROXYHOST=`** -**`HTTPS_PROXYPORT=`** -HTTPS proxy (defaults are values of HTTP_PROXYHOST and HTTP_PROXYPORT) - -**`HTTP_AUTH_NTLM_DOMAIN=`** -NT domain name if NTLM proxy is used - -**`SOCKSPROXYHOST=`** -**`SOCKSPROXYPORT=`** -SOCKS proxy (default none) - -**`HTTP_PROXYUSER=`** -**`HTTP_PROXYPASSWORD=`** -Proxy authentication (used for HTTP, HTTPS and SOCKS proxies) - -**`HTTP_NONPROXYHOSTS=`** -Proxy exceptions: list of hosts that can be accessed without going through the proxy separated by the '|' character, wildcard character '*' can be used for pattern matching used for HTTP and HTTPS (default none) (note: localhost and its literal notations (127.0.0.1, ...) are always excluded). - -## Logging - -SonarQube produces logs in four logs files located in the same directory (see property `SONAR_PATH_LOGS` below), -one per process: -* Main process (aka. App) logs in sonar.log -* Web Server (aka. Web) logs in web.log -* Compute Engine (aka. CE) logs in ce.log -* Elasticsearch (aka. ES) logs in es.log - -All four files follow the same rolling policy (see `SONAR_LOG_ROLLINGPOLICY` and `SONAR_LOG_MAXFILES`) but it applies -individually (eg. if `SONAR_LOG_MAXFILES=4`, there can be at most 4 of each files, ie. 16 files in total). - -All four files have logs in the same format: - -|1|2|3| -|----|----|-|--------------------|------------------------------|----| -2016.11.16 16:47:00 INFO ce[AVht0dNXFcyiYejytc3m][o.s.s.c.t.CeWorkerCallableImpl] Executed task | project=org.sonarqube:example-java-maven | type=REPORT | - -|4|5|6| -|--------------------|----------------------|-------------| -| id=AVht0dNXFcyiYejytc3m | submitter=admin | time=1699ms| - -**1**: timestamp. Format is YYYY.MM.DD HH:MM:SS - YYYY: year on 4 digits - MM: month on 2 digits - DD: day on 2 digits - HH: hour of day on 2 digits in 24 hours format - MM: minutes on 2 digits - SS: seconds on 2 digits - -**2**: log level. - Possible values (in order of descending criticality): ERROR, WARN, INFO, DEBUG and TRACE - -**3**: process identifier. Possible values: app (main), web (Web Server), ce (Compute Engine) and es (Elasticsearch) - -**4**: SQ thread identifier. Can be empty. In the Web Server, if present, it will be the HTTP request ID. In the Compute Engine, if present, it will be the task ID. - -**5**: logger name. Usually a class canonical name. Package names are truncated to keep the whole field to 20 characters max - -**6**: log payload. Content of this field does not follow any specific format, can vary in length and include line returns. Some logs, however, will follow the convention to provide data in payload in the format "| key=value" Especially, log of profiled pieces of code will end with "| time=XXXXms". - -**`SONAR_LOG_LEVEL=INFO`** -Global level of logs (applies to all 4 processes). Supported values are INFO (default), DEBUG and TRACE - -**`SONAR_LOG_LEVEL_APP=INFO`** -**`SONAR_LOG_LEVEL_WEB=INFO`** -**`SONAR_LOG_LEVEL_CE=INFO`** -**`SONAR_LOG_LEVEL_ES=INFO`** -Level of logs of each process can be controlled individually with their respective properties. When specified, they overwrite the level defined at global level. Supported values are INFO, DEBUG and TRACE - -**`SONAR_PATH_LOGS=logs`** -Path to log files. Can be absolute or relative to installation directory. Default is <installation home>/logs - -**`SONAR_LOG_ROLLINGPOLICY=time:yyyy-MM-dd`** -Rolling policy of log files: -* based on time if value starts with "time:", for example by day ("time:yyyy-MM-dd") or by month ("time:yyyy-MM") -* based on size if value starts with "size:", for example "size:10MB" -* disabled if value is "none". That needs logs to be managed by an external system like logrotate. - -**`SONAR_LOG_MAXFILES=7`** -Maximum number of files to keep if a rolling policy is enabled. -* maximum value is 20 on size rolling policy -* unlimited on time rolling policy. Set to zero to disable old file purging. - -**`SONAR_WEB_ACCESSLOGS_ENABLE=true`** -Access log is the list of all the HTTP requests received by server. If enabled, it is stored -in the file {`SONAR_PATH_LOGS`}/access.log. This file follows the same rolling policy as other log file -(see `SONAR_LOG_ROLLINGPOLICY` and `SONAR_LOG_MAXFILES`). - -**`SONAR_WEB_ACCESSLOGS_PATTERN=%i{X-Forwarded-For} %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"`** -Format of access log. It is ignored if `SONAR_WEB_ACCESSLOGS_ENABLE=false`. - -Possible values are: - - "common" is the Common Log Format, shortcut to: %h %l %u %user %date "%r" %s %b - - "combined" is another format widely recognized, shortcut to: %h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" - - else a custom pattern. See http://logback.qos.ch/manual/layouts.html#AccessPatternLayout. - -The login of authenticated user is not implemented with "%u" but with "%reqAttribute{LOGIN}" (since version 6.1). -The value displayed for anonymous users is "-". - -The token name used for requests will be added to the access log if the "%reqAttribute{TOKEN_NAME}" is added (since version 9.5). - -The SonarQube's HTTP request ID can be added to the pattern with "%reqAttribute{ID}" (since version 6.2). - -If SonarQube is behind a reverse proxy, then the following value allows to display the correct remote IP address: - -Default value (which was "combined" before version 6.2) is equivalent to "combined + SQ HTTP request ID": -`SONAR_WEB_ACCESSLOGS_PATTERN=%h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"` - -## DataCenter Edition - -**`SONAR_CLUSTER_NAME=sonarqube`** - -The name of the cluster. Required if multiple clusters are present on the same network. For example, this prevents mixing Production and Preproduction clusters. This will be the name stored in the Hazelcast cluster and used as the name of the Elasticsearch cluster. - -**`SONAR_CLUSTER_SEARCH_HOSTS`** - -Comma-delimited list of search hosts in the cluster. The list can contain either the host or the host and port, but not both. The item format is `ip/hostname` for host only or`ip/hostname:port` for host and port. `ip/hostname` can also be set to the service name of the search containers . - -**`SONAR_CLUSTER_SEARCH_PASSWORD`** - -Password for Elasticsearch built-in user (elastic) which will be used on the client site. If provided, it enables authentication. This property needs to be set to the same value throughout the cluster. - -### Search Nodes Only - -**`SONAR_CLUSTER_ES_HOSTS`** - -Comma-delimited list of search hosts in the cluster. The list can contain either the host or the host and port but not both. The item format is `ip/hostname` for host only or`ip/hostname:port` for host and port, while `ip/hostname` can also be set to the service name of the search containers. - -**`SONAR_CLUSTER_NODE_NAME`** - -The name of the node that is used on Elasticsearch and stored in Hazelcast member attribute (NODE_NAME) - -**`SONAR_CLUSTER_ES_SSL_KEYSTORE`** - -File path to a keystore in PKCS#12 format. Can be the same PKCS#12 container as the `SONAR_CLUSTER_ES_SSL_TRUSTSTORE`. The user running SonarQube must have READ permission to that file. Required if password provided. - -**`SONAR_CLUSTER_ES_SSL_KEYSTOREPASSWORD`** - -Password to the keystore. - -**`SONAR_CLUSTER_ES_SSL_TRUSTSTORE`** - -File path to a truststore in PKCS#12 format. Can be the same PKCS#12 container as the `SONAR_CLUSTER_ES_SSL_KEYSTORE`. The user running SonarQube must have READ permission to that file. Required if password provided. - -**`SONAR_CLUSTER_ES_SSL_TRUSTSTOREPASSWORD`** - -Password to the truststore. - -### Application Nodes Only - -**`SONAR_CLUSTER_HOSTS`** - -Comma-delimited list of all **application** hosts in the cluster. This value must contain **only application hosts**. Each item in the list must contain the port if the default `SONAR_CLUSTER_NODE_PORT` value is not used. Item format is `ip/hostname`, `ip/hostname:port`. `ip/hostname` can also be set to the service name of the application containers. - -**`SONAR_CLUSTER_NODE_PORT`** - -The Hazelcast port for communication with each application member of the cluster. Default: `9003` - -## Others - -**`SONAR_NOTIFICATIONS_DELAY=60`** -Delay in seconds between processing of notification queue. Default is 60 seconds. - -**`SONAR_PATH_DATA=data`** -**`SONAR_PATH_TEMP=temp`** -Paths to persistent data files (embedded database and search index) and temporary files. Can be absolute or relative to installation directory. Defaults are respectively <installation home>/data and <installation home>/temp - -**`SONAR_TELEMETRY_ENABLE=true`** -Telemetry - Share anonymous SonarQube statistics. By sharing anonymous SonarQube statistics, you help us understand how SonarQube is used so we can improve the product to work even better for you. We don't collect source code or IP addresses. And we don't share the data with anyone else. For more information, see [Telemetry](/instance-administration/telemetry/). - -## Development – only for developers -[[warning]] -| The following properties MUST NOT be used in production environments. - -**`SONAR_SEARCH_HTTPPORT=-1`** -Elasticsearch HTTP connector diff --git a/server/sonar-docs/src/pages/setup/sonarqube-cluster-on-kubernetes.md b/server/sonar-docs/src/pages/setup/sonarqube-cluster-on-kubernetes.md deleted file mode 100644 index ac930900953..00000000000 --- a/server/sonar-docs/src/pages/setup/sonarqube-cluster-on-kubernetes.md +++ /dev/null @@ -1,165 +0,0 @@ ---- -title: Deploy a SonarQube Cluster on Kubernetes -url: /setup/sonarqube-cluster-on-kubernetes/ ---- - -_This page applies to deploying SonarQube Data Center Edition on Kubernetes. For information on deploying Community, Developer, and Enterprise editions of SonarQube on Kubernetes, see [this](/setup/sonarqube-on-kubernetes/) documentation._ - -# Overview - -You can find the SonarQube DCE Helm chart on [GitHub](https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube-dce). - -Your feedback is welcome at [our community forum](https://community.sonarsource.com/). - -## Kubernetes Environment Recommendations - -When you want to operate SonarQube on Kubernetes, consider the following recommendations. - -### Supported Versions - -The SonarQube helm chart should only be used with the latest version of SonarQube and a supported version of Kubernetes. There is a dedicated helm chart for the LTS version of SonarQube that follows the same patch policy as the application, while also being compatible with the supported versions of Kubernetes. - -### Pod Security Policies - -The following widely-used Pod Security Policies cannot be used in combination with SonarQube: -* **[Privileged](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged)** - The SonarQube images are currently intended to start as root in order to provision the PVC and drop to lower privileges after that. -* **[ReadOnlyFileSystem](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems)** - SonarQube is doing some filesystem operations to the container filesystem in order to deploy the correct language analyzers and community plugins. -* **[MustRunAsNonRoot](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#example-policies)** - There is a init container that needs to run privileged to ensure that the [Elasticsearch requirements](/requirements/requirements/) to the specific node are fulfilled. - -## Helm chart specifics - -We try to provide a good default with the Helm chart, but there are some points to consider while working with SonarQube on Kubernetes. Please read the following sections carefully to make the correct decisions for your environment. - -### Installation - -Currently only helm3 is supported. - -To install the Helm Chart from Helm Repository, you can use the following commands: - -```bash -helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube -helm repo update -kubectl create namespace sonarqube-dce -export JWT_SECRET=$(echo -n "your_secret" | openssl dgst -sha256 -hmac "your_key" -binary | base64) -helm upgrade --install -n sonarqube-dce sonarqube-dce --set ApplicationNodes.jwtSecret=$JWT_SECRET sonarqube/sonarqube-dce -``` - -### Ingress Creation - -To make the SonarQube service accessible from outside of your cluster, you most likely need an ingress. Creating a new ingress is also covered by the Helm chart. See the following section for help with creating one. - -#### Ingress Class - -The SonarSource Helm chart has an optional dependency to the [NGINX-ingress helm chart](https://kubernetes.github.io/ingress-nginx). If you already have NGINX-ingress present in your cluster, you can use it. - -If you want to install NGINX as well, add the following to your `values.yaml`. - -```yaml -nginx: - enabled: true -``` - -We recommend using the `ingress-class` NGINX with a body size of at least 8MB. This can be achieved with the following changes to your `values.yaml`: - -```yaml -ingress: - enabled: true - # Used to create an Ingress record. - hosts: - - name: <Your Sonarqube FQDN> - # Different clouds or configurations might need /* as the default path - path: / - # For additional control over serviceName and servicePort - # serviceName: someService - # servicePort: somePort - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/proxy-body-size: "8m" -``` - -### Monitoring - -You can monitor your SonarQube cluster using SonarQube's native integration with Prometheus. Through this integration, you can ensure your cluster is running properly and know if you need to take action to prevent future issues. - -Prometheus monitors your SonarQube cluster by collecting metrics from the `/api/monitoring/metrics` endpoint. Results are returned in OpenMetrics text format. See Prometheus' documentation on [Exposition Formats](https://prometheus.io/docs/instrumenting/exposition_formats/) for more information on the OpenMetrics text format. - -Monitoring through this endpoint requires authentication. You can access the endpoint following ways: - -- **`Authorization:Bearer xxxx` header:** You can use a bearer token during database upgrade and when SonarQube is fully operational. Define the bearer token in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **`X-Sonar-Passcode: xxxxx` header:** You can use `X-Sonar-passcode` during database upgrade and when SonarQube is fully operational. Define `X-Sonar-passcode` in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **username:password and JWT token:** When SonarQube is fully operational, system admins logged in with local or delegated authentication can access the endpoint. - -#### **JMX Exporter** -You can also expose the JMX metrics to Prometheus with the help of the Prometheus JMX exporter. - -To use this option, set the following values in your `values.yaml` file: - -```yaml -prometheusExporter: - enabled: true - config: - rules: - - pattern: ".*" -``` - -This downloads the Prometheus JMX exporter agent and adds it to the startup options of SonarQube. With this default configuration, the JMX metrics will be exposed on /metrics for Prometheus to scrape. - -The config scope here defines a configuration that is understandable by the Prometheus JMX exporter. For more information, please Prometheus' documentation on the [JMX Exporter](https://github.com/prometheus/jmx_exporter). - -#### **PodMonitor** - -You can collect metrics on application nodes using PodMonitor for Prometheus. Search node monitoring is not currently supported. To monitor applications nodes, define PodMonitor as follows: - -```yaml -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: sonarqube - namespace: monitoring -spec: - namespaceSelector: - matchNames: - - sonarqube-dce - podMetricsEndpoints: - - interval: 30s - path: / - scheme: http - targetPort: monitoring-ce - - interval: 30s - path: / - scheme: http - targetPort: monitoring-web - selector: - matchLabels: - app: sonarqube-dce -``` - -### Log Format - -SonarQube prints all logs in plain-text to stdout/stderr. It can print logs as JSON-String if the variable `logging.jsonOutput` is set to `true`. This will enable log collection tools like [Loki](https://grafana.com/oss/loki/) to do post processing on the information that are provided by the application. - -#### LogQL Example - -With JSON Logging enabled, you can define a LogQL Query like this to filter only logs with the severity "ERROR" and display the Name of the Pod as well as the Message: - -``` -{namespace="sonarqube-dce", app="sonarqube-dce"}| json | severity="ERROR" | line_format "{{.nodename}} {{.message}}" -``` - -### ES Cluster Authentication - -Since SonarQube 8.9, you can enable basic security for the Search Cluster in SonarQube. To benefit from this additional layer of security on Kubernetes as well, you need to provide a PKCS#11 Container with the required certificates to our Helm chart. -The required secret can be created like this: - -```bash -kubectl create secret generic <NAME OF THE SECRET> --from-file=/PATH/TO/YOUR/PKCS12.container=elastic-stack-ca.p12 -n <NAMESPACE> -``` - -### Other Configuration Options - -This documentation only contains the most important Helm chart customizations. See the [Customize the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing) documentation and the Helm chart [README](https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube-dce) for more possibilities on customizing the Helm chart. -## Known Limitations - -### Problems with Azure Fileshare PVC - -Currently, there is a known limitation when working on AKS that resonates around the use of Azure Fileshare. We recommend using another storage class for persistency on AKS. diff --git a/server/sonar-docs/src/pages/setup/sonarqube-on-kubernetes.md b/server/sonar-docs/src/pages/setup/sonarqube-on-kubernetes.md deleted file mode 100644 index 80d66a4d458..00000000000 --- a/server/sonar-docs/src/pages/setup/sonarqube-on-kubernetes.md +++ /dev/null @@ -1,277 +0,0 @@ ---- -title: Deploy SonarQube on Kubernetes -url: /setup/sonarqube-on-kubernetes/ ---- - -_This part of the Documentation is only valid for Community, Developer, and Enterprise Editions. For information on deploying the Data Center Edition of SonarQube on Kubernetes, see [this](/setup/sonarqube-cluster-on-kubernetes/) documentation._ - -# Overview - -You can find the SonarQube Helm chart on [GitHub](https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube). - -Your feedback is welcome at [our community forum](https://community.sonarsource.com/). - -## Kubernetes Environment Recommendations - -When you want to operate SonarQube on Kubernetes, consider the following recommendations. - -### Prerequisites - -#### Supported Versions - -The SonarQube helm chart should only be used with the latest version of SonarQube and a supported version of Kubernetes. There is a dedicated helm chart for the LTS version of SonarQube that follows the same patch policy as the application, while also being compatible with the supported versions of Kubernetes. - - -### Pod Security Policies - -The following widely-used Pod Security Policies cannot be used in combination with SonarQube: -* **[Privileged](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged)** - The SonarQube images are currently intended to start as root in order to provision the PVC and drop to lower privileges after that. -* **[ReadOnlyFileSystem](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems)** - SonarQube is doing some filesystem operations to the container filesystem in order to deploy the correct language analyzers and community plugins. -* **[MustRunAsNonRoot](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#example-policies)** - There is a init container that needs to run privileged to ensure that the [Elasticsearch requirements](/requirements/requirements/) to the specific node are fulfilled. - -### Taints and Tolerations - -We recommend binding SonarQube to a specific node and reserving this node for SonarQube. It greatly increases the stability of the service. -The following sections detail creating a taint on a specific node and letting the SonarQube deployment ignore this taint using a flag in the `values.yaml` of the Helm Chart. - -#### Creating a taint - -In order to create a taint, you need to select a node that you want to reserve for SonarQube. Use the following command to get a list of all nodes attached to your Kubernetes Cluster: - -```bash -kubectl get nodes -``` - -Select a node from the output of this command, and create a custom taint using the following command: - -```bash -kubectl taint nodes <node> sonarqube=true:NoSchedule -``` - -This taint ensures that no additional pods are scheduled on this node. - -#### Ignoring this Taint for SonarQube - -To let the SonarQube deployment ignore the previously created taint, add the following section to the `values.yaml`: - -```yaml -tolerations: - - key: "sonarqube" - operator: "Equal" - value: "true" - effect: "NoSchedule" -``` -Depending on your taint's name, you may need to adjust the key accordingly. - -### Node Labels - -As described in the **Taints and Tolerations** section above, for stability, we recommend binding the SonarQube deployment to one node in your cluster. With one node now reserved for SonarQube, you need to label this node to be selected by the Kube-scheduler in the pod assignment. - -#### Label a Node - -Label the node for which you previously defined a taint with the following command: - -```bash -kubectl label node <node> sonarqube=true -``` - -#### Bind Deployment to Label - -To only let SonarQube be scheduled on nodes with this specific label, add the following section to the `values.yaml`: - -```yaml -nodeSelector: - sonarqube: "true" -``` - -By combining node selection with taints and tolerations, SonarQube can run alone on one specific node independently from the rest of your software in your Kubernetes cluster. This results in better stability and performance of SonarQube. -For more information, see the official [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - -### Affinity - -Node affinity and anti-affinity can be used in a way similar to node selectors but with more operators to choose from. However, we generally don’t recommend using this in combination with SonarQube as it can lead to recurring rescheduling of the SonarQube pod. -If you still want to use affinity and anti-affinity, see the official [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). - -## Helm chart specifics - -We try to provide a good default with the Helm chart, but there are some points to consider while working with SonarQube on Kubernetes. Please read the following sections carefully to make the correct decisions for your environment. - -### Installation - -Currently only helm3 is supported. - -To install the Helm Chart from our Helm Repository, you can use the following commands: - -```bash -helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube -helm repo update -kubectl create namespace sonarqube -helm upgrade --install -n sonarqube sonarqube sonarqube/sonarqube -``` - -### Persistency - -SonarQube comes with a bundled Elasticsearch and, as Elasticsearch is stateful, so is SonarQube. There is an option to persist the Elasticsearch indexes in a Persistent Volume, but with regular killing operations by the Kubernetes Cluster, these indexes can be corrupted. By default, persistency is disabled in the Helm chart. -Enabling persistency decreases the startup time of the SonarQube Pod significantly, but you are risking corrupting your Elasticsearch index. You can enable persistency by adding the following to the `values.yaml`: - -```yaml -persistence: - enabled: true -``` - -Leaving persistency disabled results in a longer startup time until SonarQube is fully available, but you won't lose any data as SonarQube will persist all data in the database. - -### Custom Certificate - -When you're working with your own CA or in an environment that uses self-signed certificates for your code repository platform, you can create a secret containing this certificate and add this certificate to the java truststore inside the SonarQube deployment directly during the deployment. - -To enable this behavior, add the following to your `value.yaml` file: - -```yaml -caCerts: - secret: <secret name> -``` - -#### Get Certificate via openssl - -If you already have a running installation of your code repository platform, you can extract the certificate with the following snippet using `openssl` - -```bash -echo -n | openssl s_client -connect <server url>:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem -``` - -This certificate needs to be Base64 encoded in order to be added as secret data. - -```bash -Create base64 string -cat cert.pem | base64 | tr -d "\n" -``` - -Note that you can also use `string-data` here if you don't want to encode your certificate. - -#### Create secret - -The Base64 encoded certificate can be added to the secret's data: - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: <secret name> - namespace: <sonarqube namespace> -data: - cert: <base64 string> -``` - -Then, create the secret in your Kubernetes cluster with the following command: - -```bash -kubectl apply -f secret.yaml -``` - -### Ingress Creation - -To make the SonarQube service accessible from outside of your cluster, you most likely need an ingress. Creating a new ingress is also covered by the Helm chart. See the following section for help with creating one. - -#### Ingress Class - -The SonarSource Helm chart has an optional dependency to the [NGINX-ingress helm chart](https://kubernetes.github.io/ingress-nginx). If you already have NGINX-ingress present in your cluster, you can use it. - -If you want to install NGINX as well, add the following to your `values.yaml`. - -```yaml -nginx: - enabled: true -``` - -We recommend using the `ingress-class` NGINX with a body size of at least 8MB. This can be achieved with the following changes to your `values.yaml`: - -```yaml -ingress: - enabled: true - # Used to create an Ingress record. - hosts: - - name: <Your Sonarqube FQDN> - # Different clouds or configurations might need /* as the default path - path: / - # For additional control over serviceName and servicePort - # serviceName: someService - # servicePort: somePort - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/proxy-body-size: "8m" -``` - -### Monitoring -You can monitor your SonarQube instance using SonarQube's native integration with Prometheus. Through this integration, you can ensure your instance is running properly and know if you need to take action to prevent future issues. - -Prometheus monitors your SonarQube instance by collecting metrics from the `/api/monitoring/metrics` endpoint. Results are returned in OpenMetrics text format. See Prometheus' documentation on [Exposition Formats](https://prometheus.io/docs/instrumenting/exposition_formats/) for more information on the OpenMetrics text format. - -Monitoring through this endpoint requires authentication. You can access the endpoint following ways: - -- **`Authorization:Bearer xxxx` header:** You can use a bearer token during database upgrade and when SonarQube is fully operational. Define the bearer token in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **`X-Sonar-Passcode: xxxxx` header:** You can use `X-Sonar-passcode` during database upgrade and when SonarQube is fully operational. Define `X-Sonar-passcode` in the `sonar.properties` file using the `sonar.web.systemPasscode property`. -- **username:password and JWT token:** When SonarQube is fully operational, system admins logged in with local or delegated authentication can access the endpoint. - -#### **JMX Exporter** -You can also expose the JMX metrics to Prometheus using the Prometheus JMX exporter. - -To use this option, set the following values in your `values.yaml` file: - -```yaml -prometheusExporter: - enabled: true - config: - rules: - - pattern: ".*" -``` - -This downloads the Prometheus JMX exporter agent and adds it to the startup options of SonarQube. With this default configuration, the JMX metrics will be exposed on /metrics for Prometheus to scrape. - -The config scope here defines a configuration that is understandable by the Prometheus JMX exporter. For more information, please Prometheus' documentation on the [JMX Exporter](https://github.com/prometheus/jmx_exporter). - -#### **PodMonitor** - -You can collect metrics on using PodMonitor for Prometheus by defining PodMonitor as follows: - -```yaml -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: sonarqube - namespace: monitoring -spec: - namespaceSelector: - matchNames: - - sonarqube - podMetricsEndpoints: - - interval: 30s - path: / - scheme: http - targetPort: monitoring-ce - - interval: 30s - path: / - scheme: http - targetPort: monitoring-web - selector: - matchLabels: - app: sonarqube -``` - -### Other Configuration Options - -While we only document the most pressing Helm chart customizations in this documentation, there are other possibilities for you to choose to [Customize the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). Please see the Helm chart [README](https://github.com/SonarSource/helm-chart-sonarqube/tree/master/charts/sonarqube) file for more information on these. - -## Known Limitations - -As SonarQube is intended to be run anywhere, there are some drawbacks that are currently known when operating in Kubernetes. This list is not comprehensive, but something to keep in mind and points for us to improve on. - -### Readiness and Startup delays - -When persistence is disabled, SonarQube startup takes significantly longer as the Elasticsearch indexes need to be rebuilt. As this delay depends on the amount of data in your SonarQube instance, the values for the startup/readiness and liveness probes need to be adjusted to your environment. -We also recommend taking a look at the default limits for the SonarQube deployment as the amount of CPU available to SonarQube also impacts the startup time. - -### Problems with Azure Fileshare PVC - -Currently, there is a known limitation when working on AKS that resonates around the use of Azure Fileshare. We recommend using another storage class for persistency on AKS. - diff --git a/server/sonar-docs/src/pages/setup/troubleshooting.md b/server/sonar-docs/src/pages/setup/troubleshooting.md deleted file mode 100644 index b0048ca4b51..00000000000 --- a/server/sonar-docs/src/pages/setup/troubleshooting.md +++ /dev/null @@ -1,87 +0,0 @@ ---- -title: Troubleshooting -url: /setup/troubleshooting/ ---- - -## Checking the logs - -If you're having trouble starting your server for the first time (or any subsequent time!) the first thing to do is check your server logs. You'll find them in `$SONARQUBE_HOME/logs`: - -* sonar.log - Log for the main process. Holds general information about startup and shutdown. You'll get overall status here but not details. Look to the other logs for that. -* web.log - Information about initial connection to the database, database migration and reindexing, and the processing of HTTP requests. This includes database and search engine logs related to those requests. -* ce.log - Information about background task processing and the database and search engine logs related to those tasks. -* es.log - Ops information from the search engine, such as Elasticsearch startup, health status changes, cluster-, node- and index-level operations, etc. - -## Understanding the logs - -When there's an error, you'll very often find a stacktrace in the logs. If you're not familiar stacktraces, they can be intimidatingly tall walls of incomprehensible text. As a sample, here's a fairly short one: - -``` -java.lang.IllegalStateException: Unable to blame file **/**/foo.java - at org.sonarsource.scm.git.JGitBlameCommand.blame(JGitBlameCommand.java:128) - at org.sonarsource.scm.git.JGitBlameCommand.access$000(JGitBlameCommand.java:44) - at org.sonarsource.scm.git.JGitBlameCommand$1.call(JGitBlameCommand.java:112) - at org.sonarsource.scm.git.JGitBlameCommand$1.call(JGitBlameCommand.java:109) - at java.util.concurrent.FutureTask.run(Unknown Source) - at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) - at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) - at java.lang.Thread.run(Unknown Source) -Caused by: java.lang.NullPointerException - at org.eclipse.jgit.treewalk.filter.PathFilter.create(PathFilter.java:77) - at org.eclipse.jgit.blame.BlameGenerator.<init>(BlameGenerator.java:161) - at org.eclipse.jgit.api.BlameCommand.call(BlameCommand.java:203) - at org.sonarsource.scm.git.JGitBlameCommand.blame(JGitBlameCommand.java:126) - ... 7 more -``` - -Unless you wrote the code that produced this error, you really only care about: -* the first line, which ought to have a human-readable message after the colon. In this case, it's Unable to blame file `**/**/foo.java` -* and any line that starts with `Caused by:`. There are often several `Caused by` lines, and indentation makes them easy to find as you scroll through the error. Be sure to read each of these lines. Very often one of them - the last one or next to last one - contains the real problem. - -## Recovering from Elasticsearch read-only indices - -You may encounter issues with Elasticsearch (ES) indices becoming locked in read-only mode. ES requires free disk space available and implements a safety mechanism to prevent the disk from being flooded with index data that: - -* **For non-DCE** – locks all indices in read-only mode when the 95% used disk usage watermark is reached. -* **For DCE** – locks all or some indices in read-only mode when one or more node reaches the 95% used disk usage watermark. - -ES shows warnings in the logs as soon as disk usage reaches 85% and 90%. At 95% usage and above, indices turning read-only causes errors in the web and compute engine. - -Freeing disk space will *not* automatically make the indices return to read-write. To make indices read-write, you also need to: - -* **For non-DCE** – restart SonarQube. -* **For DCE** – restart *ALL* application nodes (the first application node restarted after all have been stopped will make the indices read-write). - -SonarQube's built-in resilience mechanism allows SonarQube to eventually recover from the indices being behind data in the DB (this process can take a while). - -If you still have inconsistencies, you'll need to rebuild the indices (this operation can take a long time depending on the number of issues and components): - -**non-DCE:** - -1. Stop SonarQube -1. Delete the data/es7 directory -1. Restart SonarQube - -**DCE:** - -1. Stop the whole cluster (ES and application nodes) -1. Delete the data/es7 directory on each ES node -1. Restart the whole cluster - -**Note:** See [Configure & Operate a Cluster](/setup/operate-cluster/) for information on stopping and starting a cluster. - -## Failed tasks during reindexing - -During Elasticsearch reindexing due to disaster recovery or an upgrade, you may have a failed tasks in your branches or Pull Requests. If you only have a few failed tasks, you can reanalyze your branch or Pull Request. You may want to use web services to remove branches and Pull Requests that can't be reanalyzed because they have been removed from version control. If you have many failed tasks, you may want to delete your Elasticsearch directory and reindex again. To delete your Elasticsearch directory: - -**non-DCE:** - -1. Stop SonarQube -1. Delete the data/es7 directory -1. Restart SonarQube - -**DCE:** - -1. Stop the whole cluster (ES and application nodes) -1. Delete the data/es7 directory on each ES node -1. Restart the whole cluster diff --git a/server/sonar-docs/src/pages/setup/upgrade-notes.md b/server/sonar-docs/src/pages/setup/upgrade-notes.md deleted file mode 100644 index 8007cf5859b..00000000000 --- a/server/sonar-docs/src/pages/setup/upgrade-notes.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Release Upgrade Notes -url: /setup/upgrade-notes/ ---- - -## Release 9.8 Upgrade notes -**Analysis discards from its scope all files greater than 20 MB** -SonarQube analysis discards from its scope all files greater than 20 MB. This setting can be changed at scanner level using following property `sonar.filesize.limit`. ([SONAR-11096](https://sonarsource.atlassian.net/browse/SONAR-11096)) - -**Dropping the embedded documentation** -SonarQube no longer ships with an embedded version of the documentation. The documentation will now only be available at [docs.sonarqube.org](https://docs.sonarqube.org/). ([SONAR-17221](https://sonarsource.atlassian.net/browse/SONAR-17221)) -* All in-app links will now point to the documentation website. -* External links that pointed to `/documentation` will be correctly redirected to the corresponding page on the documentation website. - -**Update in the Database support** -* PostgreSQL versions <11 are no longer supported. -* Adding support to the latest version 15 of PostgreSQL. Supported versions are now from 11 to 15. - -[Full release notes](https://sonarsource.atlassian.net/issues/?jql=project%20%3D%2010139%20AND%20fixVersion%20%3D%2013884) - -## Release 9.7 Upgrade notes -**Change in the database connection pool** -The database connection pool has been replaced for better performance. The `sonar.jdbc.maxIdle`, `sonar.jdbc.minEvictableIdleTimeMillis` and `sonar.jdbc.timeBetweenEvictionRunsMillis` properties no longer have any effect and should be removed from the configuration. Also, the JMX information that is provided to monitor the connection pool has evolved. See the [Monitoring documentation](/instance-administration/monitoring/) for more information. ([SONAR-17200](https://sonarsource.atlassian.net/browse/SONAR-17200)). - -**JavaScript, TypeScript, and CSS analysis now requires Node.js 14.17+** -In order to analyze Javascript, Typescript, and CSS code, Node.js 14.17+ must be installed on the machine running the scan. -We recommend that you use the latest Node.js LTS, which is currently Node.js 16. - -[Full release notes](https://sonarsource.atlassian.net/issues/?jql=project%20%3D%2010139%20AND%20fixVersion%20%3D%2013800) - -## Release 9.6 Upgrade notes -**Microsoft SQL Server changes in configuration and Integrated Authentication** -* If your Microsoft SQL Server doesn't support encryption, you will need to add `encrypt=false` to the JDBC URL connection string. ([SONAR-16249](https://jira.sonarsource.com/browse/SONAR-16249)). -* If your Microsoft SQL Server requires encryption but you don't want SonarQube to validate the certificate, you will need to add `trustServerCertificate=true` to the JDBC URL connection string. -* If you are using Microsoft SQL Server with Integrated Authentication, you will need to replace the `mssql-jdbc_auth` dll file on your `PATH` with `mssql-jdbc_auth-10.2.1.x64.dll` from the [Microsoft SQL JDBC Auth 10.2.1 package](https://github.com/microsoft/mssql-jdbc/releases/tag/v10.2.1). See [Install the Server](/setup/install-server/) for more information. - -**Token expiry** -New tokens can now have an optional expiration date. Expired tokens cannot be used and must be updated. With [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) and [above](https://redirect.sonarsource.com/editions/editions.html), system administrators can set a maximum lifetime for new tokens. See [Security](/instance-administration/security/) documentation for more information. ([SONAR-16565](https://sonarsource.atlassian.net/browse/SONAR-16565), [SONAR-16566](https://sonarsource.atlassian.net/browse/SONAR-16566)). - -**Running SonarQube as a Service and Java version selection** -* To install, uninstall, start or stop SonarQube as a service on Windows, now you should use `%SONAR_HOME%\bin\windows-x86-64\SonarService.bat install`. See [Operating the Server](/setup/operate-server/) and [Upgrade Guide](/setup/upgrading/) for more information. -* If there are multiple versions of Java installed on your server, to select specific Java version to be used, set the environment variable `SONAR_JAVA_PATH`. Read more [here](/setup/install-server/). - -[Full release notes](https://sonarsource.atlassian.net/issues/?jql=project%20%3D%2010139%20AND%20fixVersion%20%3D%2012633) - -## Release 9.5 Upgrade notes -**Project analysis token** -You can now generate tokens of different types and can create a different analysis token for every specific project. The new tokens will include a prefix to help you quickly identify SonarQube tokens and their type. The usage of project analysis tokens is encouraged to limit the access this token has. See [Generating and Using Tokens](/user-guide/user-token/) documentation for more information. -([SONAR-16260](https://jira.sonarsource.com/browse/SONAR-16260)). - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=17328) - -## Release 9.4 Upgrade notes -**Password of old inactive account needs reset** -The support for SHA1 hashed password has been removed. This algorithm was replaced by a stronger hashing algorithm since version 7.2. As a result, local accounts that did not log in since 7.2 will be forced to have their password reset by a SonarQube administrator. Accounts using external authentication such as SAML, LDAP, GitHub authentication, etc., are not impacted. Information about the possibly impacted accounts will appear in the logs during the upgrade. ([SONAR-16204](https://jira.sonarsource.com/browse/SONAR-16204)). - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=17167) - -## Release 9.3 Upgrade Notes -**Portfolio overview now shows ratings on both New Code and Overall Code** -The Portfolio overview and project breakdown have been redesigned to provide a high-level view on project health according to your New Code definition as well as Overall Code. New Code ratings are shown for Reliability, Security Vulnerabilities, Security Review, and Maintainability. To see these ratings on New Code, Portfolios need to be recomputed after upgrading to 9.3. - -Along with this redesign, Portfolios and Applications no longer show users information on projects they don't have access to, and Application administration has been moved out of the Portfolio administration UI. - -**Microsoft SQL Server and Integrated Authentication** -If you are using Microsoft SQL Server with Integrated Authentication, you will need to replace the `mssql-jdbc_auth-9.2.0.x64.dll` file on your `PATH` with `mssql-jdbc_auth-9.4.1.x64.dll` from the [Microsoft SQL JDBC Driver 9.4.1 package](https://docs.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver15#94). See [Install the Server](/setup/install-server/) for more information. - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=17060) - -## Release 9.2 Upgrade Notes -**Bitbucket Cloud authentication now built-in** -Support for Bitbucket Cloud authentication is now built-in. If you were using the Bitbucket Cloud authentication plugin before, you need to remove it from SonarQube before upgrading. - -SonarQube uses the same settings as the plugin, so you do not need to update them. The Teams restriction has been replaced with the Workspaces restriction and is migrated accordingly. - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=16959) - -## Release 9.1 Upgrade Notes -**Secured settings no longer available in web services and on the scanner side** -This change especially affects the analysis of SVN projects but also, possibly, the use of some 3rd-party plugins. Secured settings required to perform the analysis now need to be passed to the scanner as parameters. - -**Custom measures feature has been dropped** -The custom measures feature, which was previously deprecated, has been removed. ([SONAR-10762](https://jira.sonarsource.com/browse/SONAR-10762)). - -**Deprecated WebAPI endpoints and parameters removed** -The WebAPI endpoints and parameters deprecated during the 7.X release cycle have been removed. For a complete list of removed endpoints and parameters see [SONAR-15313](https://jira.sonarsource.com/browse/SONAR-15313). - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=16792) - -## Release 9.0 Upgrade Notes -**Scanners require Java 11** -Java 11 is required for SonarQube scanners. Use of Java 8 is no longer supported. See the documentation on [Scanner Environment](/analysis/scanner-environment/) for more information. - -**Support for Internet Explorer 11 dropped** -Support for Internet Explorer 11 and other legacy browsers has been dropped. ([SONAR-14387](https://jira.sonarsource.com/browse/SONAR-14387)). - -**Reporting Quality Gate status on GitHub branches requires an additional permission** -When working in private GitHub repositories, you need to grant read-only access to the **Contents** permission on the GitHub application that you're using for SonarQube integration. See the [GitHub integration documentation](/analysis/github-integration/) for more information. - -**JavaScript custom rule API removed** -The JavaScript custom rule API, which was previously deprecated, has been removed. Plugins can no longer use this API to implement custom rules. See the [JavaScript documentation](/analysis/languages/javascript/) for more information. ([SONAR-14928](https://jira.sonarsource.com/browse/SONAR-14928)). - -**Deprecated Plugin Java API dropped** -Parts of the Java API for plugins that were deprecated before SonarQube 7.0 have been dropped. You should compile plugins against SonarQube 9.0 to ensure they're compatible and to check if they're using a deprecated API that has been dropped. ([SONAR-14925](https://jira.sonarsource.com/browse/SONAR-14925), [SONAR-14885](https://jira.sonarsource.com/browse/SONAR-14885)). - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=15682) - -## Release 8.9 LTS Upgrade Notes -Upgrading directly from SonarQube _v7.9 LTS to v8.9 LTS_? Refer to the [LTS to LTS Release Upgrade Notes](/setup/lts-to-lts-upgrade-notes/). - -**GitHub Enterprise compatibility** -SonarQube 8.9 only supports GitHub Enterprise 2.21+ for pull request decoration (the previous minimum version was 2.15). - -**Plugins require risk consent** -When upgrading, if you're using plugins, a SonarQube administrator needs to acknowledge the risk involved with plugin installation when prompted in SonarQube. - -**Database support updated** -SonarQube 8.9 supports the following database versions: - -* PostgreSQL versions 9.6 to 13. PostgreSQL versions <9.6 are no longer supported. -* MSSQL Server 2014, 2016, 2017, and 2019. -* Oracle XE, 12C, 18C, and 19C. Oracle 11G is no longer supported. - -**Webhooks aren't allowed to target the instance** -To improve security, webhooks, by default, aren't allowed to point to the SonarQube server. You can change this behavior in the configuration. ([SONAR-14682](https://jira.sonarsource.com/browse/SONAR-14682)). - -[Full release notes](https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=16710) diff --git a/server/sonar-docs/src/pages/setup/upgrading.md b/server/sonar-docs/src/pages/setup/upgrading.md deleted file mode 100644 index f084e689c91..00000000000 --- a/server/sonar-docs/src/pages/setup/upgrading.md +++ /dev/null @@ -1,151 +0,0 @@ ---- -title: Upgrade Guide -url: /setup/upgrading/ ---- -This is a generic guide for upgrading across versions of SonarQube. Carefully read the [Release Upgrade Notes](/setup/upgrade-notes/) of your target version and of any intermediate version(s). - -Before upgrading, we recommend practicing your upgrade on a staging environment that's as similar to your production environment as possible. For more on this and other important upgrading concepts, read through the [Before You Upgrade](/setup/before-you-upgrade/) page. - -[[warning]] -| Before upgrading, back up your SonarQube database. Upgrade problems are rare, but you'll want the backup if anything does happen. - -## Database disk usage recommendations -During your upgrade, tables may be duplicated to speed up the migration process. This could cause your database disk usage to temporarily increase to as much as double the normal usage. Because of this, we recommend that your database disk usage is below 50% before starting a migration. - -## Upgrading Instructions -You can upgrade your SonarQube instance using the ZIP file, Docker image, or Helm Chart. To expand the upgrading instructions, click the option below that corresponds to your set up. - -[[info]] -|If your upgrade requires the rebuild of Elasticsearch indexes, your projects and applications will become available as they are reindexed. Portfolios won't be available until all projects are indexed. - -[[collapse]] -| ## Upgrading from the ZIP file -| -| 1. Download and unzip the SonarQube distribution of your edition in a fresh directory, let's say `$NEW_SONAR_HOME` -| 2. If you're using third-party plugins, Manually install plugins that are compatible with your version of SonarQube. Use the [Plugin Version Matrix](/instance-administration/plugin-version-matrix/) to ensure that the versions you install are compatible with your server version. Simply copying plugins from the old server to the new is not recommended; incompatible or duplicate plugins could cause startup errors. Analysis of all languages provided by your edition is available by default without plugins. -| 3. Update the contents of `sonar.properties` file (in `$NEW_SONAR_HOME/conf`) with the settings in the `$OLD_SONAR_HOME/conf` directory (web server URL, database, ldap settings, etc.). Do not copy-paste the old files. -| If you are using the Oracle DB, copy its JDBC driver into `$NEW_SONAR_HOME/extensions/jdbc-driver/oracle` -| 4. Stop your old SonarQube Server -| 5. Start your new SonarQube Server -| 6. Browse to `http://yourSonarQubeServerURL/setup` and follow the setup instructions -| 7. Reanalyze your projects to get fresh data - -[[collapse]] -| ## Upgrading from the Docker image -| -| [[info]] -| | If you're upgrading with an Oracle database or you're using plugins, you can reuse your extensions volume from the previous version to avoid moving plugins or drivers. Use the [Plugin Version Matrix](/instance-administration/plugin-version-matrix/) to ensure that your plugins are compatible with your version. Analysis of all languages provided by your edition is available by default without plugins. -| -| To upgrade SonarQube using the Docker image: -| -| 1. Stop and remove the existing SonarQube container (a restart from the UI is not enough as the environment variables are only evaluated during the first run, not during a restart): -| -| ```console -| $ docker stop <container_id> -| $ docker rm <container_id> -| ``` -| -| 2. Run docker: -| -| ```bash -| $> docker run -d --name sonarqube \ -| -p 9000:9000 \ -| -e SONAR_JDBC_URL=... \ -| -e SONAR_JDBC_USERNAME=... \ -| -e SONAR_JDBC_PASSWORD=... \ -| -v sonarqube_data:/opt/sonarqube/data \ -| -v sonarqube_extensions:/opt/sonarqube/extensions \ -| -v sonarqube_logs:/opt/sonarqube/logs \ -| <image_name> -| ``` -| -| 3. Go to `http://yourSonarQubeServerURL/setup` and follow the setup instructions. -| -| 4. Reanalyze your projects to get fresh data. -| -| ### **From 8.9.x LTS to another 8.9.x LTS** -| -| No specific Docker operations are needed, just use the new tag. - -[[collapse]] -| ## Upgrading from the Helm Chart -| -| [[info]] -| | If you're upgrading with an Oracle database or you're using plugins, you can reuse your extensions PVC from the previous version to avoid moving plugins or drivers. Use the [Plugin Version Matrix](/instance-administration/plugin-version-matrix/) to ensure that your plugins are compatible with your version. Analysis of all languages provided by your edition is available by default without plugins. -| -| To upgrade SonarQube using our official Helm Chart: -| -| 1. Change the SonarQube version on your `values.yaml`. -| -| 2. Redeploy SonarQube with the same helm chart: -| -| ```bash -| helm upgrade --install -f values.yaml -n <your namespace> <your release name> <path to sonarqube helm chart> -| ``` -| -| 3. Go to `http://yourSonarQubeServerURL/setup` and follow the setup instructions. -| -| 4. Reanalyze your projects to get fresh data. - -## Reverting to the previous version - -If you need to revert to the previous version of SonarQube, the high-level rollback procedure for all deployments is as follows: - -1. Shutdown your SonarQube instance or cluster. - -2. Roll back your database to the backup you took before starting the upgrade. - -3. Switch back to the previous version of your SonarQube installation. - -4. Start your SonarQube instance or cluster. - -## Changing your edition -You can move to a different SonarQube edition (for example, moving from Community Edition to a commercial edition) while you're upgrading your version. Just use the appropriate edition file or Docker image tag in the upgrade instructions above. - -If you want to move to a different edition without upgrading your SonarQube version, the steps are exactly the same as in the upgrading instructions above without needing to navigate to `http://yourSonarQubeServerURL/setup` or reanalyze your projects. - -## Migrating from a ZIP file instance to a Docker instance -To migrate from the ZIP file to Docker: -1. Configure your Docker instance to point to your existing database. -2. Shut down your ZIP instance. -3. Start your Docker instance. - -## Additional steps and information - -### Oracle clean-up - -Starting with version 6.6, there's an additional step you may want to perform if you're using Oracle. On Oracle, the database columns to be dropped are now marked as UNUSED and are not physically dropped anymore. To reclaim disk space, Oracle administrators must drop these unused columns manually. The SQL request is `ALTER TABLE foo DROP UNUSED COLUMNS`. The relevant tables are listed in the system table `all_unused_col_tabs`. - -### Additional database maintenance - -Once you've finished a technical upgrade, you should refresh your database's statistics and rebuild your database's indices before starting SonarQube and reanalyzing your projects. - -For PostgreSQL, that means executing `VACUUM FULL`. According to the PostgreSQL documentation: - -``` -In normal PostgreSQL operation, tuples that are deleted or obsoleted by an update are not physically removed from their table; they remain present until a VACUUM is done. -``` - -### Scanner update - -When upgrading SonarQube, you should also make sure you’re using the latest versions of the SonarQube scanners to take advantage of features and fixes on the scanner side. Please check the documentation pages of the scanners you use for the most recent version compatible with SonarQube and your build tools. - -See also this section for [what might change after a software update](/user-guide/rules/#header-9). - -### SonarQube as a Linux or Windows service - -If you use an external configuration, such as a script or Windows Service to control your server, you'll need to update it to point to `$NEW_SONAR_HOME`. -- For Linux it depends how you implemented the service -- For Windows you can update your service by running: -``` -> sc delete SonarQube -> $NEW_SONAR_HOME\bin\windows-x86-64\SonarService.bat install -``` - -### Rebuilding indexes - -If your upgrade requires the rebuild of Elasticsearch indexes, your projects and Applications will become available as they are reindexed. Portfolios won't be available until all projects are indexed. - -## Release upgrade notes - -Usually SonarQube releases come with some specific recommendations for upgrading from the previous version. You should read the upgrade notes for each version between your current version and the target version. diff --git a/server/sonar-docs/src/pages/user-guide/activity-history.md b/server/sonar-docs/src/pages/user-guide/activity-history.md deleted file mode 100644 index 6b3e1b918e5..00000000000 --- a/server/sonar-docs/src/pages/user-guide/activity-history.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -title: Activity and History -url: /user-guide/activity-history/ ---- - -The Project Activity page offers a comprehensive list of the analyses on file for a project (subject to [Housekeeping](/instance-administration/housekeeping/)), and the ability to see the evolution of project measures over time. - -Graphs on the activity page help you understand the evolution of up to three measures of your choice against each other. Graph mouseovers show the measure values and events associated with particular analyses. - -## Events -There are four types of events: - -* Quality Gate - the status of the [quality gate](/user-guide/quality-gates/) changed. -* Profile - the [Quality Profile](/instance-administration/quality-profiles/) used to analyze the project changed - either the profile was edited, or a different profile was used to analyze the project. -* Version - the project's version changed. -* Other - an event was manually created on a snapshot. See [Managing History](/project-administration/managing-project-history/) - -Events are shown on the [project front page](/user-guide/project-page/) and in the project Activity page. diff --git a/server/sonar-docs/src/pages/user-guide/applications.md b/server/sonar-docs/src/pages/user-guide/applications.md deleted file mode 100644 index 64fa70f5702..00000000000 --- a/server/sonar-docs/src/pages/user-guide/applications.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Applications -url: /user-guide/applications/ ---- - -*Applications are available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html).* - -## Using Applications - -An Application aggregates projects into a synthetic project. Assume you have a set of projects which has been split for technical reasons, but which shares a life cycle; they interact directly in production and are always released together. With an Application, they can be treated as a single entity in {instance} with a unified Project Homepage, Issues list, Measures space, and most importantly: Quality Gate. - -### Applications vs. Portfolios - -Applications and Portfolios are both aggregations of projects, but they have different goals and therefore different presentations. A Portfolio is designed to be a very high-level, executive overview that shows how a package of projects that may only be tangentially related are doing quality-wise, and what the trends are. Applications allow you to see your set of projects as a larger, overall meta-project. For instance, because all the projects in an application ship together, if one of them isn't releasable then none of them are, and an Application's consolidated Quality Gate gives you an immediate summary of what must be fixed across all projects in order to allow you to release the set. - -## Application Setup - -You can create an Application by clicking the **Create Application** button in the upper-right corner of the **Projects** homepage. - -Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), you can also create and edit applications in the global Portfolio administration interface at **Administration > Configuration > Portfolios**. - -For more information on setting up Applications, see [Managing Applications](/project-administration/managing-applications/). - -### Populating Application Data - -An Application is automatically re-calculated after each analysis of one of its projects. If you want immediate (re)calculation, a user with administration rights on the Application can use the **Recompute** button in the Application-level **Application Settings > Edit Definition** interface. - -Starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html), the global Portfolio administration interface: **Administration > Configuration > Portfolios** offers the ability to queue re-computation of all Applications and Portfolios at once. - -## Applications and Branch Analysis - -Branches are available for Applications. They allow you to aggregate branches from the projects in an Application. - -**Note:** Avoid adding branches to your application that will be deleted to prevent issues with your Application status. - -Once an Application has been set up, anyone with administration rights on the Application can manually create a new branch in the **Application Settings > Edit Definition** interface. In Enterprise Edition and above, you can also manage branches from the global **Administration > Configuration > Portfolios** interface. For each Application branch you can choose which project branch should be included, or whether the project should be represented in the branch at all.
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/user-guide/built-in-rule-tags.md b/server/sonar-docs/src/pages/user-guide/built-in-rule-tags.md deleted file mode 100644 index 15c41205691..00000000000 --- a/server/sonar-docs/src/pages/user-guide/built-in-rule-tags.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -title: Built-in Rule Tags -url: /user-guide/built-in-rule-tags/ ---- -Tags are a way to categorize rules and issues. Issues inherit the tags on the rules that raised them. Some tags are language-specific, but many more appear across languages. Users can add tags to rules and issues, but most rules have some tags out of the box. Here is a non-comprehensive list of what some of those built-in tags mean: - -*NOTE : Links below to [rules.sonarsource.com](https://rules.sonarsource.com) will be initially filtered for Java language rules* - -* [brain-overload](https://rules.sonarsource.com/java/tag/brain-overload) - there is too much to keep in your head at one time -* [bad-practice](https://rules.sonarsource.com/java/tag/bad-practice) - the code likely works as designed, but the way it was designed is widely recognized as being a bad idea. -* [cert](https://rules.sonarsource.com/java/tag/cert) - relates to a rule in a [CERT](https://www.securecoding.cert.org/confluence/x/BgE) standard. There are currently three CERT standards: [C](https://www.securecoding.cert.org/confluence/x/HQE), [C++](https://www.securecoding.cert.org/confluence/x/fQI), and [Java](https://www.securecoding.cert.org/confluence/x/Ux). Many of these rules are not language-specific, but are good programming practices. That's why you'll see this tag on non-C/C++, Java rules. -* [clumsy](https://rules.sonarsource.com/java/tag/clumsy) - extra steps are used to accomplish something that could be done more clearly and concisely. (E.G. calling .toString() on a String). -* [confusing](https://rules.sonarsource.com/java/tag/confusing) - will take maintainers longer to understand than is really justified by what the code actually does. -* [convention](https://rules.sonarsource.com/java/tag/convention) - coding convention - typically formatting, naming, whitespace... -* [cwe](https://rules.sonarsource.com/java/tag/cwe) - relates to a rule in the [Common Weakness Enumeration](http://cwe.mitre.org/). For more on CWE and on security-related rules in general, see [Security-related rules](/user-guide/security-rules/). -* [design](https://rules.sonarsource.com/java/tag/design) - there is something questionable about the design of the code -* [lock-in](https://rules.sonarsource.com/java/tag/lock-in) - environment-specific features are used -* [owasp](https://rules.sonarsource.com/java/tag/owasp) - relates to a rule in the [OWASP Top 10 2017](https://owasp.org/www-project-top-ten/2017/Top_10) security standard. Note, that the OWASP Top 10 is a list of high-level security risks which translates to many, many potential rules. "owasp-ax" tags should no longer be used, they should be considered as "deprecated" because they map to old "OWASP Top 10 2017". The "Security Category" facet should be used instead to filter on recent OWASP Top 10s (2021+). -* [pitfall](https://rules.sonarsource.com/java/tag/pitfall) - nothing is wrong yet, but something could go wrong in the future; a trap has been set for the next person, and they'll probably fall into it and screw up the code. -* [sans-top25](https://rules.sonarsource.com/java/tag/sans-top25) - This tag is based on outdated statistics and should no longer be used. Instead, it's recommended to rely on the "CWE Top 25" reports, which are available in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html). -* [suspicious](https://rules.sonarsource.com/java/tag/suspicious) - it's not guaranteed that this is a **bug**, but it looks suspiciously like one. At the very least, the code should be re-examined & likely refactored for clarity. -* [unpredictable](https://rules.sonarsource.com/java/tag/unpredictable) - the code may work fine under current conditions, but may fail erratically if conditions change. -* [unused](https://rules.sonarsource.com/java/tag/unused) - unused code, E.G. a private variable that is never used. -* [user-experience](https://rules.sonarsource.com/java/tag/user-experience) - there's nothing technically wrong with your code, but it may make some or all of your users hate you. diff --git a/server/sonar-docs/src/pages/user-guide/clean-as-you-code.md b/server/sonar-docs/src/pages/user-guide/clean-as-you-code.md deleted file mode 100644 index a0009cde0e1..00000000000 --- a/server/sonar-docs/src/pages/user-guide/clean-as-you-code.md +++ /dev/null @@ -1,37 +0,0 @@ ---- -title: Clean as You Code -url: /user-guide/clean-as-you-code/ ---- - -## What is Clean as You Code? - -Clean as You Code is an approach to Code Quality that eliminates a lot of the challenges that come with traditional approaches. As a developer, you focus on maintaining high standards and taking responsibility specifically in the New Code you're working on. SonarQube gives you the tools that let you set high standards and take pride in knowing that your code meets those standards. - -## Focus on New Code - -With Clean as You Code, your focus is always on New Code (code that has been added or changed according to your New Code definition) and making sure the code you write today is clean and safe. - -The New Code definition can be set at different levels (global, project, and starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) at the branch level). Depending on the level at which your New Code definition is set, you can change the starting point to fit your situation. - -For more information on setting your New Code definition, check out [Defining New Code](/project-administration/new-code-period/). - -## Personal Responsibility - -With Clean as You Code, you aren't responsible for anyone else's code. You own the quality and security of the New Code you are working on today. If you add new issues, SonarQube automatically assigns them to you so you can maintain quality in your code. - -For more information on issues and how they are assigned, check out the [Issues](/user-guide/issues/) documentation. - -## Quality Gate - -Your Quality Gate is a set of conditions that tells you whether or not your project is ready for release. With the Clean as You Code approach, your Quality Gate should: - -- **Focus on New Code metrics** – When your Quality Gate is set to focus on New Code metrics (like the built-in Sonar way Quality Gate), new features will be delivered cleanly. As long as your Quality gate is green, your releases will continue to improve. -- **Set and enforce high standards** – When standards are set and enforced on New Code, you aren't worried about having to meet those standards in old code and having to clean up someone else's code. You can take pride in meeting high standards on _your_ code. If a project doesn't meet these high standards, it won't pass the Quality Gate, and it's obviously not ready to be released. - -For more information on Quality Gates and making sure your Quality Gate is enforcing your standards, check out the [Quality Gates](/user-guide/quality-gates/) documentation. - -## Pull Request Analysis - -You can use Pull Request analysis and decoration to make sure your code is meeting your standards before you merge. Pull Request analysis lets you see your Pull Request's Quality Gate in the SonarQube UI. You can then decorate your Pull Requests with SonarQube issues directly in your DevOps Platform's interface. - -For more information on setting up Pull Request analysis and decoration, see the [Pull Request](/analysis/pull-request/) documentation. diff --git a/server/sonar-docs/src/pages/user-guide/concepts.md b/server/sonar-docs/src/pages/user-guide/concepts.md deleted file mode 100644 index 2f34801fc6c..00000000000 --- a/server/sonar-docs/src/pages/user-guide/concepts.md +++ /dev/null @@ -1,30 +0,0 @@ ---- -title: Concepts -url: /user-guide/concepts/ ---- - -## Architecture -| Concept | Definition | -| -------- | ------------------------------------------------------------------------------------- | -| Analyzer | A client application that analyzes the source code to compute **snapshots**. | -| Database | Stores configuration and **snapshots** | -| Server | Web interface that is used to browse **snapshot** data and make configuration changes | - -## Quality -| Concept | Definition | -| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Bug | An issue that represents something wrong in the code. If this has not broken yet, it will, and probably at the worst possible moment. This needs to be fixed. Yesterday. | -| Code Smell | A maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should making changes to the code. At worst, they'll be so confused by the state of the code that they'll introduce additional errors as they make changes. | -| Cost | See Remediation Cost | -| Debt | See Technical Debt | -| Issue | When a piece of code does not comply with a rule, an issue is logged on the **snapshot**. An issue can be logged on a source file or a unit test file. There are 3 types of issue: **Bugs**, **Code Smells** and **Vulnerabilities** | -| Measure | The value of a **metric** for a given file or project at a given time. For example, 125 lines of code on class MyClass or density of duplicated lines of 30.5% on project myProject | -| Metric | A type of measurement. Metrics can have varying values, or **measures**, over time. Examples: number of lines of code, complexity, etc. A metric may be either _qualitative_ (gives a quality indication on the component, E.G. density of duplicated lines, line coverage by tests, etc.) or _quantitative_ (does not give a quality indication on the component, E.G. number of lines of code, complexity, etc.) | -| New Code definition | A changeset or period that you're keeping a close watch on for the introduction of new problems in the code. Ideally this is since the `previous_version`, but if you don't use a Maven-like versioning scheme you may need to set a time period such as 21 days, since a specific analysis, or use a reference branch. | -| Quality Profile | A set of **rules**. Each **snapshot** is based on a single Quality Profile. See also [Quality Profiles](/instance-administration/quality-profiles/) | -| Rule | A coding standard or practice which should be followed. Not complying with coding rules leads to **Bugs**, **Vulnerabilities**, **Security Hotspots**, and **Code Smells**. Rules can check quality on code files or unit tests. | -| Remediation Cost | The estimated time required to fix Vulnerability and Reliability Issues. | -| Snapshot | A set of **measures** and **issues** on a given project at a given time. A snapshot is generated for each analysis. | -| Security Hotspot | Security-sensitive pieces of code that need to be manually reviewed. Upon review, you'll either find that there is no threat or that there is vulnerable code that needs to be fixed. | -| Technical Debt | The estimated time required to fix all Maintainability Issues / code smells | -| Vulnerability | A security-related issue which represents a backdoor for attackers. See also [Security-related rules](/user-guide/security-rules/). | diff --git a/server/sonar-docs/src/pages/user-guide/connected-mode.md b/server/sonar-docs/src/pages/user-guide/connected-mode.md deleted file mode 100644 index 52b1c04f99b..00000000000 --- a/server/sonar-docs/src/pages/user-guide/connected-mode.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: SonarLint Connected Mode -url: /user-guide/connected-mode/ ---- -SonarLint Connected Mode connects SonarLint to your SonarQube project and provides additional benefits you won't get by using SonarLint or SonarQube alone. - -**Shared code quality and security expectations** -When using SonarLint alone, the Sonar way Quality Profile is used by default. If you're using a different Quality Profile in SonarQube, new issues may be raised in SonarQube even though your commit looked clean in SonarLint. With Connected Mode, the same customized rule set is applied in both your IDE and in SonarQube, and you're notified in your IDE when your project isn't meeting [Quality Gate](/user-guide/quality-gates/) standards. - -**More security** -When using SonarLint alone, taint analysis issues found by commercial editions of SonarQube aren't raised in SonarLint for performance reasons (we don't want to slow down your editing). In Connected Mode, you'll see the taint analysis issues SonarQube raised in your project. You'll get all of the context in your IDE that you need to triage and fix security problems and make sure the code you commit is safe. - -**Smart Notifications** -Connected mode sends smart alerts to individuals or teams when new issues are discovered. With everyone in the loop, issues can be addressed promptly, improving the overall software quality and delivery. You'll receive Smart Notifications in your IDE when: - -* the [Quality Gate](/user-guide/quality-gates/) status of a project _open in your IDE_ changes -* a SonarQube analysis raises new issues _that you've introduced in a project open in your IDE_ - -You can activate or deactivate Smart Notifications in SonarLint on the IDE side on a server-by-server basis. - -## Setting up Connected Mode -See the following links for instructions on setting up Connected Mode for each supported IDE: - -* [Eclipse](https://github.com/SonarSource/sonarlint-eclipse/wiki/Connected-Mode) -* [IntelliJ IDEA](https://github.com/SonarSource/sonarlint-intellij/wiki/Bind-to-SonarQube-or-SonarCloud) -* [Visual Studio](https://github.com/SonarSource/sonarlint-visualstudio/wiki/Connected-Mode) -* [VS Code](https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarlint-vscode#connected-mode) diff --git a/server/sonar-docs/src/pages/user-guide/issues.md b/server/sonar-docs/src/pages/user-guide/issues.md deleted file mode 100644 index 7e3b1a9a4e0..00000000000 --- a/server/sonar-docs/src/pages/user-guide/issues.md +++ /dev/null @@ -1,142 +0,0 @@ ---- -title: Issues -url: /user-guide/issues/ ---- - -While running an analysis, SonarQube raises an issue every time a piece of code breaks a coding rule. The set of coding rules is defined through the associated [Quality Profile](/instance-administration/quality-profiles/) for each language in the project. - -### Issue Types - -There are three types of issues: - -1. **Bug** – A coding mistake that can lead to an error or unexpected behavior at runtime. -1. **Vulnerability** – A point in your code that's open to attack. -1. **Code Smell** – A maintainability issue that makes your code confusing and difficult to maintain. - -### Issue Severity - -Each issue has one of five severities: - -1. **BLOCKER** -Bug with a high probability to impact the behavior of the application in production: memory leak, unclosed JDBC connection, .... The code MUST be fixed immediately. -1. **CRITICAL** -Either a bug with a low probability to impact the behavior of the application in production or an issue which represents a security flaw: empty catch block, SQL injection, ... The code MUST be immediately reviewed. -1. **MAJOR** -Quality flaw which can highly impact the developer productivity: uncovered piece of code, duplicated blocks, unused parameters, ... -1. **MINOR** -Quality flaw which can slightly impact the developer productivity: lines should not be too long, "switch" statements should have at least 3 cases, ... -1. **INFO** -Neither a bug nor a quality flaw, just a finding. - -Ideally, the team wouldn't introduce any new issues (any new technical debt). [SonarLint](https://sonarlint.org) can help developers by letting you perform local analyses to check your code before pushing it back to the SCM. But in real life, it's not always possible to code without any new technical debt, and sometimes it's not worth it. - -So new issues get introduced. - -## Understanding issue context -Sometimes, issues are self-evident once they're pointed out. For instance, if your team has agreed to a init-lower, camelCase variable naming convention, and an issue is raised on `My_variable`, you don't need a lot of context to understand the problem. But in other situations context may be essential to understanding why an issue was raised. That's why SonarQube supports not just the primary issue location where the issue message is shown, but also secondary issue locations. For instance, secondary issues locations are used to mark the pieces of code in a method which add Cognitive Complexity to a method. - -However, there are times when a simple laundry list of contributing locations isn't enough to understand an issue. For instance, when a null pointer can be dereferenced on some paths through the code, what you really need are issue flows. Each flow is a _set_ of secondary locations ordered to show the exact path through the code on which a problem can happen. And because there can be multiple paths through the code on which, for instance a resource is not released, SonarQube supports multiple flows. - -Check out this [ video](https://youtu.be/17G-aZcuMKw) for more on issues with multiple locations. - -## Issues lifecycle - -### Statuses -After creation, issues flow through a lifecycle, taking one of the following statuses: - -* **Open** - set by SonarQube on new issues -* **Confirmed** - set manually to indicate that the issue is valid -* **Resolved** - set manually to indicate that the next analysis should Close the issue -* **Reopened** - set automatically by SonarQube when a Resolved issue hasn't actually been corrected -* **Closed** - set automatically by SonarQube for automatically created issues. - -### Resolutions -Closed issues will have one of the following resolutions: - -* **Fixed** - set automatically when a subsequent analysis shows that the issue has been corrected or the file is no longer available (removed from the project, excluded or renamed) -* **Removed** - set automatically when the related rule is no longer available. The rule may not be available either because it has been removed from the Quality Profile or because the underlying plugin has been uninstalled. - -Resolved issues will have one the following resolutions: -* **False Positive** - set manually -* **Won't Fix** - set manually - -### Issue Workflow -Issues are automatically closed (status: Closed) when: -* an issue (of any status) has been properly fixed = Resolution: Fixed -* an issue no longer exists because the related coding rule has been deactived or is no longer available (ie: plugin has been removed) = Resolution: Removed - -Issues are automatically reopened (status: Reopened) when: -* an issue that was manually Resolved as Fixed(but Resolution is not False positive) is shown by a subsequent analysis to still exist. - -## Understanding which Issues are "New" -To determine the creation date of an issue, an algorithm is executed during each analysis to determine whether an issue is new or existed previously. This algorithm relies on content hashes (excluding whitespace) for the line the issue is reported on. For multi-line issues, the hash of the first line is used. For each file (after detection of file renaming), the algorithm takes the base list of issues from the previous analysis, and tries to match those issues with the raw issue list reported by the new analysis. The algorithm tries to first match using the strongest evidence, and then falls back to weaker heuristics. - -* if the issue is on the same rule, with the same line number and with the same line hash (but not necessarily with the same message) > MATCH -* detect block move inside file, then if the issue is on the same (moved) line and on the same rule (but not necessarily with the same message) > MATCH -* on the same rule, with the same message and with the same line hash (but not necessarily with the same line) > MATCH -* on the same rule, with the same message and with the same line number (but not necessarily with the same line hash) > MATCH -* on the same rule and with the same line hash (but not the same message and not the same line) > MATCH -* is there a matching **CLOSED** issue > MATCH and Reopen - -Unmatched "base" issues are closed as fixed. - -Unmatched "raw" issues are new. - -## Understanding Issue Backdating -Once an issue has been determined to be "new", as described above, the next question is what date to give it. For instance, what if it has existed in code for a long time but was only found in the most recent analysis because new rules were added to the profile? Should this issue be given the date of the last change on its line, or the date of the analysis where it was first raised? That is, should it be backdated? If the date of the last change to the line is available (this requires [SCM integration](/analysis/scm-integration/)) then under certain circumstances, the issue will be backdated: - -* On first analysis of a project or branch -* When the rule is new in the profile (a brand new rule activated or a rule that was deactivated and is now activated) -* When SonarQube has just been upgraded (because rule implementations could be smarter now) -* When the rule is external - -As a consequence, it is possible that backdating will keep newly raised issues out of New Code. - - -## Automatic Issue Assignment -### For Bug, Vulnerability and Code Smell -New issues are automatically assigned during analysis to the last committer on the issue line if the committer can be correlated to a SonarQube user. Note that currently, issues on any level above a file, e.g. directory / project, cannot be automatically assigned. - -### User Correlation -Login and email correlations are made automatically. For example, if the user commits with their email address and that email address is part of their SonarQube profile, then new issues raised on lines where the user was the last committer will be automatically assigned to the user. - -Additional correlations can be made manually in the user's profile (see "SCM accounts" in Authorization for more). - -### Known Limitation -If the SCM login associated with an issue is longer than 255 characters allowed for an issue author, the author will be left blank. - -## Issue edits -SonarQube's issues workflow can help you manage your issues. There are seven different things you can do to an issue (other than fixing it in the code!): Comment, Assign, Confirm, Change Severity, Resolve, Won't Fix, and False Positive. - -These actions break out into three different categories. First up is the "technical review" category. - -### Technical Review -The Confirm, False Positive, Won't Fix, Severity change, and Resolve actions all fall into this category, which presumes an initial review of an issue to verify its validity. Assume it's time to review the technical debt added in the last review period - whether that's a day, a week, or an entire sprint. You go through each new issue and do one: - -* **Confirm** - By confirming an issue, you're basically saying "Yep, that's a problem." Doing so moves it out of "Open" status to "Confirmed". -* **False Positive** - Looking at the issue in context, you realize that for whatever reason, this issue isn't actually a problem. So you mark it False Positive and move on. Requires Administer Issues permission on the project. -* **Won't Fix** - Looking at the issue in context, you realize that while it's a valid issue it's not one that actually needs fixing. In other words, it represents accepted technical debt. So you mark it Won't Fix and move on. Requires Administer Issues permission on the project. -* **Severity change** - This is the middle ground between the first two options. Yes, it's a problem, but it's not as bad a problem as the rule's default severity makes it out to be. Or perhaps it's actually far worse. Either way, you adjust the severity of the issue to bring it in line with what you feel it deserves. Requires Administer Issues permission on the project. -* **Resolve** - If you think you've fixed an open issue, you can Resolve it. If you're right, the next analysis will move it to closed status. If you're wrong, its status will go to re-opened. - -If you tend to mark a lot of issues False Positive or Won't Fix, it means that some coding rules are not appropriate for your context. So, you can either completely deactivate them in the Quality Profile or use issue exclusions to narrow the focus of the rules so they are not used on specific parts (or types of object) of your application. Similarly, making a lot of severity changes should prompt you to consider updating the rule severities in your profiles. - -As you edit issues, the related metrics (e.g. New Bugs), will update automatically, as will the Quality Gate status if it's relevant. - -### Dispositioning -Once issues have been through technical review, it's time to decide who's going to deal them. By default they're assigned to the last committer on the issue line (at the time the issue is raised), but you can certainly reassign them to yourself or someone else. The assignee will receive email notification of the assignment if they signed up for notifications, and the assignment will show up everywhere the issue is displayed, including in the My Issues list in the My Account space. - -### General -At any time during the lifecycle of an issue, you can log a comment on it. Comments are displayed in the issue detail in a running log. You have the ability to edit or delete the comments you made. - -You can also edit an issue's tags. Issues inherit the tags of the rules that created them, but the tag set on an issue is fully editable. Tags can be created, added and removed at will for users with the Browse permission on the project. - -Although they are initially inherited from the relevant rule, the tags on an issue are not synchronized with the rule, so adding tags to a rule will not add those tags to the rule's issues. - -### Bulk Change -All of these changes and more can be made to multiple issues at once using the Bulk Change option in the issues search results pane. - - -## Purging Closed Issues -By default, Closed issues are kept for 30 days. For more details, see [Housekeeping](/instance-administration/housekeeping/). - diff --git a/server/sonar-docs/src/pages/user-guide/keyboard-shortcuts.md b/server/sonar-docs/src/pages/user-guide/keyboard-shortcuts.md deleted file mode 100644 index 6954c12000a..00000000000 --- a/server/sonar-docs/src/pages/user-guide/keyboard-shortcuts.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: Keyboard Shortcuts -url: /user-guide/keyboard-shortcuts/ ---- - -## Global - -| Shortcut | Action | -| -------- | --------------- | -| `s` | open search bar | -| `?` | open help | - -## Code Page - -| Shortcut | Action | -| -------- | --------------------------------------------- | -| `↑` `↓` | select files | -| `→` | open file | -| `←` | return back to the list | - -## Issues Page - -| Shortcut | Action | -| ---------------- | --------------------------------------------- | -| `↑` `↓` | navigate between issues | -| `→` | go from the list of issues to the source code | -| `←` | return back to the list | -| `alt` + `↑` `↓` | to navigate issue locations | -| `alt` + `←` `→` | to switch flows | -| `f` | do an issue transition | -| `a` | assign issue | -| `m` | assign issue to the current user | -| `i` | change severity of issue | -| `c` | comment issue | -| `ctrl` + `enter` | submit comment | -| `t` | change tags of issue | - -## Measures Page - -| Shortcut | Action | -| -------- | --------------------------------------------- | -| `↑` `↓` | select files | -| `→` | open file | -| `←` | return back to the list | - -## Rules Page - -| Shortcut | Action | -| -------- | --------------------------------------------- | -| `↑` `↓` | navigate between rules | -| `→` | go from the list of rules to the rule details | -| `←` | return back to the list | diff --git a/server/sonar-docs/src/pages/user-guide/metric-definitions.md b/server/sonar-docs/src/pages/user-guide/metric-definitions.md deleted file mode 100644 index a27c569825a..00000000000 --- a/server/sonar-docs/src/pages/user-guide/metric-definitions.md +++ /dev/null @@ -1,369 +0,0 @@ ---- -title: Metric Definitions -url: /user-guide/metric-definitions/ ---- - - -## Complexity -**Complexity** (`complexity`) -It is the Cyclomatic Complexity calculated based on the number of paths through the code. Whenever the control flow of a function splits, the complexity counter gets incremented by one. Each function has a minimum complexity of 1. This calculation varies slightly by language because keywords and functionalities do. - -[[collapse]] -| ## Language-specific details -| Language | Notes -| ---|--- -| ABAP | The following keywords increase the complexity by one: `AND`, `CATCH`, `CONTINUE`, `DO`, `ELSEIF`, `IF`, `LOOP`, `LOOPAT`, `OR`, `PROVIDE`, `SELECT…ENDSELECT`, `TRY`, `WHEN`, `WHILE` -| C/C++/Objective-C | The complexity gets incremented by one for: function definitions, `while`, `do while`, `for`, `throw` statements, `switch`, `case`, `default`, `&&` operator, `||` operator, `?` ternary operator, `catch`, `break`, `continue`, `goto`. -| COBOL | The following commands increase the complexity by one (except when they are used in a copybook): `ALSO`, `ALTER`, `AND`, `DEPENDING`, `END_OF_PAGE`, `ENTRY`, `EOP`, `EXCEPTION`, `EXIT`, `GOBACK`, `CONTINUE`, `IF`, `INVALID`, `OR`, `OVERFLOW`, `SIZE`, `STOP`, `TIMES`, `UNTIL`, `USE`, `VARYING`, `WHEN`, `EXEC CICS HANDLE`, `EXEC CICS LINK`, `EXEC CICS XCTL`, `EXEC CICS RETURN` -| Java | Keywords incrementing the complexity: `if`, `for`, `while`, `case`, `catch`, `throw`, `&&`, `||`, `?` -| JavaScript, PHP | Complexity is incremented by one for each: function (i.e non-abstract and non-anonymous constructors, functions, procedures or methods), `if`, short-circuit (AKA lazy) logical conjunction (`&&`), short-circuit (AKA lazy) logical disjunction (`||`), ternary conditional expressions, loop, `case` clause of a `switch` statement, `throw` and `catch` statement, `go to` statement (only for PHP) -| PL/I | The following keywords increase the complexity by one: `PROC`, `PROCEDURE`, `GOTO`, `GO TO`, `DO`, `IF`, `WHEN`, `|`, `!`, `|=`, `!=`, `&`, `&=` -| PL/SQL | The complexity gets incremented by one for: the main PL/SQL anonymous block (not inner ones), create procedure, create trigger, procedure_definition, basic loop statement, when_clause_statement (the “when” of simple_case_statement and searched_case_statement), continue_statement, cursor_for_loop_statement, continue_exit_when_clause (The “WHEN” part of the continue and exit statements), exception_handler (every individual “WHEN”), exit_statement, for_loop_statement, forall_statement, if_statement, elsif_clause, raise_statement, return_statement, while_loop_statement, and_expression (“and” reserved word used within PL/SQL expressions), or_expression (“or” reserved word used within PL/SQL expressions), when_clause_expression (the “when” of simple_case_expression and searched_case_expression) -| VB.NET | The complexity gets incremented by one for: method or constructor declaration (Sub, Function), `AndAlso`, `Case`, `Continue`, `End`, `Error`, `Exit`, `If`, `Loop`, `On Error`, `GoTo`, `OrElse`, `Resume`, `Stop`, `Throw`, `Try`. - -**Cognitive Complexity** (`cognitive_complexity`) -How hard it is to understand the code's control flow. See [the Cognitive Complexity white paper](https://www.sonarsource.com/resources/white-papers/cognitive-complexity/) for a complete description of the mathematical model applied to compute this measure. - ---- -## Duplications -**Duplicated blocks** (`duplicated_blocks`) -Number of duplicated blocks of lines. - -[[collapse]] -| ## Language-specific details -| For a block of code to be considered as duplicated: -| -| Non-Java projects: -| * There should be at least 100 successive and duplicated tokens. -| * Those tokens should be spread at least on: -| * 30 lines of code for COBOL -| * 20 lines of code for ABAP -| * 10 lines of code for other languages -| -|Java projects: -| There should be at least 10 successive and duplicated statements whatever the number of tokens and lines. Differences in indentation and in string literals are ignored while detecting duplications. - -**Duplicated files** (`duplicated_files`) -Number of files involved in duplications. - -**Duplicated lines** (`duplicated_lines`) -Number of lines involved in duplications. - -**Duplicated lines (%)** (`duplicated_lines_density`) -= `duplicated_lines` / `lines` * 100 - ---- -## Issues -**New issues** (`new_violations`) -Number of issues raised for the first time on New Code. - -**New xxx issues** (`new_xxx_violations`) -Number of issues of the specified severity raised for the first time on New Code, where xxx is one of: `blocker`, `critical`, `major`, `minor`, `info`. - -**Issues** (`violations`) -Total count of issues in all states. - -**xxx issues** (`xxx_violations`) -Total count of issues of the specified severity, where xxx is one of: `blocker`, `critical`, `major`, `minor`, `info`. - -**False positive issues** (`false_positive_issues`) -Total count of issues marked False Positive - -**Open issues** (`open_issues`) -Total count of issues in the Open state. - -**Confirmed issues** (`confirmed_issues`) -Total count of issues in the Confirmed state. - -**Reopened issues** (`reopened_issues`) -Total count of issues in the Reopened state - ---- -## Maintainability -**Code Smells** (`code_smells`) -Total count of Code Smell issues. - -**New Code Smells** (`new_code_smells`) -Total count of Code Smell issues raised for the first time on New Code. - -**Maintainability Rating** (`sqale_rating`) -(Formerly the SQALE rating.) -Rating given to your project related to the value of your Technical Debt Ratio. The default Maintainability Rating grid is: - -A=0-0.05, B=0.06-0.1, C=0.11-0.20, D=0.21-0.5, E=0.51-1 - -The Maintainability Rating scale can be alternately stated by saying that if the outstanding remediation cost is: - -* <=5% of the time that has already gone into the application, the rating is A -* between 6 to 10% the rating is a B -* between 11 to 20% the rating is a C -* between 21 to 50% the rating is a D -* anything over 50% is an E - -**Technical Debt** (`sqale_index`) -Effort to fix all Code Smells. The measure is stored in minutes in the database. An 8-hour day is assumed when values are shown in days. - -**Technical Debt on New Code** (`new_technical_debt`) -Effort to fix all Code Smells raised for the first time on New Code. - -**Technical Debt Ratio** (`sqale_debt_ratio`) -Ratio between the cost to develop the software and the cost to fix it. The Technical Debt Ratio formula is: - `Remediation cost / Development cost` -Which can be restated as: - `Remediation cost / (Cost to develop 1 line of code * Number of lines of code)` -The value of the cost to develop a line of code is 0.06 days. - -**Technical Debt Ratio on New Code** (`new_sqale_debt_ratio`) -Ratio between the cost to develop the code changed on New Code and the cost of the issues linked to it. - ---- -## Quality Gates -**Quality Gate Status** (`alert_status`) -State of the Quality Gate associated to your Project. Possible values are : `ERROR`, `OK` -WARN value has been removed since 7.6. - -**Quality Gate Details** (`quality_gate_details`) -For all the conditions of your Quality Gate, you know which condition is failing and which is not. - ---- -## Reliability -**Bugs** (`bugs`) -Number of bug issues. - -**New Bugs** (`new_bugs`) -Number of new bug issues. - -**Reliability Rating** (`reliability_rating`) -A = 0 Bugs -B = at least 1 Minor Bug -C = at least 1 Major Bug -D = at least 1 Critical Bug -E = at least 1 Blocker Bug - -**Reliability remediation effort** (`reliability_remediation_effort`) -Effort to fix all bug issues. The measure is stored in minutes in the DB. An 8-hour day is assumed when values are shown in days. - -**Reliability remediation effort on new code** (`new_reliability_remediation_effort`) -Same as _Reliability remediation effort_ but on the code changed on New Code. - ---- -## Security -**Vulnerabilities** (`vulnerabilities`) -Number of vulnerability issues. - -**Vulnerabilities on new code** (`new_vulnerabilities`) -Number of new vulnerability issues. - -**Security Rating** (`security_rating`) -A = 0 Vulnerabilities -B = at least 1 Minor Vulnerability -C = at least 1 Major Vulnerability -D = at least 1 Critical Vulnerability -E = at least 1 Blocker Vulnerability - -**Security remediation effort** (`security_remediation_effort`) -Effort to fix all vulnerability issues. The measure is stored in minutes in the DB. An 8-hour day is assumed when values are shown in days. - -**Security remediation effort on new code** (`new_security_remediation_effort`) -Same as _Security remediation effort_ but on the code changed on New Code. - -**Security Hotspots** (`security_hotspots`) -Number of Security Hotspots - -**Security Hotspots on new code** (`new_security_hotspots`) -Number of new Security Hotspots on New Code. - -**Security Review Rating** (`security_review_rating`) - -**Note:** Security Hotspots are considered Reviewed if they are marked as _Acknowledged_, _Fixed_ or _Safe_. - -The Security Review Rating is a letter grade based on the percentage of Reviewed Security Hotspots. - -A = >= 80% -B = >= 70% and <80% -C = >= 50% and <70% -D = >= 30% and <50% -E = < 30% - -**Security Review Rating on new code** (`new_security_review_rating`) - -Security Review Rating for New Code. - -**Security Hotspots Reviewed** (`security_hotspots_reviewed`) - -Percentage of Reviewed Security Hotspots. - -Ratio Formula: -`Number of Reviewed Hotspots x 100 / (To_Review Hotspots + Reviewed Hotspots)` - -**New Security Hotspots Reviewed** - -Percentage of Reviewed Security Hotspots on New Code. - ---- -## Size -**Classes** (`classes`) -Number of classes (including nested classes, interfaces, enums and annotations). - -**Comment lines** (`comment_lines`) -Number of lines containing either comment or commented-out code. - -Non-significant comment lines (empty comment lines, comment lines containing only special characters, etc.) do not increase the number of comment lines. - -The following piece of code contains 9 comment lines: -``` -/** +0 => empty comment line - * +0 => empty comment line - * This is my documentation +1 => significant comment - * although I don't +1 => significant comment - * have much +1 => significant comment - * to say +1 => significant comment - * +0 => empty comment line - *************************** +0 => non-significant comment - * +0 => empty comment line - * blabla... +1 => significant comment - */ +0 => empty comment line - -/** +0 => empty comment line - * public String foo() { +1 => commented-out code - * System.out.println(message); +1 => commented-out code - * return message; +1 => commented-out code - * } +1 => commented-out code - */ +0 => empty comment line - ``` -[[collapse]] -| ## Language-specific details -| Language | Note -| ---|--- -| COBOL | Lines containing the following instructions are counted both as comments and lines of code: `AUTHOR`, `INSTALLATION`, `DATE-COMPILED`, `DATE-WRITTEN`, `SECURITY`. -| Java | File headers are not counted as comment lines (because they usually define the license). - -**Comments (%)** (`comment_lines_density`) -Density of comment lines = Comment lines / (Lines of code + Comment lines) * 100 - -With such a formula: -* 50% means that the number of lines of code equals the number of comment lines -* 100% means that the file only contains comment lines - -**Directories** (`directories`) -Number of directories. - -**Files** (`files`) -Number of files. - -**Lines** (`lines`) -Number of physical lines (number of carriage returns). - -**Lines of code** (`ncloc`) -Number of physical lines that contain at least one character which is neither a whitespace nor a tabulation nor part of a comment. -[[collapse]] -| ## Language-specific details -| Language | Note -| --- | --- -| COBOL | Generated lines of code and pre-processing instructions (`SKIP1`, `SKIP2`, `SKIP3`, `COPY`, `EJECT`, `REPLACE`) are not counted as lines of code. - -**Lines of code per language** (`ncloc_language_distribution`) -Non Commenting Lines of Code Distributed By Language - -**Functions** (`functions`) -Number of functions. Depending on the language, a function is either a function or a method or a paragraph. -[[collapse]] -| ## Language-specific details -| Language | Note -| ---|--- -| COBOL | It is the number of paragraphs. -| Java | Methods in anonymous classes are ignored. -| VB.NET | Accesors are not considered to be methods. - -**Projects** (`projects`) -Number of projects in a Portfolio. - -**Statements** (`statements`) -Number of statements. - ---- -## Tests -**Condition coverage** (`branch_coverage`) -On each line of code containing some boolean expressions, the condition coverage simply answers the following question: 'Has each boolean expression been evaluated both to true and false?'. This is the density of possible conditions in flow control structures that have been followed during unit tests execution. - -`Condition coverage = (CT + CF) / (2*B)` -where -* CT = conditions that have been evaluated to 'true' at least once -* CF = conditions that have been evaluated to 'false' at least once -* B = total number of conditions - -**Condition coverage on new code** (`new_branch_coverage`) -Identical to Condition coverage but restricted to new / updated source code. - -**Condition coverage hits** (`branch_coverage_hits_data`) -List of covered conditions. - -**Conditions by line** (`conditions_by_line`) -Number of conditions by line. - -**Covered conditions by line** (`covered_conditions_by_line`) -Number of covered conditions by line. - -**Coverage** (`coverage`) -It is a mix of Line coverage and Condition coverage. Its goal is to provide an even more accurate answer to the following question: How much of the source code has been covered by the unit tests? - -`Coverage = (CT + CF + LC)/(2*B + EL)` -where -* CT = conditions that have been evaluated to 'true' at least once -* CF = conditions that have been evaluated to 'false' at least once -* LC = covered lines = lines_to_cover - uncovered_lines -* B = total number of conditions -* EL = total number of executable lines (`lines_to_cover`) - -**Coverage on new code** (`new_coverage`) -Identical to Coverage but restricted to new / updated source code. - -**Line coverage** (`line_coverage`) -On a given line of code, Line coverage simply answers the following question: Has this line of code been executed during the execution of the unit tests?. It is the density of covered lines by unit tests: - -`Line coverage = LC / EL` -where -* LC = covered lines (`lines_to_cover` - `uncovered_lines`) -* EL = total number of executable lines (`lines_to_cover`) - -**Line coverage on new code** (`new_line_coverage`) -Identical to Line coverage but restricted to new / updated source code. - -**Line coverage hits** (`coverage_line_hits_data`) -List of covered lines. - -**Lines to cover** (`lines_to_cover`) -Number of lines of code which could be covered by unit tests (for example, blank lines or full comments lines are not considered as lines to cover). - -**Lines to cover on new code** (`new_lines_to_cover`) -Identical to Lines to cover but restricted to new / updated source code. - -**Skipped unit tests** (`skipped_tests`) -Number of skipped unit tests. - -**Uncovered conditions** (`uncovered_conditions`) -Number of conditions which are not covered by unit tests. - -**Uncovered conditions on new code** (`new_uncovered_conditions`) -Identical to Uncovered conditions but restricted to new / updated source code. - -**Uncovered lines** (`uncovered_lines`) -Number of lines of code which are not covered by unit tests. - -**Uncovered lines on new code** (`new_uncovered_lines`) -Identical to Uncovered lines but restricted to new / updated source code. - -**Unit tests** (`tests`) -Number of unit tests. - -**Unit tests duration** (`test_execution_time`) -Time required to execute all the unit tests. - -**Unit test errors** (`test_errors`) -Number of unit tests that have failed. - -**Unit test failures** (`test_failures`) -Number of unit tests that have failed with an unexpected exception. - -**Unit test success density (%)** (`test_success_density`) -`Test success density = (Unit tests - (Unit test errors + Unit test failures)) / Unit tests * 100` diff --git a/server/sonar-docs/src/pages/user-guide/portfolios.md b/server/sonar-docs/src/pages/user-guide/portfolios.md deleted file mode 100644 index e136e39cfce..00000000000 --- a/server/sonar-docs/src/pages/user-guide/portfolios.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: Portfolios -url: /user-guide/portfolios/ ---- - -*Portfolios are available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html).* - -## Portfolios Home Page - -The Portfolio Home Page is the central place for managers and tech leads to keep an eye on the Releasability of the projects under their supervision. Releasability is based on the portfolio's projects' [quality gates](/user-guide/quality-gates/). Each Portfolio home page offers an aggregate view of the releasability of all projects in the Portfolio. - -At the top of the page, you can see the overall releasablilty of the Portfolio, a graph showing the releasability trend, and the number of project branches that are failing and passing their quality gate. - -The Reliability, Security Vulnerabilities, Security Review, and Maintainability ratings show the overall health of the Portfolio on both New Code and Overall Code. - -Below the New Code rating for each metric, you'll see how many project branches are at risk and how many are doing well. - -Below the Overall Code rating, you'll see a graph showing the trend for each metric. Additionally, you'll see the number of at risk project branches. - -## Releasability Rating - -The Releasability rating is the ratio of projects in the Portfolio that have a **Passed** Quality Gate: - -**A**: > 80% -**B**: > 60% -**C**: > 40% -**D**: > 20% -**E**: <= 20% - -## Reliability, Security Vulnerabilities, Security Review, and Maintainability Ratings - -The Reliability, Security Vulnerabilities, Security Review, and Maintainability ratings for a Portfolio are calculated as the average of the ratings for all projects included in the Portfolio. - -SonarQube converts each project's letter rating to a number (see conversion table below), calculates an average number for the projects in the portfolio, and converts that average to a letter rating. Averages ending with .5 are rounded up resulting in the "lower" of the two possible ratings, so an average of 2.5 would be rounded up to 3 and result in a "C" rating). - -This gives an "problem density" measure on the four axes of Reliability, Security Vulnerabilities, Security Review, and Maintainability for your Portfolio. - -Rating conversion: - -**E**: 5 -**D**: 4 -**C**: 3 -**B**: 2 -**A**: 1 - -*Note: the Portfolio Home Page is also available at Sub-Portfolio level* - -## Portfolio PDF Report - -On a Portfolio Home Page, you can download a PDF overview of the Portfolio by selecting **Download as PDF** from the "Portfolio PDF Report" dropdown menu in the upper-right corner. This is really convenient, for example, if you're going into a meeting where you may not have access to your SonarQube instance. - -You can subscribe to receive a PDF by email by selecting **Subscribe** from the "Portfolio PDF Report" dropdown. You can set the frequency of the report at the portfolio and global levels to **daily**, **weekly**, or **monthly**. The default frequency is monthly. - -**Note:** You will only receive the PDF if the Portfolio is computed. - -Portfolios are created and edited in the global Portfolio administration interface: **Administration > Configuration > Portfolios**. For more information, see [Managing Portfolios](/project-administration/managing-portfolios/).
\ No newline at end of file diff --git a/server/sonar-docs/src/pages/user-guide/project-page.md b/server/sonar-docs/src/pages/user-guide/project-page.md deleted file mode 100644 index 5f37ee81e83..00000000000 --- a/server/sonar-docs/src/pages/user-guide/project-page.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: Project Page -url: /user-guide/project-page/ ---- - - -The Project Homepage is the entry point of any project showing: -* the releasability status of the project -* the current state of its quality -* the quality of what has been produced since the start of the [New Code](/user-guide/clean-as-you-code/). - - -The Project Page answers two questions: -* can I release my project today? -* if not, what should I improve to make the project pass the Quality Gate? - -## Quality Gate -Since the [Quality Gate](/user-guide/quality-gates/) is your most powerful tool to enforce your quality policy, the page starts with the project's current Quality Gate status. If the project passes, a simple, green all-clear is shown. - -If not, details and drill-downs are immediately available to quickly identify what went wrong, with a section for each error condition showing what the current project value is and what it should be. As usual, you'll be able to click through on current values to get to drilldowns. - -## Prioritizing issues -Because the best way to improve a project's quality is to catch and fix new problems before they become entrenched, the first view of a project is centered around New Code, which is highlighted in yellow on the right of the project homepage. The project space page shows a high-level summary of critical metrics, both current values and their New Code values. - -Just below the Quality Gate information, you have the numbers of old and new Issues in the Reliability and Security domains and then the Maintainability domain. Clicking on any figure on the page will take you to a detailed view, either in the Measures Page or the Issues Page. - -The most important thing a developer must do is to ensure the new Issues in the yellow part of the screen are acknowledged, reviewed and fixed and to make sure that new code is covered by tests to help prevent future regressions. Regardless of how many Issues were introduced in the past or how little test coverage there is overall, a focus on the newly added Issues will ensure that the situation won't degrade versus the version you previously released in production. - -So, which issues should you go after first: Bugs, Vulnerabilities or Code Smells? It depends, because the answer is dependent on the nature of your Issues. Let's say you have issues for a block of code that is duplicated 5 times, and inside this duplicated block of code, you have 3 Bugs and 5 Security Issues. The best approach is probably to fix the duplication first and then resolve the Bugs and Vulnerabilities in the newly centralized location, rather than fixing them 5 times. - -That's why you need to review your new Issues before jumping into resolving them. - -## Viewing project measures at a lower level -The project-level **Measures** menu item takes you to a dedicated sub-space where you see all project measures. Choose a measure for more details. Both list and tree views are available for each measure, and treemaps are available for percentages and ratings. - -### Viewing all issues in a project -The project-level **Issues** menu item takes you to a project-specific Issues page, where you can perform all the same actions you can at the higher level. -On this page, you can easily narrow the list to the New Issues as set by your New Code definition, by selecting `New Code` in **Creation Date** facet. - -## Viewing project structure and code -The project-level **Code** menu item takes you to an outline of your project structure. Drill down to see files in a directory, and choose a file to see its code. - -If your project is too large for easy exploration via drilling, the search feature on this page will help. While the global search in the main menu returns results from throughout the {instance} instance, the localized search on the code page is restricted to files and directories in the current project. - -## Viewing project activity and history -The project-level **Activity** menu item takes you to the full list of code scans performed on your project since it was created in {instance}. By going there you can follow the evolution of the Quality Gate, see the changes of Quality Profiles and know when a given version of your code has been scanned. - -## Spotting risks with visualizations -Visualizations allow you to compare project components and quickly spot the ones that represent the greatest risks. The **Activity** page offers several pre-defined visualizations, and you can also create Custom visualizations with the metrics of your choice. - -## Using project badges to promote project health -You can promote your project's status in third-party tools and external websites using project badges. You can find the project badges by opening the **Project Information** menu in the upper-right corner of the project home page and clicking **Get project badges**. From here, you can choose and fine-tune your badge then copy the markdown text or image URL for it. Each project badge has a unique security token, which is required to make it accessible from third-party tools. - -Using project badges can expose sensitive information like your security rating and other metrics. Because of this, you should only use them in trusted environments. If a project badge URL is accessed by someone who should not have access to it, a project administrator can renew the project badge’s unique token by clicking the **Renew token** button. This invalidates any existing project badge URLs, and you'll have to update all locations where the badge is being used. diff --git a/server/sonar-docs/src/pages/user-guide/quality-gates.md b/server/sonar-docs/src/pages/user-guide/quality-gates.md deleted file mode 100644 index 4c478eea092..00000000000 --- a/server/sonar-docs/src/pages/user-guide/quality-gates.md +++ /dev/null @@ -1,75 +0,0 @@ ---- -title: Quality Gates -url: /user-guide/quality-gates/ ---- - -## Overview - -Quality Gates enforce a quality policy in your organization by answering one question: is my project ready for release? - -To answer this question, you define a set of conditions against which projects are measured. For example: - -* No new blocker issues -* Code coverage on new code greater than 80% - -See the **Defining Quality Gates** section below for more information on defining conditions. - -Ideally, all projects will use the same quality gate, but that's not always practical. For instance, you may find that: - -* Technological implementation differs from one application to another (you might not require the same code coverage on new code for Web or Java applications). -* You want to ensure stronger requirements on some of your applications (internal frameworks for example). - -Which is why you can define as many quality gates as you need. You can access the **[Quality Gates](/#sonarqube#/quality_gates)** page from the top menu. From here you can define and manage your Quality Gates. - -## Quality Gate permissions -By default, only users with the global **Administer Quality Gates** permission can edit Quality Gates. This is set at **Administration > Security > Global Permissions**. - -SonarQube also allows users with the global **Administer Quality Gates** permission to give an expert or group of experts permission to manage a specific Quality Gate. These experts only have permission for that Quality Gate, not all Quality Gates. Grant permissions to specific Quality Gate on the Quality Gate's page (**Quality Gates > [Quality Gate name]**) under the **Permissions** heading by clicking the **Grant permissions to more users** button. - -## Use the best Quality Gate configuration - -The "Sonar way" Quality Gate is provided by SonarSource, activated by default, and considered as built-in and read-only. This Quality Gate represents the best way to implement the [Clean as You Code](/user-guide/clean-as-you-code/) concept by focusing on new code. With each SonarQube release, we automatically adjust this default quality gate according to SonarQube's capabilities. - -With the Quality Gate, you can enforce ratings (reliability, security, security review, and maintainability) based on metrics on overall code and new code. These metrics are part of the default quality gate. Note that, while test code quality impacts your Quality Gate, it's only measured based on the maintainability and reliability metrics. Duplication and security issues aren't measured on test code. - -You should adjust your quality gates so they provide clear feedback to developers looking at their project page. - -Don't forget that Quality Gate conditions must use differential values. For example, there's no point in checking an absolute value such as: `Number of Lines of Code is greater than 1000`. - -### Recommended Quality Gate - -We recommend the built-in `Sonar way` quality gate for most projects. It focuses on keeping new code clean, rather than spending a lot of effort remediating old code. Out of the box, it's already set as the default profile. - -## Quality Gate status - -The current status is displayed prominently at the top of the Project Page: - - - -## Getting notified when a Quality Gate fails - -Thanks to the notification mechanism, users can be notified when a quality gate fails. To do so, subscribe to the **New quality gate status** notification either for all projects or a set of projects you're interested in. - -## Security - -Quality Gates can be accessed by any user (even anonymous users). All users can view every aspect of a quality gate. - -To make changes (create, edit or delete) users must be granted the **Administer Quality Profiles and Gates** permission. - -A **project administrator** can choose which quality gates their project is associated with. See Project Settings for more. - -## Defining Quality Gates - -Each Quality Gate condition is a combination of: - -* a measure -* a comparison operator -* an error value - -For instance, a condition might be: - -* measure: Blocker issue -* comparison operator: > -* error value: 0 - -Which can be stated as: No blocker issues. diff --git a/server/sonar-docs/src/pages/user-guide/rules.md b/server/sonar-docs/src/pages/user-guide/rules.md deleted file mode 100644 index b80f391ec79..00000000000 --- a/server/sonar-docs/src/pages/user-guide/rules.md +++ /dev/null @@ -1,172 +0,0 @@ ---- -title: Rules -url: /user-guide/rules/ ---- - -SonarQube evaluates your source code against its set of rules to generate issues. -There are four types of rules: - -* Code Smell (Maintainability domain) -* Bug (Reliability domain) -* Vulnerability (Security domain) -* Security Hotspot (Security domain) - -For Code Smells and Bugs, zero false-positives are expected. -At least this is the target so that developers don't have to wonder if a fix is required. - -For Vulnerabilities, the target is to have more than 80% of issues be true-positives. - -Security Hotspot rules draw attention to code that is security-sensitive. -It is expected that more than 80% of the issues will be quickly resolved as "Reviewed" after review by a developer. - -The Rules page is the entry point where you can discover all the existing rules or create new ones based on provided templates. - - -## Rules - -By default, when entering the top menu item "Rules", you will see all the available rules installed on your SonarQube instance. -You have the ability to narrow the selection based on search criteria in the left pane: - -* **Language**: the language to which a rule applies. -* **Type**: Bug, Vulnerability, Code Smell or Security Hotspot rules. -* **Tag**: it is possible to add tags to rules in order to classify them and to help discover them more easily. -* **Repository**: the engine/analyzer that contributes rules to SonarQube. -* **Default Severity**: the original severity of the rule - as defined by SonarQube. -* **Status**: rules can have 3 different statuses: - * **Beta**: The rule has been recently implemented and we haven't gotten enough feedback from users yet, so there may be false positives or false negatives. - * **Deprecated**: The rule should no longer be used because a similar, but more powerful and accurate rule exists. - * **Ready**: The rule is ready to be used in production. -* **Available Since**: date when a rule was first added on SonarQube. This is useful to list all the new rules since the last upgrade of a plugin for instance. -* **Template**: display rule templates that allow to create custom rules (see later on this page). -* **Quality Profile**: inclusion in or exclusion from a specific profile - -If a Quality Profile is selected, it is also possible to check for its active severity and whether it is inherited or not. -See [Quality Profiles](/instance-administration/quality-profiles/) for more information. - - -## Rule Details - -To see the details of a rule, either click on it, or use the right arrow key. -Along with basic rule data, you'll also be able to see which, if any, profiles it's active in and how many open issues have been raised with it. - -The following actions are available only if you have the right permissions ("Administer Quality Profiles and Gates"): - -* **Add/Remove Tags**: - * It is possible to add existing tags on a rule, or to create new ones (just enter a new name while typing in the text field). - * Note that some rules have built-in tags that you cannot remove - they are provided by the plugins which contribute the rules. -* **Extend Description**: - * You can extend rule descriptions to let users know how your organization is using a particular rule or to give more insight on a rule. - * Note that the extension will be available to non-admin users as a normal part of the rule details. - - -## Rule Templates and Custom Rules - -Rule Templates are provided by plugins as a basis for users to define their own custom rules in {instance}. To find templates, select the **Show Templates Only** facet from the the "Template" dropdown: - - - -To create a custom rule from a template click the **Create** button next to the "Custom Rules" heading and fill in the following information: -* Name -* Key (auto-suggested) -* Description (Markdown format is supported) -* Default Severity -* Status -* The parameters specified by the template - -You can navigate from a template to the details of custom rules defined from it by clicking the link in the "Custom Rules" section. - - - - -### Custom Rules - -Custom Rules are considered like any other rule, except that you can edit or delete them: - - - -**Note:** When deleting a custom rule, it is not physically removed from the {instance} instance. Instead, its status is set to "REMOVED". This allows current or old issues related to this rule to be displayed properly in {instance} until they are fully removed. - -## Extending Coding Rules - -Custom coding rules can be added. See [Adding Coding Rules](/extend/adding-coding-rules/) for detailed information and tutorials. - - -## Rule Types and Severities - -### How are rules categorized? - -The {instance} Quality Model divides rules into four categories: Bugs, Vulnerabilities, Security Hotspots, and Code Smells. Rules are assigned to categories based on the answers to these questions: - -**Is the rule about code that is demonstrably wrong, or more likely wrong than not?** -If the answer is "yes", then it's a Bug rule. -If not... - -**Is the rule about code that could be exploited by an attacker?** -If so, then it's a Vulnerability rule. -If not... - -**Is the rule about code that is security-sensitive?** -If so, then it's a Security Hotspot rule. -If not... - -**Is the rule neither a Bug nor a Vulnerability?** -If so, then it's a Code Smell rule. - - -## How are severities assigned? - -To assign severity to a rule, we ask a further series of questions. The first one is basically: - -**What's the worst thing that could happen?** - -In answering this question, we try to factor in Murphy's Law without predicting Armageddon. - -Then we assess whether the impact and likelihood of the Worst Thing (see _How are severity and likelihood decided?_, below) are high or low, and plug the answers into a truth table: - -| | Impact | Likelihood | -| -------- | ---------------------- | ---------------------- | -| Blocker |  |  | -| Critical |  |  | -| Major |  |  | -| Minor |  |  | - - -## How are severity and likelihood decided? - -To assess the severity of a rule, we start from the Worst Thing (see _How are severities assigned?_, above) and ask category-specific questions. - - -### Bugs - -Impact: **Could the Worst Thing cause the application to crash or to corrupt stored data?** - -Likelihood: **What's the probability that the Worst Thing will happen?** - - -### Vulnerabilities - -Impact: **Could the exploitation of the Worst Thing result in significant damage to your assets or your users?** - -Likelihood: **What is the probability that an attacker will be able to exploit the Worst Thing?** - - -### Security Hotspots - -Security Hotspots are not assigned severities as it is unknown whether there is truly an underlying vulnerability until they are reviewed. - - -## What might change after a software update - -Sonar developers continually re-evaluate our rules to provide the best results. As a result, the characteristics of some rules may change after an upgrade. This is normal and expected, and is no cause for alarm. - -The following rule charactersitics that may change in an upgrade: - -- **Type:** Type (Bug, Vulnerability, Code Smell) updates happen on occasion. When a rule type is updated, its value will update automatically in every profile that uses it. Although the rule will be updated, issues previously raised by the rule will not be updated. For example, if a rule transitioned from Bug to Code Smell, the existing issues will retain their original Bug type, and new issues will get the new type, Code Smell. - -- **Severity:** Changes to a rule's default severity will automatically be applied in Quality Profiles where the default severity was used. Although the rule will be updated, existing issues raised by the rule will not be updated. Note that it is possible to override a rule's default severity in a profile, and your custom override should remain intact in your Quality Profile after the upgrade. - -- **Tags:** Two types of tags may be attached to a rule: the default tags that come out of the box, and the custom tags added by administrators. When the default tags attached to a rule are updated in SonarQube, those changes will happen automatically. Custom tags associated with a rule will not change. - -- **Key:** Can change but this is uncommon. Typically this happens in the rare case that, for whatever reason, a key that was non-normal and needs to be normalized. When the key of a rule is changed, related issues are updated as well, so that they remain related to the re-keyed rule. - -- **Status:** Status does not affect the operation of a rule and has no impact on its issues. There are three possible rule statuses: Beta, Ready, and Deprecated. Sometimes, rules are first issued in Beta status and then moved to Ready. Most rules are in Ready status; ready to be used in production. When Sonar developers realize that a rule no longer makes sense, they first deprecate the rule, then eventually drop it. diff --git a/server/sonar-docs/src/pages/user-guide/security-hotspots.md b/server/sonar-docs/src/pages/user-guide/security-hotspots.md deleted file mode 100644 index e246f179195..00000000000 --- a/server/sonar-docs/src/pages/user-guide/security-hotspots.md +++ /dev/null @@ -1,74 +0,0 @@ ---- -title: Security Hotspots -url: /user-guide/security-hotspots/ ---- - -## What is a Security Hotspot? -A Security Hotspot highlights a security-sensitive piece of code that the developer needs to review. Upon review, you'll either find there is no threat or you need to apply a fix to secure the code. - -Another way of looking at hotspots may be [the concept of defense in depth](https://en.wikipedia.org/wiki/Defense_in_depth_(computing)) in which several redundant protection layers are placed in an application so that it becomes more resilient in the event of an attack. - -## Vulnerability or Hotspot? -The main difference between a hotspot and a vulnerability is **the need of a review** before deciding whether to apply a fix: - -* With a Hotspot, a security-sensitive piece of code is highlighted, but the overall application security may not be impacted. It's up to the developer to review the code to determine whether or not a fix is needed to secure the code. -* With a vulnerability, a problem that impacts the application's security has been discovered that needs to be fixed immediately. - -An example of a hotspot is the [RSPEC-2092](https://jira.sonarsource.com/browse/RSPEC-2092) where the use of *cookie secure flag* is recommended to prevent cookies from being sent over non-HTTPS connections but a review is needed because: -* HTTPS is the main protection against MITM attacks and so the secure flag is only an additional protection in case of some failures of network security. -* The cookie may be designed to be sent everywhere (non-HTTPS websites included) because it's a tracking cookie or similar. - -With hotspots we try to give some freedom to users and to educate them on how to choose the most relevant/appropriate protections depending on the context (budget, threats, etc). - -## Why are Security Hotspots Important? -While the need to fix individual hotspots depends on the context, you should view Security Hotspots as an essential part of improving an application's robustness. The more fixed hotspots there are, the more secure your code is in the event of an attack. Reviewing Security Hotspots allows you to: - -* **Understand the risk** – Understanding when and why you need to apply a fix in order to reduce an information security risk (threats and impacts). -* **Identify protections** – While reviewing Hotspots, you'll see how to avoid writing code that's at risk, determine which fixes are in place, and determine which fixes still need to be implemented to fix the highlighted code. -* **Identify impacts** – With hotspots you'll learn how to apply fixes to secure your code based on the impact on overall application security. Recommended secure coding practices are included on the Hotspots page to assist you during your review. - -## Lifecycle -Security Hotspots have a dedicated lifecycle. To make status changes, the user needs the **Administer Security Hotspots** permission. This permission is enabled by default. Users with the **Browse** permission can comment on or change the user assigned to a Security Hotspot. - -### Statuses -Through the lifecycle, a Security Hotspot takes one of the following statuses: - -* **To review** – the default status of new Security Hotspots set by SonarQube. A Security Hotspot has been reported and needs to be checked. -* **Acknowledged** – A developer has reviewed the Security Hotspot and a resolution to the highlighted risk is pending. This covers cases where a fix is in progress or where time is needed to determine the next step. -* **Fixed** – A developer has reviewed the Security Hotspot and applied a fix. -* **Safe** – A developer has reviewed the Security Hotspot and determined that no change is necessary (for example, because other more relevant protections are already in place). - -## Workflow -Follow this workflow to review Security Hotspots and apply any fixes needed to secure your code. - -### Review Priority -When SonarQube detects a Security Hotspot, it's added to the list of Security Hotspots according to its review priority from High to Low. Hotspots with a High Review Priority are the most likely to contain code that needs to be secured and require your attention first. - -Review Priority is determined by the security category of each security rule. Rules in categories that are ranked high on the OWASP Top 10 and CWE Top 25 standards are considered to have a High Review Priority. Rules in categories that aren't ranked high or aren't mentioned on the OWASP Top 10 or CWE Top 25 standards are rated as Medium or Low. - -### Reviewing Hotspots -When reviewing a Hotspot, you should: - -1. Review the **What's the risk?** tab to understand why the Security Hotspot was raised. -1. From the **Assess the risk** tab, read the **Ask Yourself Whether** section to determine if you need to apply a fix to secure the code highlighted in the Security Hotspot. -1. From the **How can you fix it?** tab, follow the **Recommended Secure Coding Practices** to fix your code if you've determined it's unsafe. - -After following these steps, set the Security Hotspot the appropriate status (see above): **Acknowledged**, **Fixed** or **Safe**. If you need another user’s review you can leave it as **To review**. - -### Review History - -The **Review history** tab shows the history of the Security Hotspot including the status it's been assigned and any comments the reviewer had regarding the Hotspot. - -### Reviewing Hotspots in your IDE - -Seeing a Security Hotspot directly in the IDE can help you better understand its context and decide whether it is safe or not. This is the purpose of the **Open in IDE** button that you'll see as an authenticated user. - -This feature is available to users of: -* [SonarLint for Visual Studio](https://www.sonarlint.org/visualstudio) 4.29 and above -* [SonarLint for IntelliJ](https://www.sonarlint.org/intellij) 4.13 and above -* [SonarLint for VS Code](https://www.sonarlint.org/vscode) 1.20 and above -* [SonarLint for Eclipse](https://www.sonarlint.org/eclipse) 5.7 and above - -The project needs to be open in the appropriate IDE and bound to the server through SonarLint's connected mode. - -Keep in mind that the revision or branch analyzed by SonarQube may not be the same as what you have opened in the IDE. In this case, SonarLint will do its best to locate the Security Hotspot in your local code. diff --git a/server/sonar-docs/src/pages/user-guide/security-reports.md b/server/sonar-docs/src/pages/user-guide/security-reports.md deleted file mode 100644 index de67bbb24b3..00000000000 --- a/server/sonar-docs/src/pages/user-guide/security-reports.md +++ /dev/null @@ -1,45 +0,0 @@ ---- -title: Security Reports -url: /user-guide/security-reports/ ---- - -*Security Reports are available starting in [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html).* - -## What do Security Reports show? -Security Reports quickly give you the big picture on your application's security. They allow you to know where you stand compared to the most common security mistakes made in the past: - -- [PCI DSS](https://www.pcisecuritystandards.org/) (versions 4.0 and 3.2.1) -- [OWASP Top 10](https://owasp.org/Top10/) (versions 2021 and 2017) -- [OWASP ASVS](https://owasp.org/www-project-application-security-verification-standard/) (version 4.0) -- [CWE Top 25](https://cwe.mitre.org/top25/) (versions 2021, 2020, and 2019) - -They represent the bare minimum to comply with for anyone putting in place a secure development lifecycle. - -[[warning]] -| The SANS Top 25 report is based on outdated statistics and should no longer be used. Instead, we recommend using the CWE Top 25 reports. - -Security Reports rely on the rules activated in your Quality Profiles to raise security issues. If there are no rules corresponding to a given OWASP category activated in your Quality Profile, you won't get issues linked to that specific category and the rating displayed will be **A**. That doesn't mean you are safe for that category, but that you need to activate more rules (assuming some exist) in your Quality Profile. - -## What's the difference between a Security Hotspot and a Vulnerability? - -Security Hotspots and Vulnerabilities differ in that: - -* A Security Hotspot is a security-sensitive piece of code that is highlighted but doesn't necessarily impact the overall application security. It's up to the developer to review the code to determine whether or not a fix is needed to secure the code. -* A vulnerability is a problem that impacts the application's security that needs to be fixed immediately. - -For more details, see the [Security Hotspots](/user-guide/security-hotspots/) page. - -## Why don't I see any Vulnerabilities or Security Hotspots? -You might not see any Vulnerabilities or Security Hotspots for the following reasons: -* Your code has been written without using any security-sensitive API. -* Vulnerability or Security Hotspot rules are available but not activated in your Quality Profile so no Security Hotspots or Vulnerabilities are raised. -* SonarQube might not currently have many rules for your language, so it won't raise any or only a few Vulnerabilities or Security Hotspots. - -## Downloading a PDF copy -You can download a PDF copy of your Security Reports by clicking the **Download as PDF** button in the upper-right corner of the **Security Reports** page. - -The PDF contains: - -- the number of open Vulnerabilities and the Security Rating on both overall code and new code. -- the number of Security Hotspots, the percentage of reviewed Security Hotspots, and the Security Review rating on both overall and new code. -- your SonarSource, OWASP Top 10, and CWE Top 25 2020 reports. diff --git a/server/sonar-docs/src/pages/user-guide/security-rules.md b/server/sonar-docs/src/pages/user-guide/security-rules.md deleted file mode 100644 index 36456e385c7..00000000000 --- a/server/sonar-docs/src/pages/user-guide/security-rules.md +++ /dev/null @@ -1,42 +0,0 @@ ---- -title: Security-related Rules -url: /user-guide/security-rules/ ---- -The {instance} Quality Model has four different types of rules: Reliability (bug), Maintainability (code smell), Security (vulnerability and hotspot) rules. There are a lot of expectations about security, so below we explain some key concepts and how the security rules differ from others. - -## What to expect from security-related rules -As with other types of rules, we try to raise no false positives: you should be confident that anything reported to you as an issue is really an issue. - -Under the hood SonarQube is based on different representations of the source code and technologies in order to be able to detect any kind of security issue: -* **Security-injection rules**: there is a vulnerability here when the inputs handled by your application are controlled by a user (potentially an attacker) and not validated or sanitized, when this occurs, the flow from sources (user-controlled inputs) to sinks (sensitive functions) will be presented. To do this, SonarQube uses well-known taint analysis technology on source code which allows, for example, the detection of: - * [CWE-89](https://cwe.mitre.org/data/definitions/89.html): SQL Injection - * [CWE-79](https://cwe.mitre.org/data/definitions/79.html): Cross-site Scripting - * [CWE-94](https://cwe.mitre.org/data/definitions/94.html): Code Injection -* **Security-configuration rules**: here there is a security issue because the wrong parameter (eg: invalid cryptographic algorithm or TLS version) when calling a sensitive function has been set or when a check (eg: check_permissions() kind of function) was not done or not in the correct order, this problem is likely to appear often when the program is executed (no injected/complex attacks are required unlike in the previous category): - * [CWE-1004](https://cwe.mitre.org/data/definitions/1004.html): Sensitive Cookie Without 'HttpOnly' Flag - * [CWE-297](https://cwe.mitre.org/data/definitions/297.html): Improper Validation of Certificate with Host Mismatch - * [CWE-327](https://cwe.mitre.org/data/definitions/327.html): Use of a Broken or Risky Cryptographic Algorithm - -These security issues are then divided into two categories: vulnerabilities and hotspots (see the main differences on the [Security Hotspots](/user-guide/security-hotspots/) page). Security Hotspots have been introduced for security protections that have no direct impact on the overall application's security. Most injection rules are vulnerabilities, for example, if a SQL injection is found, it is certain that a fix (input validation) is required, so this is a vulnerability. On the contrary, the *httpOnly* flag when creating a cookie is an additional protection desired (to reduce the impact when XSS vulnerabilities appear) but not always possible to implement or relevant depending on the context of the application, so it's a hotspot. - -With Hotspots, we want to help developers understand information security risks, threats, impacts, root causes of security issues, and the choice of relevant software protections. In short, we really want to educate developers and help them develop secure, ethical, and privacy-friendly applications. - -## Which security-standards are covered? -Our security rules are classified according to well-established security-standards such as: -* [CWE Top 25](https://cwe.mitre.org/top25/): SonarQube is a CWE compatible product [since 2015](https://cwe.mitre.org/compatible/questionnaires/33.html). -* [PCI DSS](https://www.pcisecuritystandards.org/) (versions 4.0 and 3.2.1) -* [OWASP Top 10 ](https://owasp.org/Top10/) -* [OWASP ASVS](https://owasp.org/www-project-application-security-verification-standard/) (version 4.0) - -[[warning]] -| The SANS Top 25 report is based on outdated statistics and should no longer be used. Instead, we recommend using the CWE Top 25 reports. - -The standards to which a rule relates will be listed in the **See** section at the bottom of the rule description. More generally, you can search for a rule on [rules.sonarsource.com](https://rules.sonarsource.com/): -* [Java-vulnerability-issue-type](https://rules.sonarsource.com/java/type/Vulnerability): all vulnerability rules for Java language. -* [Java-hotspots-issue-type](https://rules.sonarsource.com/java/type/Security%20Hotspot): all security-hotspot rules for Java language. -* [Java-tag-injection](https://rules.sonarsource.com/java/tag/injection): all security-injection rules for Java language. - -## How to propose new security-rules? -Security is a lively world where new types of attacks and vulnerabilities appear very often, so we welcome any suggestions for new security-rules. You can read the [adding coding rules](/extend/adding-coding-rules/) page to see how to develop a new rule or propose a new one [on our community forum](https://community.sonarsource.com/c/suggestions/rules/13). - -Regarding the security-injection rules mentioned above, it's possible to [extend the taint analysis configuration](/analysis/security_configuration/) to allow the SonarQube engine to use new sources, sanitizers, validators and sinks of the homemade-frameworks that you use. Security Engine Custom Configuration is available as part of the Enterprise Edition and above. diff --git a/server/sonar-docs/src/pages/user-guide/user-account.md b/server/sonar-docs/src/pages/user-guide/user-account.md deleted file mode 100644 index 3e06f1facf1..00000000000 --- a/server/sonar-docs/src/pages/user-guide/user-account.md +++ /dev/null @@ -1,49 +0,0 @@ ---- -title: Overview -url: /user-guide/user-account/ ---- - -As a {instance} user you have your own space where you can see the things that are relevant to you: - -## Profile - -<!-- sonarqube --> - -It gives you a summary of: - -- your Groups -- your SCM accounts - -## Security - -If your instance is not using a 3rd party authentication mechanism such as LDAP or an OAuth provider (GitHub, Google Account, ...), you can change your password from here. Additionally, you can also manage your own authentication tokens. - -You can create as many Tokens as you want. Once a Token is created, you can use it to perform analysis on a project where you have the [Execute Analysis](/instance-administration/security/) permission. - -<!-- /sonarqube --> - -<!-- sonarcloud --> - -It gives you a summary of your SCM accounts and allows you to delete your account. - -## Security - -You can create as many Tokens as you want. Once a Token is created, you can use it to perform analysis on a project where you have the [Execute Analysis](/instance-administration/security/) permission. - -## Organizations - -This is an overview of all the organizations you are member of. - -## Delete your user account - -Go to [User > My Account > Profile](/#sonarcloud#/account) and click on **Delete**. Once your account is deleted, all you data will be removed except your login that will still be displayed in different places: - -- issues assignee -- issues comments -- issues changelog - -Note that you can manually unassign yourself from all your issues and/or remove your comments before deleting your account. - -The information used to identify yourself in SCM (name, email) are part of the SCM data and can not be removed. - -<!-- /sonarcloud --> diff --git a/server/sonar-docs/src/pages/user-guide/user-token.md b/server/sonar-docs/src/pages/user-guide/user-token.md deleted file mode 100644 index 8274973a5f2..00000000000 --- a/server/sonar-docs/src/pages/user-guide/user-token.md +++ /dev/null @@ -1,62 +0,0 @@ ---- -title: Generating and Using Tokens -url: /user-guide/user-token/ ---- - -Users can generate tokens that can be used to run analyses or invoke web services without access to the user's actual credentials. - -## Types of Tokens - -### User Tokens -These tokens can be used to run analysis and to invoke web services, based on the token author's permissions. - -### Project Analysis Tokens -These tokens can be used to run analysis on a specific project. - -In order to create this type of token, the user should have Global Execute Analysis permission or Execute Analysis permission on the token's associated project. - -If the token's author loses Execute Analysis permissions for the associated project, the token will no longer be valid for performing an -analysis. - -[[info]] -| The usage of Project Analysis Tokens is encouraged for security reasons. -| If such a token were to leak, an attacker would only gain access to analyze a single project or to interact with the related web services requiring Execute Analysis permissions. - - -### Global Analysis Tokens -These tokens can be used to run analysis on every project. - -In order to create this type of tokens, the user should have Global Execute Analysis Permission. - -If the token's author loses the Global Execute Analysis permission, the token will no longer be valid for performing an analysis. - -## Generating a token - -You can generate new tokens at **User > My Account > Security**. - -The form at the top of the page allows you to generate new tokens, specifying their token type. You can select an expiration for your token or choose "no expiration". - -If an Administrator has enforced a maximum lifetime for tokens, then the "no expiration" option will not be available and the maximum allowed expiration will correspond to the maximum token lifetime allowed by your organization (*enforcing a maximum lifetime for all newly generated tokens is available as part of the [Enterprise Edition](https://redirect.sonarsource.com/editions/enterprise.html) and above; see [Security](/instance-administration/security/)*). - -Once you click the **Generate** button, you will see the token value. Copy it immediately; once you dismiss the notification you will not be able to retrieve it. - -## Revoking a token - -You can revoke an existing token at **User > My Account > Security** by clicking the **Revoke** button next to the token. - -## Expired tokens - -If a token has an expiration, it will no longer be usable after it has expired. The token will still be visible under **User > My Account > Security**, where you can revoke it like any other token. - -## Using a token - -User tokens must replace your normal login process in the following scenarios: - -* when running analyses on your code: replace your login with the token in the `sonar.login` property. -* when invoking web services: just pass the token instead of your login while doing the basic authentication. - -In both cases, you don't need to provide a password (so when running analyses on your code, the property `sonar.password` is optional). Using a token is the preferred method over using a login and password. - -### Expiration date in HTTP response - -When using a token to interact with web services, a `SonarQube-Authentication-Token-Expiration` HTTP header will be added to the response. This header contains the token expiration date and can help third-party tools track upcoming expirations, so the token can be rotated in time. diff --git a/server/sonar-docs/src/templates/page.tsx b/server/sonar-docs/src/templates/page.tsx deleted file mode 100644 index 584062f453c..00000000000 --- a/server/sonar-docs/src/templates/page.tsx +++ /dev/null @@ -1,204 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { graphql } from 'gatsby'; -import { selectAll } from 'hast-util-select'; -import * as React from 'react'; -import Helmet from 'react-helmet'; -import rehypeReact from 'rehype-react'; -import { MarkdownHeading, MarkdownRemark, MarkdownRemarkConnection } from '../@types/graphql-types'; -import HeaderList from '../components/HeaderList'; -import MetaData from '../components/MetaData'; -import { HtmlAST, HtmlASTNode } from '../types/hast'; - -interface Props { - data: { - allMarkdownRemark: Pick<MarkdownRemarkConnection, 'edges'>; - markdownRemark: Pick<MarkdownRemark, 'htmlAst' | 'headings' | 'frontmatter'>; - }; - location: Location; -} - -export const query = graphql` - query($slug: String!) { - allMarkdownRemark { - edges { - node { - html - fields { - slug - } - } - } - } - markdownRemark(fields: { slug: { eq: $slug } }) { - htmlAst - headings { - depth - value - } - frontmatter { - title - } - } - } -`; - -export default class Page extends React.PureComponent<Props> { - baseUrl = ''; - - // @ts-ignore - renderAst = new rehypeReact({ - createElement: React.createElement, - components: { - 'update-center': ({ updatecenterkey }: { updatecenterkey: string }) => ( - <MetaData updateCenterKey={updatecenterkey} /> - ) - } - }).Compiler; - - componentDidMount() { - if (window) { - this.baseUrl = window.location.origin + '/'; - } - const collapsables = document.getElementsByClassName('collapse'); - - for (let i = 0; i < collapsables.length; i++) { - collapsables[i].classList.add('close'); - const customBlockWrapper = collapsables[i].querySelector('.custom-block-body'); - if (customBlockWrapper) { - let firstChild = customBlockWrapper.firstElementChild; - if (firstChild) { - firstChild.outerHTML = firstChild.outerHTML - .replace(/<h2/gi, '<a href="#"') - .replace(/<\/h2>/gi, '</a>'); - - // We changed the element. It's reference is no longer correct in some - // browsers. Fetch it again. - firstChild = customBlockWrapper.firstElementChild; - firstChild!.addEventListener('click', (event: Event & { currentTarget: HTMLElement }) => { - event.preventDefault(); - if ( - event.currentTarget.parentElement && - event.currentTarget.parentElement.parentElement - ) { - event.currentTarget.parentElement.parentElement.classList.toggle('close'); - } - }); - } - } - } - } - - render() { - const page = this.props.data.markdownRemark; - const version = process.env.GATSBY_DOCS_VERSION || ''; - const mainTitle = 'SonarQube Docs'; - const pageTitle = page.frontmatter && page.frontmatter.title; - - page.headings = filterHeaderList(page.htmlAst, page.headings); - addSlugToHeader(page.htmlAst); - makeExternalLinkOpenInNewTab(page.htmlAst); - removeInAppLinks(page.htmlAst); - addDocVersionToImagesLinks(page.htmlAst); - - return ( - <> - <Helmet title={pageTitle ? `${pageTitle} | ${mainTitle}` : mainTitle}> - <html lang="en" /> - <link href={`/${version}/favicon.ico`} rel="icon" /> - <link - href={this.baseUrl + this.props.location.pathname.replace(version, 'latest')} - rel="canonical" - /> - <script type="text/javascript">{` - (function(window,document) { - (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ - (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), - m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) - })(window, document,'script','https://www.google-analytics.com/analytics.js','ga'); - ga('create', 'UA-1880045-11' , 'auto'); - ga('send', 'pageview'); - })(window,document); - `}</script> - </Helmet> - <HeaderList headers={page.headings || []} /> - <h1>{pageTitle || mainTitle}</h1> - <div className="markdown-content">{this.renderAst(page.htmlAst)}</div> - </> - ); - } -} - -function filterHeaderList(hast: HtmlAST, headers: MarkdownHeading[] | null) { - if (!headers) { - return null; - } - - // Keep only first level h2 - return headers.filter(header => - hast.children.some( - elt => - elt.tagName === 'h2' && - elt.children && - elt.children.some(child => child.value === header.value) - ) - ); -} - -function addSlugToHeader(hast: HtmlAST) { - let counter = 1; - - hast.children.forEach(elt => { - if (elt.tagName === 'h2') { - elt.properties = { ...elt.properties, id: `header-${counter}` }; - counter++; - } - }); -} - -function makeExternalLinkOpenInNewTab(hast: HtmlAST) { - selectAll('a[href^=http]', hast).forEach( - (elt: HtmlASTNode) => (elt.properties = { ...elt.properties, target: '_blank' }) - ); -} - -function removeInAppLinks(hast: HtmlAST) { - const inAppLinksTags = ['/#sonarqube#/', '/#sonarcloud#/', '/#sonarqube-admin#/']; - - selectAll(inAppLinksTags.map(tag => `a[href*=${tag}]`).join(','), hast).forEach( - (elt: HtmlASTNode) => { - elt.tagName = 'span'; - delete elt.properties?.href; - } - ); -} - -function addDocVersionToImagesLinks(hast: HtmlAST) { - const version = process.env.GATSBY_DOCS_VERSION || ''; - const imgPrefix = 'images'; - - if (version !== '') { - selectAll(`img[src^=/${imgPrefix}/]`, hast).forEach((elt: HtmlASTNode) => { - if (elt.properties?.src) { - elt.properties.src = elt.properties.src.replace(imgPrefix, `${version}/${imgPrefix}`); - } - }); - } -} diff --git a/server/sonar-docs/src/tooltips/editions/datacenter.md b/server/sonar-docs/src/tooltips/editions/datacenter.md deleted file mode 100644 index 7b2ee178725..00000000000 --- a/server/sonar-docs/src/tooltips/editions/datacenter.md +++ /dev/null @@ -1,9 +0,0 @@ -###  Data Center Edition - -*Designed for High Availability and Scalability* - -Enterprise Edition functionality plus: - -* Component redundancy -* Data resiliency -* Horizontal scalability diff --git a/server/sonar-docs/src/tooltips/editions/developer.md b/server/sonar-docs/src/tooltips/editions/developer.md deleted file mode 100644 index 6c96fc851fa..00000000000 --- a/server/sonar-docs/src/tooltips/editions/developer.md +++ /dev/null @@ -1,11 +0,0 @@ -###  Developer Edition - -*Built for Developers by Developers* - -Community Edition functionality plus: - -* PR / MR decoration & Quality Gate     -* Taint analysis / Injection flaw detection for Java, C#, PHP, Python, JS & TS -* Branch analysis -* Project aggregation -* Additional languages: C, C++, Obj-C, PS/SQL, ABAP, TSQL & Swift diff --git a/server/sonar-docs/src/tooltips/editions/enterprise.md b/server/sonar-docs/src/tooltips/editions/enterprise.md deleted file mode 100644 index 14d995ba597..00000000000 --- a/server/sonar-docs/src/tooltips/editions/enterprise.md +++ /dev/null @@ -1,12 +0,0 @@ -###  Enterprise Edition - -*Designed to Meet Enterprise Requirements* - -Developer Edition functionality plus: - -* Faster analysis with parallel processing -* OWASP/CWE security reports -* Portfolio management -* Executive reporting -* Project transfer -* Additional languages: Apex, COBOL, PL/I, RPG & VB6 diff --git a/server/sonar-docs/src/types/hast.ts b/server/sonar-docs/src/types/hast.ts deleted file mode 100644 index bd84e214a6a..00000000000 --- a/server/sonar-docs/src/types/hast.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -export interface HtmlAST { - children: HtmlASTNode[]; -} - -export interface HtmlASTNode { - type: string; - tagName?: string; - properties?: { [key: string]: string }; - value?: string; - children?: HtmlASTNode[]; -} diff --git a/server/sonar-docs/src/utils/testUtils.ts b/server/sonar-docs/src/utils/testUtils.ts deleted file mode 100644 index e34207ec8f0..00000000000 --- a/server/sonar-docs/src/utils/testUtils.ts +++ /dev/null @@ -1,48 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import { ReactWrapper, ShallowWrapper } from 'enzyme'; -import { setImmediate } from 'timers'; - -export function click(element: ShallowWrapper | ReactWrapper, event = {}): void { - // `type()` returns a component constructor for a composite element and string for DOM nodes - if (typeof element.type() === 'function') { - element.prop<Function>('onClick')(); - // TODO find out if `root` is a public api - // https://github.com/airbnb/enzyme/blob/master/packages/enzyme/src/ReactWrapper.js#L109 - (element as any).root().update(); - } else { - element.simulate('click', mockEvent(event)); - } -} - -export function mockEvent(overrides = {}) { - return { - target: { blur() {} }, - currentTarget: { blur() {} }, - preventDefault() {}, - stopPropagation() {}, - ...overrides - } as any; -} - -export async function waitAndUpdate(wrapper: ShallowWrapper<any, any> | ReactWrapper<any, any>) { - await new Promise(setImmediate); - wrapper.update(); -} diff --git a/server/sonar-docs/src/utils/typography.js b/server/sonar-docs/src/utils/typography.js deleted file mode 100644 index c9ad0eceab0..00000000000 --- a/server/sonar-docs/src/utils/typography.js +++ /dev/null @@ -1,38 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2022 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -import Typography, { rhythm, scale } from 'typography'; - -const fontFamily = 'Roboto'; - -const typography = new Typography({ - bodyFontFamily: [fontFamily, 'serif'], - headerFontFamily: [fontFamily, 'serif'], - baseFontSize: '15px', - bodyWeight: '400', - headerWeight: '400', - googleFonts: [{ name: fontFamily, styles: ['400,500,700'] }], - overrideStyles: () => ({ - a: { - color: '#439ccd' - } - }) -}); - -export { rhythm, scale, typography as default }; |
