Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sonarqube support with ESLint #228

Merged
merged 2 commits into from
Nov 7, 2023
Merged

Sonarqube support with ESLint #228

merged 2 commits into from
Nov 7, 2023

Conversation

4n4n4s
Copy link
Contributor

@4n4n4s 4n4n4s commented Sep 26, 2023

Added sonarqube analysis.

To enable you:

  1. need to create an organization on sonarcloud with your github user and setup a project for free-games-claimer github project
  2. create a token at https://sonarcloud.io/account/security and add it as "SONAR_TOKEN" to the projects secrets
  3. https://sonarcloud.io/project/analysis_method?id=vogler_free-games-claimer change analysis to not use "Automatic Analysis"

In the .eslintrc.cjs we can also add new rules like I added for now 'semi': 'error' so we enforce to have semicolons at the end of each line.

You can also use the ESLint addon in VSCode/Coduim and it also uses the .eslintrc.cjs

We can later also add test coverage and status icons to the README.md about project status.

Copy link

sonarqubecloud bot commented Nov 7, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@vogler vogler merged commit dec0b51 into vogler:main Nov 7, 2023
0 of 2 checks passed
@vogler
Copy link
Owner

vogler commented Nov 7, 2023

Thanks!
Signing up and adding the repo on sonarcloud was enough for its automatic analysis. However, this has the following limitations:

  • Branch analysis (analysis of non-pull request branches other than the main branch) is not supported.
  • Code coverage information is not supported.
  • Import of external rule engine reports is not supported.

This PR adds a GitHub Action for sonarcloud as shown here: https://github.com/SonarSource/sonarcloud-github-action

This allows to integrate eslint into the sonarcloud results: https://docs.sonarsource.com/sonarcloud/enriching/external-analyzer-reports/#javascript

.eslintrc.cjs is close to what npm init @eslint/config would generate, but extends a minimal eslint:recommended instead of something like https://github.com/airbnb/javascript which would cause lots of warnings.

Tried the airbnb style guide for epic-games.js but ended up disabling a lot of rules:

/* eslint-disable no-restricted-syntax */
/* eslint-disable arrow-parens */
/* eslint-disable no-mixed-operators */
/* eslint-disable eqeqeq */
/* eslint-disable no-await-in-loop */
/* eslint-disable no-console */
/* eslint-disable max-len */

So, extending eslint:recommended seems like the better idea.
Only thing I had to adjust was 'no-unused-vars': ["error", { "argsIgnorePattern": "^_" }] to not have it warn about _ as unused arg. - https://eslint.org/docs/latest/rules/no-unused-vars#argsignorepattern
Also, no-undef needs to be disabled for JS evaluated in the browser context for it to not complain about undef. window etc.

@vogler
Copy link
Owner

vogler commented Nov 7, 2023

2eaf6f0
e4e4f2e
efe4faa

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants