guide sonar qube setup
SonarQube is the recommended tool for continuous quality analysis. Ideally you will get it out-of-the-box and pre-configured with the ProductionLine otherwise you can set it up yourself what is described here.
You need to have the following components installed on your server:
Inside SonarQube you need to install the following plugins (most of them via Marketplace as admin):
Import all quality profiles from here.
Each profile should be set as default. If you hit issues in your projects (missing findings, false-positives, etc.) feel free to adjust the config to your needs. However, be aware that we put a lot of energy into this config and the rules are there for reason. Only drop rules or lower the severity of rules if this really makes sense for your project (and not just for being lazy and getting rid of warnings - instead consider the findings as valuable input).
Further the following rules are not activated in our config because they only make sense in specific situations and need to be configured according to your project:
-
squid:S1451(Track lack of copyright and license headers)
This documentation is licensed under the Creative Commons License (Attribution-NoDerivatives 4.0 International).
