@kostajh kindly deploy the change as I do not have ssh access to the tool. Maybe after deploying, you can add me to the group tools.sonarqubebot to enable me deploy a change next time

My PHP tool encountered this problem where nodejs would be installed but PHP wasn't. The issue is now fixed, and my tool builds and deploys as it should now. Thanks @dcaro for the fix.

It seems to be working fine with our sonar scanner version. We can go ahead and update extensions Jenkins jobs.

Thank you @hashar I will monitor the codehealth jobs to ensure they are running smoothly.

It appears they are enforcing the minimum scanner version that can be used with Java 17 to be version 5.x. Although from limited research I have seen some who had scanner v4.8^ could run it in Java 17. We can only know for sure by trying after we have a Java 17 image available.

As an aside, I've always wondered if there's any value in running code coverage via SonarCloud in addition to the bespoke CI job. The coverage generated by SonarCloud has several shortcomings such as:

• It's based on unit tests, and ignores integration tests
• It's not published on doc.wikimedia.org
• It doesn't work well with stacked patches

@Aklapper : Thanks, I will make sure to add the project tags in future.

Sonar can use any node version as long as its not a deprecated version. Inherit from our standard node16 image seems like the most optimal way to go :)

This issue has been resolved in T348724: Update sonar scanner node version from v14 to v16 .

For the moment I have changed CheckUser's quality gate to not give coverage alerts until we figure out the coverage issues

One can set the path manually under the project settings (Your Project > Administration > General Settings > Languages > PHP > Tests and Coverage > Files)

not sure about this but pull request analysis seems to be available starting in Developer Edition, which is a paid version.

Thank you. I have created a service.template file and it now picks buildservice as default. The tool seems to be running fine. I will mark this task as resolved :)

Hi, normally I build the image: toolforge build start https://gitlab.wikimedia.org/toolforge-repos/gitlab-sonarqubebot.git

Violations are reported as comments on gitlab after each commit.
I am marking the task as resolved, Incase of questions or issues feel free to reopen the task or slack me.

Feel free to mark the task as resolved

Thanks. The solution works fine. I will now mark the task as resolved.

Or is it possible to write a script that creates the file manually and adds contents to the file every time a new build succeeds?

Thanks @dcaro . This build service is awesome !! :- ) I need to store my secret env variables in a file called .env , and when I shell into the build service and create the file manually, the moment I exit shell the file dissapears. When I pull the file through code update it works perfectly, but this file should not be accessible publicly, so when I remove it from git the moment new code builds the file will be removed as well. How should I go about this?

Using the build service the image runs succesfully locally, So I followed the documetation in my tool's instance. The build succeeds because I get the following results

Thank you @fnegri . I prefer to go ahead with the CloudVPS project as it will give me more room and freedom to experiment

@pfischer Thanks for your help in making sure everything works correctly.

I am closing this task. I got the access I needed to the respective groups.

Step one is now complete. The next step will be creating a bot that reports violations as comments on gitlab after each commit

Currently working on search-platform group

I should be able to set this up next week once Release Eng. is done sorting out my Gitlab access

Hi Gehel, I will setup a sonar template that can be imported for maven projects in Gitlab