Merge pull request #2 from re-schneider/activate_sonar

SONAR: configuring repository to be analyzed by Sonar

.travis.yml

@@ -1,3 +1,6 @@
+# required for sonar (https://docs.travis-ci.com/user/sonarqube/)
+dist: trusty
+
 sudo: required
 
 language: python
@@ -7,21 +10,33 @@ services:
 
 python: 3.6
 env:
- - TOX_ENV=flake8
- - TOX_ENV=docs
- - TOX_ENV=py26
- - TOX_ENV=py27
- - TOX_ENV=py33
- - TOX_ENV=py34
- - TOX_ENV=py35
- - TOX_ENV=py36
- - TOX_ENV=pypy
+  matrix:
+    - TOX_ENV=flake8
+    - TOX_ENV=docs
+    - TOX_ENV=py26
+    - TOX_ENV=py27
+    - TOX_ENV=py33
+    - TOX_ENV=py34
+    - TOX_ENV=py35
+    - TOX_ENV=py36
+    - TOX_ENV=pypy
+
+  global:
+    # GITHUB_TOKEN
+    - secure: "Br8mZxiBxGBH34FRGIxkXsYkPLL1tIVf1SSpvgOEYWGbvO910+UAnhpow+eufS9zqVOYUQIUA0PfEVd2EoCIgf6WHNsLOJRrEMkOyxd2SCgXsVaZu1f1TszfjCHEcAard0mwn2KrNEyR0DnB6xujHiY+O0LIdz7yicwh1BQd43wZaOYOpy3ohs969OOZ2Le6rfOMHCJY1Bsa018bwVwUB8Re3tAqsh+TCMVwWxhXfvZdTXe7kOMsjwh1a3TbcuIFFvfP/FxDqfJ0NJ1OLUmxvGVLXAnZHamPBgifSDQcu/BkxNcVQbLH3Pb7lo3Nx1ywr+LbXynC//xYQTn+0Ky9dSUrTZ+RDyRzvDxXs7fGttA2T67pBqWN8WUtZ5HXKr1GJa3WsCPzMgXegBfY1qiMvFRbRmjnV118xeOtOiLm1HHq4imxVGyLV23IvK9WBvZknouWHqWDYPWi5AbHQZ0Wk1oovIIS+Z3uDei5I77mzIk1D73wkgc0vNsNKdkFNMPMj94iRW945M768Ef4Qb0Oz/VWmHEsuMJycx3A8enXjC/tw14AVJKDJqlcoI/2UZZ5fBEIpOaSfBc6sQxVg0OgJ9/3aMF0RAYs2048jX02raoCKNVGBv/PPTop5hfQvdZ13ifkugPUnWszFXisa7VpP8AQklrFBU81jGJCNfPAl+g="
+    #
+    # SONAR_TOKEN
+    - secure: "qv53nBqeaawK1/ZOj5IyLzqA/QsIQnPkuDa0D75i9jqUgSnNhCMMSoBUAqwikDQYJ+TO6+xW0GjcAKZJ/eYaWN+++DvSopv+WCwKoRKsCJUpcF8XGnfes9iux+8eYYCL0uQRtiJdbJ/I50Xp6jrOrF+98b8CGwa6DAfqxNu4FyteKe/dswtOlbH/2iBN5tJTh5/3pKIbhrzuRznbqqa7HeBU9OrMAEz7t4kJEO+TDV7WkOGQPntL/t1CSPla7w2PeNfWYVm1DiSTFaCuSmhYqA5gX+uCiPgC1aAXkv3NxlrkAIOXbj1LfUKR6TePYk6dz+e+thgnT7X2ohA/vMDOngoDTTK+2uycd5qS7PTENfc3628REANIiJUXWtUZRb3hPeRQFoj7rwDvHqtlj56RK9r2uz1M5cVX+v9ZtfS1JSYeK/iG6BDceYOSRK8Ih6QZUiJFdzMrYiHKUony1VkpBZ0pOrG5ph0dclwFaLGSKn6usyvScUdFbtxUm6JT4XGvvLAEASz4+UVOvSMF384BtDCRR/hc0rY2IH49liwcm5RSJ6pGKMZEfKZyYG5BQE6jpD409WUqR4vNuJbbAyRWQ5aTruLbshIBsVuUJlM2CmG7wBmkkMg2P4PB1HwlFn6ZEfy+j5zB0bpCZQKeW1KcukZRrKBHUpQYRvox/btarL8="
+    #
+    - SONAR_HOST_URL="https://sonarcloud.io"
+    - SONAR_ORGA="default"
 
 install:
  - pip install tox coveralls
 
 script:
   - tox -e $TOX_ENV
+  - ./.travis/runSonarQubeAnalysis.sh
 
 after_success:
   - coveralls

.travis/runSonarQubeAnalysis.sh

@@ -0,0 +1,66 @@
+#!/bin/sh
+# Exit on failure
+set -e
+
+#
+# SOURCE: https://github.com/bellingard/multi-language-project/blob/master/runSonarQubeAnalysis.sh
+#
+
+# This assumes that the 2 following variables are defined:
+# - SONAR_HOST_URL => should point to the public URL of the SQ server (e.g. for Nemo: https://nemo.sonarqube.org)
+# - SONAR_TOKEN    => token of a user who has the "Execute Analysis" permission on the SQ server
+
+# We don't want to run X times the same analysis because of the matrix configuration
+if [ "${TOX_ENV}" != "pypy" ]; then
+	echo "Duplicated run detected, skipping the SonarQube analysis... (currently running ${TOX_ENV})"
+	exit 0
+fi
+
+
+# And run the analysis
+# It assumes that the project uses Maven and has a POM at the root of the repo
+if [ "${TRAVIS_BRANCH}" = "master" ] && [ "${TRAVIS_PULL_REQUEST}" = "false" ]; then
+	# => This will run a full analysis of the project and push results to the SonarQube server.
+	#
+	# Analysis is done only on master so that build of branches don't push analyses to the same project and therefore "pollute" the results
+	echo "Starting analysis by SonarQube..."
+	sonar-scanner -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=$SONAR_ORGA
+
+
+elif [ "${TRAVIS_PULL_REQUEST}" != "false" ] && [ -n "${GITHUB_TOKEN-}" ]; then
+	# => This will analyse the PR and display found issues as comments in the PR, but it won't push results to the SonarQube server
+	#
+	# For security reasons environment variables are not available on the pull requests
+	# coming from outside repositories
+	# http://docs.travis-ci.com/user/pull-requests/#Security-Restrictions-when-testing-Pull-Requests
+	# That's why the analysis does not need to be executed if the variable GITHUB_TOKEN is not defined.
+	echo "Starting Pull Request analysis by SonarQube..."
+	sonar-scanner \
+		-Dsonar.host.url=$SONAR_HOST_URL \
+		-Dsonar.login=$SONAR_TOKEN \
+		-Dsonar.organization=$SONAR_ORGA \
+		-Dsonar.analysis.mode=preview \
+		-Dsonar.github.oauth=$GITHUB_TOKEN \
+		-Dsonar.github.repository=$TRAVIS_REPO_SLUG \
+		-Dsonar.github.pullRequest=$TRAVIS_PULL_REQUEST
+
+else
+	# When neither on master branch nor on a non-external pull request => nothing to do
+	#
+	# However, it is good to know why we are here
+	echo "No SonarQube anaysis necessary in this case (current branch: ${TRAVIS_BRANCH} & PR context: ${TRAVIS_PULL_REQUEST})..."
+
+	# It is useful to know what is the status of the secure entries (can explain why it was not started)
+	if [ -n "${GITHUB_TOKEN-}" ]; then
+		echo "\t=> GITHUB_TOKEN is defined"
+	else
+		echo "\t=> GITHUB_TOKEN is NOT defined"
+	fi
+
+	if [ -n "${SONAR_TOKEN-}" ]; then
+		echo "\t=> SONAR_TOKEN is defined"
+	else
+		echo "\t=> SONAR_TOKEN is NOT defined"
+	fi
+
+fi

sonar-project.properties

@@ -0,0 +1,16 @@
+
+# Required metadata
+sonar.projectKey=amadeusitgroup_jumpssh
+sonar.projectName=Python :: JumpSSH
+sonar.projectVersion=1.0.0
+
+# Comma-separated paths to directories with sources (required)
+sonar.sources=jumpssh
+
+# Language
+sonar.language=py
+
+# Encoding of the source files
+sonar.sourceEncoding=UTF-8
+# sonar.python.xunit.reportPath=nosetests.xml
+# sonar.python.coverage.reportPath=coverage.xml