From 27bd790bd6a3ba5dfc10dc760060ea2a661903b5 Mon Sep 17 00:00:00 2001 From: "remi.schneider" Date: Tue, 6 Jun 2017 10:01:04 +0200 Subject: [PATCH 1/4] SONAR: configuring repository to be analyzed by Sonar --- .travis.yml | 13 +++++++ .travis/runSonarQubeAnalysis.sh | 65 +++++++++++++++++++++++++++++++++ sonar-project.properties | 16 ++++++++ 3 files changed, 94 insertions(+) create mode 100644 .travis/runSonarQubeAnalysis.sh create mode 100644 sonar-project.properties diff --git a/.travis.yml b/.travis.yml index 21dda54..420a269 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,3 +1,6 @@ +# required for sonar (https://docs.travis-ci.com/user/sonarqube/) +dist: trusty + sudo: required language: python @@ -16,12 +19,22 @@ env: - TOX_ENV=py35 - TOX_ENV=py36 - TOX_ENV=pypy + + global: + # GITHUB_TOKEN + - secure: "Br8mZxiBxGBH34FRGIxkXsYkPLL1tIVf1SSpvgOEYWGbvO910+UAnhpow+eufS9zqVOYUQIUA0PfEVd2EoCIgf6WHNsLOJRrEMkOyxd2SCgXsVaZu1f1TszfjCHEcAard0mwn2KrNEyR0DnB6xujHiY+O0LIdz7yicwh1BQd43wZaOYOpy3ohs969OOZ2Le6rfOMHCJY1Bsa018bwVwUB8Re3tAqsh+TCMVwWxhXfvZdTXe7kOMsjwh1a3TbcuIFFvfP/FxDqfJ0NJ1OLUmxvGVLXAnZHamPBgifSDQcu/BkxNcVQbLH3Pb7lo3Nx1ywr+LbXynC//xYQTn+0Ky9dSUrTZ+RDyRzvDxXs7fGttA2T67pBqWN8WUtZ5HXKr1GJa3WsCPzMgXegBfY1qiMvFRbRmjnV118xeOtOiLm1HHq4imxVGyLV23IvK9WBvZknouWHqWDYPWi5AbHQZ0Wk1oovIIS+Z3uDei5I77mzIk1D73wkgc0vNsNKdkFNMPMj94iRW945M768Ef4Qb0Oz/VWmHEsuMJycx3A8enXjC/tw14AVJKDJqlcoI/2UZZ5fBEIpOaSfBc6sQxVg0OgJ9/3aMF0RAYs2048jX02raoCKNVGBv/PPTop5hfQvdZ13ifkugPUnWszFXisa7VpP8AQklrFBU81jGJCNfPAl+g=" + # + # SONAR_TOKEN + - secure: "qv53nBqeaawK1/ZOj5IyLzqA/QsIQnPkuDa0D75i9jqUgSnNhCMMSoBUAqwikDQYJ+TO6+xW0GjcAKZJ/eYaWN+++DvSopv+WCwKoRKsCJUpcF8XGnfes9iux+8eYYCL0uQRtiJdbJ/I50Xp6jrOrF+98b8CGwa6DAfqxNu4FyteKe/dswtOlbH/2iBN5tJTh5/3pKIbhrzuRznbqqa7HeBU9OrMAEz7t4kJEO+TDV7WkOGQPntL/t1CSPla7w2PeNfWYVm1DiSTFaCuSmhYqA5gX+uCiPgC1aAXkv3NxlrkAIOXbj1LfUKR6TePYk6dz+e+thgnT7X2ohA/vMDOngoDTTK+2uycd5qS7PTENfc3628REANIiJUXWtUZRb3hPeRQFoj7rwDvHqtlj56RK9r2uz1M5cVX+v9ZtfS1JSYeK/iG6BDceYOSRK8Ih6QZUiJFdzMrYiHKUony1VkpBZ0pOrG5ph0dclwFaLGSKn6usyvScUdFbtxUm6JT4XGvvLAEASz4+UVOvSMF384BtDCRR/hc0rY2IH49liwcm5RSJ6pGKMZEfKZyYG5BQE6jpD409WUqR4vNuJbbAyRWQ5aTruLbshIBsVuUJlM2CmG7wBmkkMg2P4PB1HwlFn6ZEfy+j5zB0bpCZQKeW1KcukZRrKBHUpQYRvox/btarL8=" + # + - SONAR_HOST_URL="https://sonarcloud.io" install: - pip install tox coveralls script: - tox -e $TOX_ENV + - ./.travis/runSonarQubeAnalysis.sh after_success: - coveralls diff --git a/.travis/runSonarQubeAnalysis.sh b/.travis/runSonarQubeAnalysis.sh new file mode 100644 index 0000000..8429602 --- /dev/null +++ b/.travis/runSonarQubeAnalysis.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# Exit on failure +set -e + +# +# SOURCE: https://github.com/bellingard/multi-language-project/blob/master/runSonarQubeAnalysis.sh +# + +# This assumes that the 2 following variables are defined: +# - SONAR_HOST_URL => should point to the public URL of the SQ server (e.g. for Nemo: https://nemo.sonarqube.org) +# - SONAR_TOKEN => token of a user who has the "Execute Analysis" permission on the SQ server + +# We don't want to run X times the same analysis because of the matrix configuration +if [ "${TOX_ENV}" != "pypy" ]; then + echo "Duplicated run detected, skipping the SonarQube analysis..." + exit 0 +fi + + +# And run the analysis +# It assumes that the project uses Maven and has a POM at the root of the repo +if [ "${TRAVIS_BRANCH}" = "master" ] && [ "${TRAVIS_PULL_REQUEST}" = "false" ]; then + # => This will run a full analysis of the project and push results to the SonarQube server. + # + # Analysis is done only on master so that build of branches don't push analyses to the same project and therefore "pollute" the results + echo "Starting analysis by SonarQube..." + sonar-scanner -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN + + +elif [ "${TRAVIS_PULL_REQUEST}" != "false" ] && [ -n "${GITHUB_TOKEN-}" ]; then + # => This will analyse the PR and display found issues as comments in the PR, but it won't push results to the SonarQube server + # + # For security reasons environment variables are not available on the pull requests + # coming from outside repositories + # http://docs.travis-ci.com/user/pull-requests/#Security-Restrictions-when-testing-Pull-Requests + # That's why the analysis does not need to be executed if the variable GITHUB_TOKEN is not defined. + echo "Starting Pull Request analysis by SonarQube..." + sonar-scanner \ + -Dsonar.host.url=$SONAR_HOST_URL \ + -Dsonar.login=$SONAR_TOKEN \ + -Dsonar.analysis.mode=preview \ + -Dsonar.github.oauth=$GITHUB_TOKEN \ + -Dsonar.github.repository=$TRAVIS_REPO_SLUG \ + -Dsonar.github.pullRequest=$TRAVIS_PULL_REQUEST + +else + # When neither on master branch nor on a non-external pull request => nothing to do + # + # However, it is good to know why we are here + echo "No SonarQube anaysis necessary in this case (current branch: ${TRAVIS_BRANCH} & PR context: ${TRAVIS_PULL_REQUEST})..." + + # It is useful to know what is the status of the secure entries (can explain why it was not started) + if [ -n "${GITHUB_TOKEN-}" ]; then + echo "\t=> GITHUB_TOKEN is defined" + else + echo "\t=> GITHUB_TOKEN is NOT defined" + fi + + if [ -n "${SONAR_TOKEN-}" ]; then + echo "\t=> SONAR_TOKEN is defined" + else + echo "\t=> SONAR_TOKEN is NOT defined" + fi + +fi diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..fcc95b8 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,16 @@ + +# Required metadata +sonar.projectKey=amadeusitgroup_jumpssh +sonar.projectName=Python :: JumpSSH +sonar.projectVersion=1.0.0 + +# Comma-separated paths to directories with sources (required) +sonar.sources=jumpssh + +# Language +sonar.language=py + +# Encoding of the source files +sonar.sourceEncoding=UTF-8 +# sonar.python.xunit.reportPath=nosetests.xml +# sonar.python.coverage.reportPath=coverage.xml From c6ddd0c03a3a24861a933a9391d3f680034e1da2 Mon Sep 17 00:00:00 2001 From: "remi.schneider" Date: Tue, 6 Jun 2017 10:10:54 +0200 Subject: [PATCH 2/4] TRAVIS: trying to fix travis-ci config syntax --- .travis.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 420a269..8cf0871 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,15 +19,16 @@ env: - TOX_ENV=py35 - TOX_ENV=py36 - TOX_ENV=pypy - - global: - # GITHUB_TOKEN - - secure: "Br8mZxiBxGBH34FRGIxkXsYkPLL1tIVf1SSpvgOEYWGbvO910+UAnhpow+eufS9zqVOYUQIUA0PfEVd2EoCIgf6WHNsLOJRrEMkOyxd2SCgXsVaZu1f1TszfjCHEcAard0mwn2KrNEyR0DnB6xujHiY+O0LIdz7yicwh1BQd43wZaOYOpy3ohs969OOZ2Le6rfOMHCJY1Bsa018bwVwUB8Re3tAqsh+TCMVwWxhXfvZdTXe7kOMsjwh1a3TbcuIFFvfP/FxDqfJ0NJ1OLUmxvGVLXAnZHamPBgifSDQcu/BkxNcVQbLH3Pb7lo3Nx1ywr+LbXynC//xYQTn+0Ky9dSUrTZ+RDyRzvDxXs7fGttA2T67pBqWN8WUtZ5HXKr1GJa3WsCPzMgXegBfY1qiMvFRbRmjnV118xeOtOiLm1HHq4imxVGyLV23IvK9WBvZknouWHqWDYPWi5AbHQZ0Wk1oovIIS+Z3uDei5I77mzIk1D73wkgc0vNsNKdkFNMPMj94iRW945M768Ef4Qb0Oz/VWmHEsuMJycx3A8enXjC/tw14AVJKDJqlcoI/2UZZ5fBEIpOaSfBc6sQxVg0OgJ9/3aMF0RAYs2048jX02raoCKNVGBv/PPTop5hfQvdZ13ifkugPUnWszFXisa7VpP8AQklrFBU81jGJCNfPAl+g=" - # - # SONAR_TOKEN - - secure: "qv53nBqeaawK1/ZOj5IyLzqA/QsIQnPkuDa0D75i9jqUgSnNhCMMSoBUAqwikDQYJ+TO6+xW0GjcAKZJ/eYaWN+++DvSopv+WCwKoRKsCJUpcF8XGnfes9iux+8eYYCL0uQRtiJdbJ/I50Xp6jrOrF+98b8CGwa6DAfqxNu4FyteKe/dswtOlbH/2iBN5tJTh5/3pKIbhrzuRznbqqa7HeBU9OrMAEz7t4kJEO+TDV7WkOGQPntL/t1CSPla7w2PeNfWYVm1DiSTFaCuSmhYqA5gX+uCiPgC1aAXkv3NxlrkAIOXbj1LfUKR6TePYk6dz+e+thgnT7X2ohA/vMDOngoDTTK+2uycd5qS7PTENfc3628REANIiJUXWtUZRb3hPeRQFoj7rwDvHqtlj56RK9r2uz1M5cVX+v9ZtfS1JSYeK/iG6BDceYOSRK8Ih6QZUiJFdzMrYiHKUony1VkpBZ0pOrG5ph0dclwFaLGSKn6usyvScUdFbtxUm6JT4XGvvLAEASz4+UVOvSMF384BtDCRR/hc0rY2IH49liwcm5RSJ6pGKMZEfKZyYG5BQE6jpD409WUqR4vNuJbbAyRWQ5aTruLbshIBsVuUJlM2CmG7wBmkkMg2P4PB1HwlFn6ZEfy+j5zB0bpCZQKeW1KcukZRrKBHUpQYRvox/btarL8=" - # - - SONAR_HOST_URL="https://sonarcloud.io" + +env: + global: + # GITHUB_TOKEN + - secure: "Br8mZxiBxGBH34FRGIxkXsYkPLL1tIVf1SSpvgOEYWGbvO910+UAnhpow+eufS9zqVOYUQIUA0PfEVd2EoCIgf6WHNsLOJRrEMkOyxd2SCgXsVaZu1f1TszfjCHEcAard0mwn2KrNEyR0DnB6xujHiY+O0LIdz7yicwh1BQd43wZaOYOpy3ohs969OOZ2Le6rfOMHCJY1Bsa018bwVwUB8Re3tAqsh+TCMVwWxhXfvZdTXe7kOMsjwh1a3TbcuIFFvfP/FxDqfJ0NJ1OLUmxvGVLXAnZHamPBgifSDQcu/BkxNcVQbLH3Pb7lo3Nx1ywr+LbXynC//xYQTn+0Ky9dSUrTZ+RDyRzvDxXs7fGttA2T67pBqWN8WUtZ5HXKr1GJa3WsCPzMgXegBfY1qiMvFRbRmjnV118xeOtOiLm1HHq4imxVGyLV23IvK9WBvZknouWHqWDYPWi5AbHQZ0Wk1oovIIS+Z3uDei5I77mzIk1D73wkgc0vNsNKdkFNMPMj94iRW945M768Ef4Qb0Oz/VWmHEsuMJycx3A8enXjC/tw14AVJKDJqlcoI/2UZZ5fBEIpOaSfBc6sQxVg0OgJ9/3aMF0RAYs2048jX02raoCKNVGBv/PPTop5hfQvdZ13ifkugPUnWszFXisa7VpP8AQklrFBU81jGJCNfPAl+g=" + # + # SONAR_TOKEN + - secure: "qv53nBqeaawK1/ZOj5IyLzqA/QsIQnPkuDa0D75i9jqUgSnNhCMMSoBUAqwikDQYJ+TO6+xW0GjcAKZJ/eYaWN+++DvSopv+WCwKoRKsCJUpcF8XGnfes9iux+8eYYCL0uQRtiJdbJ/I50Xp6jrOrF+98b8CGwa6DAfqxNu4FyteKe/dswtOlbH/2iBN5tJTh5/3pKIbhrzuRznbqqa7HeBU9OrMAEz7t4kJEO+TDV7WkOGQPntL/t1CSPla7w2PeNfWYVm1DiSTFaCuSmhYqA5gX+uCiPgC1aAXkv3NxlrkAIOXbj1LfUKR6TePYk6dz+e+thgnT7X2ohA/vMDOngoDTTK+2uycd5qS7PTENfc3628REANIiJUXWtUZRb3hPeRQFoj7rwDvHqtlj56RK9r2uz1M5cVX+v9ZtfS1JSYeK/iG6BDceYOSRK8Ih6QZUiJFdzMrYiHKUony1VkpBZ0pOrG5ph0dclwFaLGSKn6usyvScUdFbtxUm6JT4XGvvLAEASz4+UVOvSMF384BtDCRR/hc0rY2IH49liwcm5RSJ6pGKMZEfKZyYG5BQE6jpD409WUqR4vNuJbbAyRWQ5aTruLbshIBsVuUJlM2CmG7wBmkkMg2P4PB1HwlFn6ZEfy+j5zB0bpCZQKeW1KcukZRrKBHUpQYRvox/btarL8=" + # + - SONAR_HOST_URL="https://sonarcloud.io" install: - pip install tox coveralls From 0b6fc00bb0ac2def1ddf88d621b5e8d8bfc5daa4 Mon Sep 17 00:00:00 2001 From: "remi.schneider" Date: Tue, 6 Jun 2017 13:27:08 +0200 Subject: [PATCH 3/4] TRAVIS: fixing env declaration + introducing Sonar orga conf --- .travis.yml | 21 +++++++++++---------- .travis/runSonarQubeAnalysis.sh | 5 +++-- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8cf0871..cdc5fb8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,17 +10,17 @@ services: python: 3.6 env: - - TOX_ENV=flake8 - - TOX_ENV=docs - - TOX_ENV=py26 - - TOX_ENV=py27 - - TOX_ENV=py33 - - TOX_ENV=py34 - - TOX_ENV=py35 - - TOX_ENV=py36 - - TOX_ENV=pypy + matrix: + - TOX_ENV=flake8 + - TOX_ENV=docs + - TOX_ENV=py26 + - TOX_ENV=py27 + - TOX_ENV=py33 + - TOX_ENV=py34 + - TOX_ENV=py35 + - TOX_ENV=py36 + - TOX_ENV=pypy -env: global: # GITHUB_TOKEN - secure: "Br8mZxiBxGBH34FRGIxkXsYkPLL1tIVf1SSpvgOEYWGbvO910+UAnhpow+eufS9zqVOYUQIUA0PfEVd2EoCIgf6WHNsLOJRrEMkOyxd2SCgXsVaZu1f1TszfjCHEcAard0mwn2KrNEyR0DnB6xujHiY+O0LIdz7yicwh1BQd43wZaOYOpy3ohs969OOZ2Le6rfOMHCJY1Bsa018bwVwUB8Re3tAqsh+TCMVwWxhXfvZdTXe7kOMsjwh1a3TbcuIFFvfP/FxDqfJ0NJ1OLUmxvGVLXAnZHamPBgifSDQcu/BkxNcVQbLH3Pb7lo3Nx1ywr+LbXynC//xYQTn+0Ky9dSUrTZ+RDyRzvDxXs7fGttA2T67pBqWN8WUtZ5HXKr1GJa3WsCPzMgXegBfY1qiMvFRbRmjnV118xeOtOiLm1HHq4imxVGyLV23IvK9WBvZknouWHqWDYPWi5AbHQZ0Wk1oovIIS+Z3uDei5I77mzIk1D73wkgc0vNsNKdkFNMPMj94iRW945M768Ef4Qb0Oz/VWmHEsuMJycx3A8enXjC/tw14AVJKDJqlcoI/2UZZ5fBEIpOaSfBc6sQxVg0OgJ9/3aMF0RAYs2048jX02raoCKNVGBv/PPTop5hfQvdZ13ifkugPUnWszFXisa7VpP8AQklrFBU81jGJCNfPAl+g=" @@ -29,6 +29,7 @@ env: - secure: "qv53nBqeaawK1/ZOj5IyLzqA/QsIQnPkuDa0D75i9jqUgSnNhCMMSoBUAqwikDQYJ+TO6+xW0GjcAKZJ/eYaWN+++DvSopv+WCwKoRKsCJUpcF8XGnfes9iux+8eYYCL0uQRtiJdbJ/I50Xp6jrOrF+98b8CGwa6DAfqxNu4FyteKe/dswtOlbH/2iBN5tJTh5/3pKIbhrzuRznbqqa7HeBU9OrMAEz7t4kJEO+TDV7WkOGQPntL/t1CSPla7w2PeNfWYVm1DiSTFaCuSmhYqA5gX+uCiPgC1aAXkv3NxlrkAIOXbj1LfUKR6TePYk6dz+e+thgnT7X2ohA/vMDOngoDTTK+2uycd5qS7PTENfc3628REANIiJUXWtUZRb3hPeRQFoj7rwDvHqtlj56RK9r2uz1M5cVX+v9ZtfS1JSYeK/iG6BDceYOSRK8Ih6QZUiJFdzMrYiHKUony1VkpBZ0pOrG5ph0dclwFaLGSKn6usyvScUdFbtxUm6JT4XGvvLAEASz4+UVOvSMF384BtDCRR/hc0rY2IH49liwcm5RSJ6pGKMZEfKZyYG5BQE6jpD409WUqR4vNuJbbAyRWQ5aTruLbshIBsVuUJlM2CmG7wBmkkMg2P4PB1HwlFn6ZEfy+j5zB0bpCZQKeW1KcukZRrKBHUpQYRvox/btarL8=" # - SONAR_HOST_URL="https://sonarcloud.io" + - SONAR_ORGA="default" install: - pip install tox coveralls diff --git a/.travis/runSonarQubeAnalysis.sh b/.travis/runSonarQubeAnalysis.sh index 8429602..53c7b76 100644 --- a/.travis/runSonarQubeAnalysis.sh +++ b/.travis/runSonarQubeAnalysis.sh @@ -12,7 +12,7 @@ set -e # We don't want to run X times the same analysis because of the matrix configuration if [ "${TOX_ENV}" != "pypy" ]; then - echo "Duplicated run detected, skipping the SonarQube analysis..." + echo "Duplicated run detected, skipping the SonarQube analysis... (currently running ${TOX_ENV})" exit 0 fi @@ -24,7 +24,7 @@ if [ "${TRAVIS_BRANCH}" = "master" ] && [ "${TRAVIS_PULL_REQUEST}" = "false" ]; # # Analysis is done only on master so that build of branches don't push analyses to the same project and therefore "pollute" the results echo "Starting analysis by SonarQube..." - sonar-scanner -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN + sonar-scanner -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=$SONAR_ORGA elif [ "${TRAVIS_PULL_REQUEST}" != "false" ] && [ -n "${GITHUB_TOKEN-}" ]; then @@ -38,6 +38,7 @@ elif [ "${TRAVIS_PULL_REQUEST}" != "false" ] && [ -n "${GITHUB_TOKEN-}" ]; then sonar-scanner \ -Dsonar.host.url=$SONAR_HOST_URL \ -Dsonar.login=$SONAR_TOKEN \ + -Dsonar.organization=$SONAR_ORGA \ -Dsonar.analysis.mode=preview \ -Dsonar.github.oauth=$GITHUB_TOKEN \ -Dsonar.github.repository=$TRAVIS_REPO_SLUG \ From 62a1be76109548c5af82379a3e453782b0a94028 Mon Sep 17 00:00:00 2001 From: "remi.schneider" Date: Tue, 6 Jun 2017 13:30:58 +0200 Subject: [PATCH 4/4] SONAR: adding missing execute flag on sonar script --- .travis/runSonarQubeAnalysis.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 .travis/runSonarQubeAnalysis.sh diff --git a/.travis/runSonarQubeAnalysis.sh b/.travis/runSonarQubeAnalysis.sh old mode 100644 new mode 100755