From 7932e2dafa7357c0fb29a93960bbc03553f11121 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 22 Apr 2024 16:12:07 +0200 Subject: [PATCH 01/10] Fix incosistency in README --- README.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.adoc b/README.adoc index 5d9b11f..7d82bf8 100644 --- a/README.adoc +++ b/README.adoc @@ -12,8 +12,8 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Add the Build Wrapper to your `$PATH` . Download and unzip the https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/[SonarScanner] for macOS . Add the bin directory of the SonarScanner to your `$PATH` -. Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` (with `bw-output` being the same directory as the one set in `sonar-project.properties`) -. Run `sonar-scanner` +. Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` +. Run `sonar-scanner` specifying `-Dsonar.cfamily.build-wrapper-output=bw-output` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. From 9e96fa6c5005a8a679d815f153ef734ca5ec4cd6 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Tue, 23 Apr 2024 01:33:44 +0200 Subject: [PATCH 02/10] Migrate to sonar.cfamily.compile-commands --- README.adoc | 2 +- build-analyze.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.adoc b/README.adoc index 7d82bf8..c031a86 100644 --- a/README.adoc +++ b/README.adoc @@ -13,7 +13,7 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Download and unzip the https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/[SonarScanner] for macOS . Add the bin directory of the SonarScanner to your `$PATH` . Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` -. Run `sonar-scanner` specifying `-Dsonar.cfamily.build-wrapper-output=bw-output` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) +. Run `sonar-scanner` specifying `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. diff --git a/build-analyze.sh b/build-analyze.sh index 0a7e4d0..cf834c5 100755 --- a/build-analyze.sh +++ b/build-analyze.sh @@ -29,4 +29,4 @@ xcodebuild -project macos-xcode.xcodeproj clean build-wrapper-macosx-x86 --out-dir $BUILD_WRAPPER_OUT_DIR xcodebuild -project macos-xcode.xcodeproj -configuration Release # Run sonar scanner -sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR +sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.compile-commands=$BUILD_WRAPPER_OUT_DIR/compile-commands.json From b313ddecd3ad85dc9ac6883817368af9719ca30e Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Wed, 24 Apr 2024 11:07:39 +0200 Subject: [PATCH 03/10] Apply suggestions from review --- README.adoc | 1 - 1 file changed, 1 deletion(-) diff --git a/README.adoc b/README.adoc index 7d82bf8..124431e 100644 --- a/README.adoc +++ b/README.adoc @@ -5,7 +5,6 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Create a `sonar-project.properties` file to store your configuration .. Add a projectKey of your project -.. Add a Build Wrapper output directory .. https://docs.sonarqube.org/latest/user-guide/user-token/[Generate a unique token] and set it as "sonar.login" (`SONARQUBE_TOKEN` in this example project) .. Set `sonar.host.url` to your SonarQube server URL . Download and unzip the Build Wrapper for macOS from {SonarQube URL}/static/cpp/build-wrapper-macosx-x86.zip From eb4d75036a015b1a8b9f95f4be3bb79ae9841191 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 11:17:45 +0200 Subject: [PATCH 04/10] Mention scanner option based on SQ version --- README.adoc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index 6518dea..7ac7734 100644 --- a/README.adoc +++ b/README.adoc @@ -12,7 +12,9 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Download and unzip the https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/[SonarScanner] for macOS . Add the bin directory of the SonarScanner to your `$PATH` . Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` -. Run `sonar-scanner` specifying `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) +. Run `sonar-scanner` specifying +.. `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) if you are using SonarQube version 10.6 or later +.. `-Dsonar.cfamily.build-wrapper-output=bw-output` if you are SonarQube version 10.5 or earlier You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. From b8174df2121d6cb90094437f7521d155c608b9e1 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 12:04:55 +0200 Subject: [PATCH 05/10] Add commented usage of build-wrapper-output property for older SQ version --- build-analyze.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/build-analyze.sh b/build-analyze.sh index cf834c5..53b1b4a 100755 --- a/build-analyze.sh +++ b/build-analyze.sh @@ -28,5 +28,8 @@ xcodebuild -project macos-xcode.xcodeproj clean # Build inside the build-wrapper build-wrapper-macosx-x86 --out-dir $BUILD_WRAPPER_OUT_DIR xcodebuild -project macos-xcode.xcodeproj -configuration Release -# Run sonar scanner +# Run sonar scanner (if using version 10.6 or later) sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.compile-commands=$BUILD_WRAPPER_OUT_DIR/compile-commands.json + +# # Run sonar scanner (if using version 10.5 or earlier) +# sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR From 043adaf17512fae9e66b0c26063fd4b73d02b3ad Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 14:38:39 +0200 Subject: [PATCH 06/10] Improvement to suggestion --- README.adoc | 2 +- build-analyze.sh | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/README.adoc b/README.adoc index 7ac7734..75b935c 100644 --- a/README.adoc +++ b/README.adoc @@ -14,7 +14,7 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` . Run `sonar-scanner` specifying .. `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) if you are using SonarQube version 10.6 or later -.. `-Dsonar.cfamily.build-wrapper-output=bw-output` if you are SonarQube version 10.5 or earlier +.. `-Dsonar.cfamily.build-wrapper-output=bw-output` if you are using SonarQube version 10.5 or earlier, as build-wrapper did not generate a `compile_commands.json` file before SonarQube 10.6 You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. diff --git a/build-analyze.sh b/build-analyze.sh index 53b1b4a..cf9aa39 100755 --- a/build-analyze.sh +++ b/build-analyze.sh @@ -28,8 +28,7 @@ xcodebuild -project macos-xcode.xcodeproj clean # Build inside the build-wrapper build-wrapper-macosx-x86 --out-dir $BUILD_WRAPPER_OUT_DIR xcodebuild -project macos-xcode.xcodeproj -configuration Release -# Run sonar scanner (if using version 10.6 or later) +# Run sonar scanner sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.compile-commands=$BUILD_WRAPPER_OUT_DIR/compile-commands.json - -# # Run sonar scanner (if using version 10.5 or earlier) -# sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR +# if you are using using SonarQube 10.5 or earlier, use -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR instead of +# -Dsonar.cfamily.compile-commands, as build-wrapper does not generate a compile-commands.json file before SonarQube 10.6 From 44f2522171356a97ee058cb8aa1b86c4d06a9616 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 15:33:29 +0200 Subject: [PATCH 07/10] Apply suggestsions from review Co-authored-by: Michael Jabbour michael.jabbour@sonarsource.com --- build-analyze.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-analyze.sh b/build-analyze.sh index cf9aa39..1bdef0a 100755 --- a/build-analyze.sh +++ b/build-analyze.sh @@ -29,6 +29,6 @@ xcodebuild -project macos-xcode.xcodeproj clean build-wrapper-macosx-x86 --out-dir $BUILD_WRAPPER_OUT_DIR xcodebuild -project macos-xcode.xcodeproj -configuration Release # Run sonar scanner -sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.compile-commands=$BUILD_WRAPPER_OUT_DIR/compile-commands.json -# if you are using using SonarQube 10.5 or earlier, use -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR instead of -# -Dsonar.cfamily.compile-commands, as build-wrapper does not generate a compile-commands.json file before SonarQube 10.6 +sonar-scanner -Dsonar.host.url="${SONAR_HOST_URL}" -Dsonar.login=$SONAR_TOKEN -Dsonar.cfamily.compile-commands=$BUILD_WRAPPER_OUT_DIR/compile_commands.json +# if you are using using SonarQube 10.5 or earlier, replace -Dsonar.cfamily.compile-commands with -Dsonar.cfamily.build-wrapper-output=$BUILD_WRAPPER_OUT_DIR +# as build-wrapper does not generate a compile_commands.json file before SonarQube 10.6 From 265c24bd0f71010806d76a00b8bf7a8bcb6ba220 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 15:54:50 +0200 Subject: [PATCH 08/10] Changes to README --- README.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.adoc b/README.adoc index 75b935c..d05bd2c 100644 --- a/README.adoc +++ b/README.adoc @@ -12,8 +12,8 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Download and unzip the https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/[SonarScanner] for macOS . Add the bin directory of the SonarScanner to your `$PATH` . Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` -. Run `sonar-scanner` specifying -.. `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` (with `bw-output` being the same directory as the one passed to Build Wrapper as `--out-dir`) if you are using SonarQube version 10.6 or later +. Run `sonar-scanner` specifying (assumging that `bw-output` is the directory that was passed to build-wrapper as `--out-dir`): +.. `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` if you are using SonarQube version 10.6 or later .. `-Dsonar.cfamily.build-wrapper-output=bw-output` if you are using SonarQube version 10.5 or earlier, as build-wrapper did not generate a `compile_commands.json` file before SonarQube 10.6 You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. From 929b0327ab54e38cf853a6e742f0327f9c7890b4 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Mon, 6 May 2024 17:25:51 +0200 Subject: [PATCH 09/10] Funky formatting change --- README.adoc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index d05bd2c..99be155 100644 --- a/README.adoc +++ b/README.adoc @@ -12,9 +12,14 @@ It is very easy to manually analyze a C, C++ and Objective-C project with SonarQ . Download and unzip the https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/[SonarScanner] for macOS . Add the bin directory of the SonarScanner to your `$PATH` . Wrap your clean build command with the Build Wrapper. E.g.: `build-wrapper-macosx-x86 --out-dir bw-output xcodebuild clean build` -. Run `sonar-scanner` specifying (assumging that `bw-output` is the directory that was passed to build-wrapper as `--out-dir`): +. Run `sonar-scanner` specifying: ++ +-- .. `-Dsonar.cfamily.compile-commands=bw-output/compile_commands.json` if you are using SonarQube version 10.6 or later .. `-Dsonar.cfamily.build-wrapper-output=bw-output` if you are using SonarQube version 10.5 or earlier, as build-wrapper did not generate a `compile_commands.json` file before SonarQube 10.6 +-- ++ +Noting that `bw-output` is the directory passed to build wrapper as `--out-dir` You can take a look at the link:sonar-project.properties[sonar-project.properties] and link:build-analyze.sh[build-analyze.sh] (a script that downloads the `sonar-scanner` and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the `sonar.login` are not completed in these examples. From 286e3a15bedf1595d2cb59e9c9c3ffe948250db5 Mon Sep 17 00:00:00 2001 From: Vincenzo Pellegrini Date: Tue, 18 Jun 2024 15:45:45 +0200 Subject: [PATCH 10/10] update doc links --- README.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.adoc b/README.adoc index 99be155..5a383f6 100644 --- a/README.adoc +++ b/README.adoc @@ -25,8 +25,8 @@ You can take a look at the link:sonar-project.properties[sonar-project.propertie = Documentation - https://docs.sonarqube.org/latest/analysis/languages/cfamily/[Documentation of the C, C++ and Objective-C plugin and its Build Wrapper] -- https://docs.sonarqube.org/latest/analyzing-source-code/languages/c-family/#analysis-cache[Configuring C, C++ and Objective-C analysis cache] -- https://docs.sonarqube.org/latest/analyzing-source-code/languages/c-family/#parallel-code-scan[Configuring multithreaded execution] +- https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/languages/c-family/customizing-the-analysis/#analysis-cache[Configuring C, C++ and Objective-C analysis cache] +- https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/languages/c-family/customizing-the-analysis/#parallel-code-scan[Configuring multithreaded execution] = macOS\XCodeBuild