Feature: Support for CloudManager Code Quality Rules in SQ

wttech / AEM-Rules-for-SonarQube

SonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.

Apache License 2.0

112 stars 51 forks source link

Feature: Support for CloudManager Code Quality Rules in SQ #233

Closed thedevopsguyblog closed 1 year ago

thedevopsguyblog commented 1 year ago

Hello,

I noticed that AMS have published the Code Quality rules used in Cloud Manager here

Is there a way we could 'import' these rules into SQ?

We'd like measure against these rules in conjunction with yours.

tomasz-niedzwiedz-wttech commented 1 year ago

Hi @thedevopsguyblog,

there are two ways to install new rules in SonarQube:

Installing plugins from the Marketplace
Dropping a JAR file into a folder on startup

The latter isn't possible in SonarCloud, just on-prem SonarQube.

The file you've attached lists a large number of generic rules, provided by multiple plugins (and some available OOTB). To support them, you'd have to install the relevant plugins and then enable the rules.

Enabling rules can be simplified by defining a quality profile that you could manage as an XML file.

At a glance, you'd have to get a hold of a JAR file with Adobe's rules bundled (the ones in your spreadsheet that have the CQRules prefix). A search on the Marketplace only yields this project, as well as https://github.com/IBM/ibm-ix-aem-sonarqube-plugin, which I'm not familiar with.

linlinas commented 11 months ago

@toniedzwiedz could you please confirm if these rules are compatible with AEM as a Cloud Service CloudManger pipeline ?

toniedzwiedz commented 11 months ago

@linlinas as per the official documentation, these are the rules executed as part of Cloud Manager's code quality pipelines: https://experienceleague.adobe.com/docs/experience-manager-cloud-manager/content/using/custom-code-quality-rules.html?lang=en

The page links to an Excel document referencing a number of rules defined by this plugin, AEM Rules:AEM-17, AEM Rules:AEM-6, etc. So yes, Cloud Manager's code quality pipelines do use this plugin to some extent.

Bear in mind though, that there are a lot more rules used in Cloud Manager's predefined quality profile. This plugin only contains a small handful of those. I believe a great majority of the rules used come from SonarQube itself and some of its most popular plugins. Some are custom-made by Adobe and, to my knowledge, not open-sourced or available for download on their own.