SuperSocket icon indicating copy to clipboard operation
SuperSocket copied to clipboard
verified publisher icon kerryjiang

Integrate with sonar cloud by travis

Open chucklu opened this issue 5 years ago • 6 comments

1.I have construct a sonar scan result with sonar cloud with my fork repository, the source code has 8 bug and 2 vulnerability https://github.com/ChuckFork/SuperSocket/tree/travis-master

https://sonarcloud.io/project/issues?branch=travis-master&id=ChuckFork_SuperSocket&resolved=false&types=BUG https://sonarcloud.io/project/issues?branch=travis-master&id=ChuckFork_SuperSocket&resolved=false&types=VULNERABILITY

2.According the build log of travis, some test case did not pass test https://www.travis-ci.org/github/ChuckFork/SuperSocket/builds/741853775

[xUnit.net 00:02:32.56] SuperSocket.Tests.FixedSizeProtocolTest.TestBreakRequest(hostConfiguratorType: typeof(SuperSocket.Tests.UdpHostConfigurator)) [FAIL] [40m[32minfo[39m[22m[49m: SuperSocketService[0] The listener [Ip=Any, Port=4040, Security=None, Path=, BackLog=100, NoDelay=False] has been started. [40m[32minfo[39m[22m[49m: SuperSocketService[0] A new session connected: 4e3c3523-d3af-4092-ae10-a8cc7743e34c X SuperSocket.Tests.FixedSizeProtocolTest.TestBreakRequest(hostConfiguratorType: typeof(SuperSocket.Tests.UdpHostConfigurator)) [36ms] Error Message: Assert.Equal() Failure ↓ (pos 0) Expected: 186bd439-af12-43f1-8864-c342aeccead5 Actual: e3b42408-ce80-4758-b5ec-b7a8e47e5b86 ↑ (pos 0) Stack Trace: at SuperSocket.Tests.ProtocolTestBase.TestBreakRequest(Type hostConfiguratorType) in /home/travis/build/ChuckFork/SuperSocket/test/SuperSocket.Tests/ProtocolTestBase.cs:line 235 --- End of stack trace from previous location where exception was thrown ---

chucklu avatar Nov 06 '20 12:11 chucklu

I never use travis anymore. Could you try github actions? https://github.com/kerryjiang/SuperSocket/actions

kerryjiang avatar Nov 07 '20 00:11 kerryjiang

You want to analyze a .NET solution: use the SonarCloud Azure DevOps Extension to analyze your code on SonarCloud with Azure Pipelines https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarcloud https://docs.microsoft.com/en-us/learn/modules/scan-for-vulnerabilities/5-scan-pipeline https://github.com/SonarSource/sonar-scanner-vsts/blob/master/yaml-pipeline-templates/net-core-sonarcloud.yml

I will check the above documentation later

chucklu avatar Nov 07 '20 02:11 chucklu

Does it work with Github Actions?

kerryjiang avatar Nov 07 '20 19:11 kerryjiang

@kerryjiang https://github.com/SonarSource/sonarcloud-github-action said

You want to analyze a .NET solution: use the SonarCloud Azure DevOps Extension to analyze your code on SonarCloud with Azure Pipelines

I am not sure if SonarCloud Azure DevOps Extension can work with github actions.

Whatever, you could check the 8 bugs and 2 vulnerabilities from the sonar cloud scan result to fix them. https://sonarcloud.io/project/issues?branch=travis-master&id=ChuckFork_SuperSocket&resolved=false&types=BUG https://sonarcloud.io/project/issues?branch=travis-master&id=ChuckFork_SuperSocket&resolved=false&types=VULNERABILITY

chucklu avatar Nov 08 '20 03:11 chucklu

Hi @kerryjiang , Please try this tutorial https://azuredevopslabs.com/labs/vstsextend/sonarcloud/ .

chucklu avatar Apr 19 '21 12:04 chucklu

There is a problem that the azure pipeline was restricted to use. However you can ask them to unlock it with the steps according this https://stackoverflow.com/questions/66777655/my-azure-devops-pipeline-job-is-not-working-i-have-the-maximum-number-of-reques

chucklu avatar Apr 19 '21 12:04 chucklu