Author's automatic association with violation does not work properly on SonarQube 6.7












0















I'm using Sonarqube 6.7 with the Sonarlint 4 plugin in connected mode with my instance on SonarQube.
When a developer commits his code and Sonar detects a violation, it does not automatically associate the violation with the person who committed the code, I must go through each violation and assign it to the developer.



Here is a screenshot :
enter image description here



I respected what is written on the documentation but I do not know exactly where the problem comes from.



Here is the config of sonar :



sonar.host.url=http://host/sonar

sonar.projectName=myproject

sonar.projectKey= myKey

sonar.projectVersion=v0

sonar.sources=.

sonar.java.binaries=**/target/*

sonar.exclusions=**/*.class,**/*.project,**/target/**,**/*.log,**/*.jar,**/*.png,**/*.jpg,**/*.jpeg,**/.sonar/**,sonar-project.properties,**/*.ts, **/*.css

sonar.sourceEncoding=UTF-8

sonar.java.source=1.7

sonar.java.target=1.7

sonar.ce.javaOpts=-Xmx1024m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -   Djava.net.preferIPv4Stack=true

sonar.scm.provider=svn

sonar.links.scm=https://host/svnroot/project/trunk

sonar.verbose=true


Is there a way to do this job automatically after the scan ?



PS : I use SVN for versioning.






java svn sonarqube sonarlint







share|improve this question

























  • How do you know whom to assign the issues to?

    – G. Ann - SonarSource Team
    Jan 2 at 20:38











  • For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

    – Mahmoud
    Jan 2 at 21:14











  • How did you execute the scanner? What is the configuration (all sonar. properties)?

    – agabrys
    Jan 3 at 19:57











  • I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

    – Mahmoud
    Jan 4 at 9:51
















0















I'm using Sonarqube 6.7 with the Sonarlint 4 plugin in connected mode with my instance on SonarQube.
When a developer commits his code and Sonar detects a violation, it does not automatically associate the violation with the person who committed the code, I must go through each violation and assign it to the developer.



Here is a screenshot :
enter image description here



I respected what is written on the documentation but I do not know exactly where the problem comes from.



Here is the config of sonar :



sonar.host.url=http://host/sonar

sonar.projectName=myproject

sonar.projectKey= myKey

sonar.projectVersion=v0

sonar.sources=.

sonar.java.binaries=**/target/*

sonar.exclusions=**/*.class,**/*.project,**/target/**,**/*.log,**/*.jar,**/*.png,**/*.jpg,**/*.jpeg,**/.sonar/**,sonar-project.properties,**/*.ts, **/*.css

sonar.sourceEncoding=UTF-8

sonar.java.source=1.7

sonar.java.target=1.7

sonar.ce.javaOpts=-Xmx1024m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -   Djava.net.preferIPv4Stack=true

sonar.scm.provider=svn

sonar.links.scm=https://host/svnroot/project/trunk

sonar.verbose=true


Is there a way to do this job automatically after the scan ?



PS : I use SVN for versioning.






java svn sonarqube sonarlint







share|improve this question

























  • How do you know whom to assign the issues to?

    – G. Ann - SonarSource Team
    Jan 2 at 20:38











  • For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

    – Mahmoud
    Jan 2 at 21:14











  • How did you execute the scanner? What is the configuration (all sonar. properties)?

    – agabrys
    Jan 3 at 19:57











  • I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

    – Mahmoud
    Jan 4 at 9:51














0












0








0








I'm using Sonarqube 6.7 with the Sonarlint 4 plugin in connected mode with my instance on SonarQube.
When a developer commits his code and Sonar detects a violation, it does not automatically associate the violation with the person who committed the code, I must go through each violation and assign it to the developer.



Here is a screenshot :
enter image description here



I respected what is written on the documentation but I do not know exactly where the problem comes from.



Here is the config of sonar :



sonar.host.url=http://host/sonar

sonar.projectName=myproject

sonar.projectKey= myKey

sonar.projectVersion=v0

sonar.sources=.

sonar.java.binaries=**/target/*

sonar.exclusions=**/*.class,**/*.project,**/target/**,**/*.log,**/*.jar,**/*.png,**/*.jpg,**/*.jpeg,**/.sonar/**,sonar-project.properties,**/*.ts, **/*.css

sonar.sourceEncoding=UTF-8

sonar.java.source=1.7

sonar.java.target=1.7

sonar.ce.javaOpts=-Xmx1024m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -   Djava.net.preferIPv4Stack=true

sonar.scm.provider=svn

sonar.links.scm=https://host/svnroot/project/trunk

sonar.verbose=true


Is there a way to do this job automatically after the scan ?



PS : I use SVN for versioning.






java svn sonarqube sonarlint







share|improve this question
















I'm using Sonarqube 6.7 with the Sonarlint 4 plugin in connected mode with my instance on SonarQube.
When a developer commits his code and Sonar detects a violation, it does not automatically associate the violation with the person who committed the code, I must go through each violation and assign it to the developer.



Here is a screenshot :
enter image description here



I respected what is written on the documentation but I do not know exactly where the problem comes from.



Here is the config of sonar :



sonar.host.url=http://host/sonar

sonar.projectName=myproject

sonar.projectKey= myKey

sonar.projectVersion=v0

sonar.sources=.

sonar.java.binaries=**/target/*

sonar.exclusions=**/*.class,**/*.project,**/target/**,**/*.log,**/*.jar,**/*.png,**/*.jpg,**/*.jpeg,**/.sonar/**,sonar-project.properties,**/*.ts, **/*.css

sonar.sourceEncoding=UTF-8

sonar.java.source=1.7

sonar.java.target=1.7

sonar.ce.javaOpts=-Xmx1024m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -   Djava.net.preferIPv4Stack=true

sonar.scm.provider=svn

sonar.links.scm=https://host/svnroot/project/trunk

sonar.verbose=true


Is there a way to do this job automatically after the scan ?



PS : I use SVN for versioning.






java svn sonarqube sonarlint




java svn sonarqube sonarlint






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 7 at 9:32







Mahmoud

















asked Jan 2 at 14:47









MahmoudMahmoud

17417




17417













  • How do you know whom to assign the issues to?

    – G. Ann - SonarSource Team
    Jan 2 at 20:38











  • For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

    – Mahmoud
    Jan 2 at 21:14











  • How did you execute the scanner? What is the configuration (all sonar. properties)?

    – agabrys
    Jan 3 at 19:57











  • I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

    – Mahmoud
    Jan 4 at 9:51



















  • How do you know whom to assign the issues to?

    – G. Ann - SonarSource Team
    Jan 2 at 20:38











  • For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

    – Mahmoud
    Jan 2 at 21:14











  • How did you execute the scanner? What is the configuration (all sonar. properties)?

    – agabrys
    Jan 3 at 19:57











  • I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

    – Mahmoud
    Jan 4 at 9:51

















How do you know whom to assign the issues to?

– G. Ann - SonarSource Team
Jan 2 at 20:38





How do you know whom to assign the issues to?

– G. Ann - SonarSource Team
Jan 2 at 20:38













For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

– Mahmoud
Jan 2 at 21:14





For the moment, if I neither know to whom I should assign the issues nor the owner of the commit I juste do it by intuition, but I don't know if it's the right thing to do !

– Mahmoud
Jan 2 at 21:14













How did you execute the scanner? What is the configuration (all sonar. properties)?

– agabrys
Jan 3 at 19:57





How did you execute the scanner? What is the configuration (all sonar. properties)?

– agabrys
Jan 3 at 19:57













I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

– Mahmoud
Jan 4 at 9:51





I have a Jenkins job that allows to launch a build and sonar analysis with sonnar-runner, I will update my question with the sonar's config file

– Mahmoud
Jan 4 at 9:51












1 Answer
1






active

oldest

votes


















4














Issues are auto assigned based on the information provided by the SCM (SVN in your case).



It compares the SCM account with:




  • SCM accounts added to each SonarQube user

  • SonarQube user login

  • SonarQube user email


So the first step is to see if there is information provided by the SCM. You can check this by looking at the code where the issue is (in SonarQube) and see if there is SCM information on the left, next to the line number:



enter image description here



You can click on it to see the details.



If that is OK, make sure that the SCM account matches some data from a SonarQube user as explained above.






share|improve this answer


























  • I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

    – Mahmoud
    Jan 3 at 13:45











  • I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

    – Duarte Meneses
    Jan 3 at 14:11











  • I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

    – Mahmoud
    Jan 3 at 14:48











  • It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

    – Duarte Meneses
    Jan 3 at 15:38











  • @Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

    – Mahmoud
    Jan 4 at 10:50











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54008370%2fauthors-automatic-association-with-violation-does-not-work-properly-on-sonarqub%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









4














Issues are auto assigned based on the information provided by the SCM (SVN in your case).



It compares the SCM account with:




  • SCM accounts added to each SonarQube user

  • SonarQube user login

  • SonarQube user email


So the first step is to see if there is information provided by the SCM. You can check this by looking at the code where the issue is (in SonarQube) and see if there is SCM information on the left, next to the line number:



enter image description here



You can click on it to see the details.



If that is OK, make sure that the SCM account matches some data from a SonarQube user as explained above.






share|improve this answer


























  • I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

    – Mahmoud
    Jan 3 at 13:45











  • I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

    – Duarte Meneses
    Jan 3 at 14:11











  • I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

    – Mahmoud
    Jan 3 at 14:48











  • It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

    – Duarte Meneses
    Jan 3 at 15:38











  • @Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

    – Mahmoud
    Jan 4 at 10:50
















4














Issues are auto assigned based on the information provided by the SCM (SVN in your case).



It compares the SCM account with:




  • SCM accounts added to each SonarQube user

  • SonarQube user login

  • SonarQube user email


So the first step is to see if there is information provided by the SCM. You can check this by looking at the code where the issue is (in SonarQube) and see if there is SCM information on the left, next to the line number:



enter image description here



You can click on it to see the details.



If that is OK, make sure that the SCM account matches some data from a SonarQube user as explained above.






share|improve this answer


























  • I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

    – Mahmoud
    Jan 3 at 13:45











  • I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

    – Duarte Meneses
    Jan 3 at 14:11











  • I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

    – Mahmoud
    Jan 3 at 14:48











  • It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

    – Duarte Meneses
    Jan 3 at 15:38











  • @Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

    – Mahmoud
    Jan 4 at 10:50














4












4








4







Issues are auto assigned based on the information provided by the SCM (SVN in your case).



It compares the SCM account with:




  • SCM accounts added to each SonarQube user

  • SonarQube user login

  • SonarQube user email


So the first step is to see if there is information provided by the SCM. You can check this by looking at the code where the issue is (in SonarQube) and see if there is SCM information on the left, next to the line number:



enter image description here



You can click on it to see the details.



If that is OK, make sure that the SCM account matches some data from a SonarQube user as explained above.






share|improve this answer















Issues are auto assigned based on the information provided by the SCM (SVN in your case).



It compares the SCM account with:




  • SCM accounts added to each SonarQube user

  • SonarQube user login

  • SonarQube user email


So the first step is to see if there is information provided by the SCM. You can check this by looking at the code where the issue is (in SonarQube) and see if there is SCM information on the left, next to the line number:



enter image description here



You can click on it to see the details.



If that is OK, make sure that the SCM account matches some data from a SonarQube user as explained above.







share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 3 at 14:10

























answered Jan 3 at 9:37









Duarte MenesesDuarte Meneses

2,5481117




2,5481117













  • I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

    – Mahmoud
    Jan 3 at 13:45











  • I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

    – Duarte Meneses
    Jan 3 at 14:11











  • I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

    – Mahmoud
    Jan 3 at 14:48











  • It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

    – Duarte Meneses
    Jan 3 at 15:38











  • @Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

    – Mahmoud
    Jan 4 at 10:50



















  • I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

    – Mahmoud
    Jan 3 at 13:45











  • I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

    – Duarte Meneses
    Jan 3 at 14:11











  • I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

    – Mahmoud
    Jan 3 at 14:48











  • It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

    – Duarte Meneses
    Jan 3 at 15:38











  • @Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

    – Mahmoud
    Jan 4 at 10:50

















I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

– Mahmoud
Jan 3 at 13:45





I can't find the information provided by SVN (picture in my question at the top). The SCM and Sonar credentials are well configured but I can't link commits to violations (picture in my question at the top). Should I add specific config in my sonar config file ?

– Mahmoud
Jan 3 at 13:45













I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

– Duarte Meneses
Jan 3 at 14:11





I didn't see a picture about the SCM information. I've added a screenshot as an example where you can find it when browsing the code or issues in SonarQube.

– Duarte Meneses
Jan 3 at 14:11













I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

– Mahmoud
Jan 3 at 14:48





I don't have the SCM data to the left of the line. Possible that I forgot a config on my project. In the sonar's config file I add just sonar.scm.provider=svn, is that enough?

– Mahmoud
Jan 3 at 14:48













It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

– Duarte Meneses
Jan 3 at 15:38





It should work out of the box. The SVN scm plugin needs to be installed in SonarQube (it is by default) and it usually automatically detects that the project is using SVN. Try running the analysis with debug logs enabled. You should see some logs about automatic detection and if it works, about the plugin collecting blame information.

– Duarte Meneses
Jan 3 at 15:38













@Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

– Mahmoud
Jan 4 at 10:50





@Meneses you are right, I don't have SVN plugin in my instance. Thanks for you help

– Mahmoud
Jan 4 at 10:50




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54008370%2fauthors-automatic-association-with-violation-does-not-work-properly-on-sonarqub%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Monofisismo

Image
Monofisismo (do grego: monos - "único, singular" e physis - "natureza") é o ponto de vista cristológico que defende que, depois da união do divino e do humano na encarnação histórica, Jesus Cristo, como encarnação do Filho ou Verbo ( Logos ) de Deus, teria apenas uma única "natureza", a divina, e não uma síntese de ambas. O monofisismo é contraposto pelo diofisismo (ou "diafisismo"), que defende que Jesus preservou em si as duas naturezas. Historicamente, o monofisismo se refere primordialmente à posição dos que (especialmente no Egito e, em menor grau, na Síria) rejeitaram as decisões do Concílio de Calcedônia em 451 (o quarto concílio ecumênico). Os membros mais moderados entre eles, porém, defendem a teologia "miafisita", que se tornou a oficial para as Igrejas Ortodoxas Orientais. Muitos ortodoxos orientais, porém, rejeitam essa classificação, mesmo como um termo genérico, mas ele é amplamente utilizado na literatura históri
Read more

Angular Downloading a file using contenturl with Basic Authentication

Image
0 I have a contentUrl when user clicks on that,file should be downloaded. If I try to browse the contentUrl in the browser it asks for Userid and password.I believe this is Basic Authentication.I dont want user to enter UserId and Password so I am passing it Authorization(Please see below code). Url looks some thing like this: http://XXX.XXX.XX.XXX:8080/flowable-rest/service/runtime/tasks/90875/attachments/90555/content let username : string = 'admin'; let pwd : string = 'test'; let headers = new Headers(); headers.set('Accept', 'text/json'); headers.append('Content-Type', 'application/json'); headers.set('Access-Control-Allow-Origin', '*'); headers.set('Access-Control-Allow-Methods','POST, GET, OPTIONS, PUT, DELETE'); head
Read more

Olmecas

Image
Monumento 1, uma das quatro cabeças colossais encontradas em La Venta, com altura aproximada de 3 metros Olmecas é a designação do povo e da civilização que estiveram na origem da antiga cultura pré-colombiana da Mesoamérica e que se desenvolveram nas regiões tropicais do centro-sul do atual México durante o pré-clássico, próximo de onde hoje estão localizados os estados mexicanos de Veracruz e Tabasco, no Istmo de Tehuantepec, numa zona designada área nuclear olmeca. A cultura olmeca floresceu nesta região aproximadamente entre 1500 e 400 a.C., [ 1 ] e crê-se que tenha sido a civilização-mãe de todas as civilizações mesoamericanas que se desenvolveram posteriormente. [ 2 ] No entanto, desconhece-se a sua exacta filiação étnica, ainda que existam numerosas hipóteses colocadas para tentar resolver esta questão. O etnónimo olmeca foi cunhado pelos arqueólogos do século XX, e não devem confundir-se com os muito posteriores olmecas-xicalancas que ocuparam vários locais do México
Read more