According to the structure of our project, if I want to exclude the .cs files from PY.Models \ Module1, PY.Entities \ Module1, PY.Entities \ Module2, PY.Entities \ Module3 and that "PY. Repository.ModuleN "are not going to be excluded ?. How to combine "sonar.cpd.exclusions" with the parameters in SONARQUBE Server?
D:\MYCOMPANY \ MYPROJECT\00_Transversal\PY.Models\PY.Models\Modulo1--
D:\MYCOMPANY\MYPROJECT\00_Transversal\PY.Models\PY.Models\Modulo2
D:\MYCOMPANY\MYPROJECT\00_Transversal\PY.Models\PY.Models\Modulo3
D:\MYCOMPANY \ MYPROJECT \01_Data\PY.Entities\PY.Entities\Module1--
D:\MYCOMPANY \ MYPROJECT \01_Data\PY.Entities\PY.Entities\Module2--
D:\MYCOMPANY \ MYPROJECT \01_Data\PY.Entities\PY.Entities\Module3--
D:\MYCOMPANY\MYPROJECT\01_Data\PY.Repository.Module1
D:\MYCOMPANY\MYPROJECT\01_Data\PY.Repository.Module2
D:\MYCOMPANY\MYPROJECT\01_Data\PY.Repository.Module3
Configuration On the SONARQUBE-Duplications Tab-page Server
To exclude a file or directory entirely from analysis, go to Administration > General Settings > Analysis Scope > Files and set sonar.exclusions using patterns* to describe what should be left out.
To exclude a file or directory from duplication detection, you want to set sonar.cpd.exclusions, as you surmised. Again, use a pattern* for this value.
Regarding whether to set this in analysis parameters or the server, I'd personally set it server-side. Just cleaner, IMO.
Recognized wildcards: * 0-n char; ** 0-n directories; ? any single character
The properties are set via ItemGroup in each .csproj file, this way:
<ItemGroup>
<SonarQubeSetting Include="sonar.cpd.exclusions">
<Value>Models/**/*.cs</Value>
</SonarQubeSetting>
</ItemGroup>
Related
The recommended way to store secrets (like API keys and passwords) during development of an ASP.NET core 3 application is to use user secrets. While this approach works nicely I do have a multiline string which contains an RSA key. The key is copied from a provided .pem file.
Is there any easy way to store the key in secrets.json?
The problem seems to be that json does not support multiline strings. Thus simply copying the key into the file does not work. Workarounds like using an array for the different lines of the key does not play nicely with the Configuration class and binding retrieved secrets to an Options-class.
I have figured out that once I convert the key into a single line string it works. However, the need for a separate tool to convert the key from multiline to single line, seems to me too complex.
By the way, I do need this for building a GitHub-App.
There's nothing stopping you from using a multi-line string with user secrets. You can pass one directly to dotnet user-secrets
For example, some Powershell using a here-string:
$multiVal = #"
Your
Multi-line
Text
"#
dotnet user-secrets set "YourKeyName" "$multiVal"
Or with embedded new-line character `n:
dotnet user-secrets "YourKeyName" "Your`nMulti-line`nValue"
Or you could read in an entire text-based file:
$fileName = "/path/to/file"
$multiVal = Get-Content $fileName -Raw
dotnet user-secrets set "YourKeyName" "$multiVal"
A JSON string property also allows "multi-line" text, just not in the way you're thinking. The literal characters \ and n together inside of a string property will be deserialized as a new-line. For example, the following JSON has a string property with a multi-line value:
{
"YourKeyName": "Your\nMulti-line\nText"
}
You can achieve this in a variety of ways, for example doing a manual find-and-replace or with tools like Notepad++. You could also use some Powershell once again:
$inputFile = "/path/to/file"
$multiVal = Get-Content $inputFile -Raw
$obj = [pscustomobject]#{
YourKeyName = $multiVal
}
$outputFile = "/path/to/secrets.json"
$obj | ConvertTo-Json -Depth 50 | Out-File -FilePath $outputFile
Edit: you mentioned one of the parameters is not working in the final example. It's possible you are somehow running an older version of powershell (pre 3.0). You can try this instead:
$inputFile = "/path/to/file"
# no -Raw flag
$multiVal = (Get-Content $inputFile | Out-String)
# or alternatively
$multiVal = [System.IO.File]::ReadAllText($inputFile)
$obj = [pscustomobject]#{
YourKeyName = $multiVal
}
$outputFile = "/path/to/secrets.json"
# use redirection instead of Out-File
($obj | ConvertTo-Json -Depth 50) > $outputFile
Now with respect to RSA keys, according to this answer and its comments while the RSA spec calls for line breaks within the base-64 encoded payload it's possible that implementations may allow non-conformance. This means that depending on how you're using it, you might be able to get away with stripping out the new-lines entirely. You'd have to try it out to know for sure.
Edit: It turns out that dotnet user-secrets has/had a known bug where values cannot have a leading -. It's fixed now but I think only for 5.0+. I found that a leading space works and I would think that the RSA provider shouldn't balk at that. The following should work:
dotnet user-secrets set "PKeyPowerShell" " $multiVal"
I am trying to run git-cmd.exe from my code using Process. Below commands when passed to git-cmd.exe runs successfully when the git diff is happening between 2 branches.
git init
git remote add origin "<repo-name>"
git fetch origin <branch1>
git fetch origin <branch2>
git diff --name-only --diff-filter=d <branch1>:<folder1> <branch2>:<folder1>
I need to find the file names which were modified or added in <folder1> only, between the given branches. I am executing these commands by passing them as a string[] to a function.
Public Function RunAndReturnExitCode(ByVal Command As String(), ByVal Directory As String,
Optional ByVal MaximumWaitTime As Integer = -1,
Optional ByRef Output As String = Nothing,
Optional ByRef Errors As String = Nothing) As String
Dim exePath As String = "C:\Program Files (x86)\PortableGit\git-cmd.exe"
Dim si As ProcessStartInfo = New ProcessStartInfo(exePath)
si.RedirectStandardInput = True
si.RedirectStandardOutput = True
si.RedirectStandardError = True
si.UseShellExecute = False
si.WorkingDirectory = Directory
Dim p As Process = Process.Start(si)
With p.StandardInput
.WriteLine("cd /d """ & Directory & """")
Array.ForEach(Command, Sub(c) .WriteLine(c))
.WriteLine("exit")
End With
p.WaitForExit(MaximumWaitTime)
Output = p.StandardOutput.ReadToEnd()
Errors = p.StandardError.ReadToEnd()
Return p.ExitCode.ToString()
End Function
Due to performance issues, we have now started working on tags. So, I am now doing:
git init
git remote add origin "<repo-name>"
git fetch origin refs/tags/[tag1]
git fetch origin refs/tags/[tag2]
git diff --name-only --diff-filter=d [tag1]:[folder1] [tag2]:[folder1]
Here, the diff command fails by:
fatal: Invalid object name '[tag1]'.
I tried running a few commands manually from git-cmd.exe, where I found git checkout refs/tags/[tag1] itself failed by:
error: pathspec '[tag1]' did not match any file(s) known to git.
Does this mean that my local repository does not have any info of [tag1]? If not, then why was there no error while fetching them? Can anyone suggest here, how I can fetch only these 2 tags and do a diff between them?
Tried git diff tag1 tag2, but its failing by :
fatal: ambiguous argument '[tag1]': unknown revision or path not in the working tree.
Please please let me know if any more inputs are required here from me. Also, I can not do a git fetch --tags as it hangs (I suppose, this is not the issue here as fetching the tags separately does not hang). To add, my organization does not permit usage of https://github.com/libgit2/libgit2sharp/.
EDIT:
As suggested by #torek, a git fetch refs/tags/tag1 was a wrong approach. I have now updated it to:
git fetch origin +refs/tags/tag1:refs/tags/tag1 +refs/tags/tag2:refs/tags/tag2
The command works fine on git-cmd.exe and I am able to get the diff. But it hangs when I fire through a process. My SSH repository does not have a pass-phrase, so it is for sure that the RSA Aunthentication isn't failing. Any suggestions here? Am I firing the commands correctly via the process?
This:
git fetch origin refs/tags/[tag1]
is wrong as it obtains the desired commit but does not write any name in your repository. The commit is now available through FETCH_HEAD, but only until the next git fetch. That is:
git fetch origin refs/tags/[tag2]
obtains that desired commit, but overwrites FETCH_HEAD, so that now the only name you have—FETCH_HEAD—refers only to the second desired commit.
To fix this, you could either fetch both and discard their tag names, but now have both hash IDs in FETCH_HEAD (you would have to retrieve them yourself), or you can direct git fetch to create or update your refs/tags/tag1 and refs/tags/tag2 names:
git fetch origin +refs/tags/tag1:refs/tags/tag1 +refs/tags/tag2:refs/tags/tag2
The colon and second name provide the name of the reference to create-or-update in your Git repository. The leading plus sign + here tells git fetch that this particular update should be forced, i.e., it should overwrite any previous tag of the same name.
Of course, git fetch --tags should work. (git pull --tags means run git fetch --tags, then run a second Git command, probably git merge. If you don't want to run any second Git command automatically, don't use git pull.) If this hangs, it may be worth investigating why: all it does is call up the other Git just like any git fetch, but this time also fetch refs/tags/*:refs/tags/*.
I want to create subject certificate name which contains "," like the image
Example
but always fails because "," is used to separated the contain of -n parameter like
“CA=CARoot,O=My Organization,OU=Dev,C=Denmark”
Anyone know how to add "," into certificate name? Much appreciate for your helping
In a Windows Command Prompt you can use a triple-double-quote to make a literal double quote in a quoted argument (from https://stackoverflow.com/a/15262019/6535399).
The X500 name parser uses commas as separators unless it's in a quoted string. So you need the -n value to be interpreted as OU="Hey, there", ....
So, you can do something like
> makecert.exe (etc) -n "OU="""Hey, there""", O=Hmm, CN="""Hello, Nurse!""""
or, to make the what-looks-like-a-quadruple-quote go away:
> makecert.exe (etc) -n "OU="""Hey, there""", O=Hmm, CN="""Hello, Nurse!""", C=US"
I tried your solution but It did not work, my command:
MakeCert.exe -r -pe -n "OU=(c) 2006 thawte Inc."""Hey, there""" - For authorized use only" -sv "c:\PlaneteersLtd_certificate\XIAMEN_IPRT_TECHNOLOGYLtd1.pvk" -len 2048 "c:\PlaneteersLtd_certificate\XIAMEN_IPRT_TECHNOLOGYLtd1.cer"
When I remove """Hey, there""", it create the cert file successfully
Example
I have a CopyDirectory step in my build template, and I was assuming that if it finds a directory that does not exist, it would throw errors. However, it is only throwing a warning, and the build itself is marked successful.
I've tried to wrap it around a try/catch block, and manually did a 'throw' exception step, but still didn't work. I tried to set the buildStatus to failed, but that didn't work either. Any another way I can achieve this? I don't want the build to be successful if any of the copy directory fails.
EDIT:
Here is the snippet where the copy directory is. I'm looping over a list of servers and copying a bunch of directories.
<ForEach x:TypeArguments="x:String" sap2010:WorkflowViewState.IdRef="ForEach`1_4" Values="[SCCDServers]">
<ActivityAction x:TypeArguments="x:String">
<ActivityAction.Argument>
<DelegateInArgument x:TypeArguments="x:String" Name="server" />
</ActivityAction.Argument>
<Sequence sap2010:WorkflowViewState.IdRef="Sequence_37">
<mtbwa:CopyDirectory Destination="[server]" DisplayName="Copy Code Files" sap2010:WorkflowViewState.IdRef="CopyDirectory_14" Source="[BuildDetail.DropLocation & "\_PublishedWebsites\" & SCWebOutputFolder]" />
<mtbwa:WriteBuildMessage sap2010:WorkflowViewState.IdRef="WriteBuildMessage_16" Importance="[Microsoft.TeamFoundation.Build.Client.BuildMessageImportance.High]" Message="["Code Files copied to " & server]" mva:VisualBasic.Settings="Assembly references and imported namespaces serialized as XML namespaces" />
<mtbwa:CopyDirectory Destination="[server]" DisplayName="Copy Config Files" sap2010:WorkflowViewState.IdRef="CopyDirectory_15" Source="[BuildDetail.DropLocation & "\_PublishedWebsites\" & SCConfigSourceFolder & "\" & SCCDServerRole]" />
<mtbwa:WriteBuildMessage sap2010:WorkflowViewState.IdRef="WriteBuildMessage_17" Importance="[Microsoft.TeamFoundation.Build.Client.BuildMessageImportance.High]" Message="["Config Files copied to " & server & Environment.NewLine & "Copied from: " & BuildDetail.DropLocation & "\_PublishedWebsites\" & SCConfigSourceFolder & "\" & SCCDServerRole]" mva:VisualBasic.Settings="Assembly references and imported namespaces serialized as XML namespaces" />
<mtbwa:CopyDirectory Destination="[server]" DisplayName="Copy Sitecore Files" sap2010:WorkflowViewState.IdRef="CopyDirectory_16" Source="[BuildDetail.DropLocation & "\_PublishedWebsites\" & SCSitecoreFilesSourceFolder]" />
<mtbwa:WriteBuildMessage sap2010:WorkflowViewState.IdRef="WriteBuildMessage_18" Importance="[Microsoft.TeamFoundation.Build.Client.BuildMessageImportance.High]" Message="["Sitecore Files copied to " & server & Environment.NewLine & "Copied from: " & BuildDetail.DropLocation & "\_PublishedWebsites\" & SCSitecoreFilesSourceFolder]" mva:VisualBasic.Settings="Assembly references and imported namespaces serialized as XML namespaces" />
</Sequence>
</ActivityAction>
</ForEach>
CopyDirectory indeed has a bug that only issues a warning when the source directory doesn't exist. It also has problems with long paths (>248 chars).
Possible workarounds:
Use InvokeCommand, running Robocopy.exe (better than xcopy) and checking its resultcode.
If you must use CopyDirectory, check yourself that the source directory exists.
Why dont you make use of the "InvokeProcess" activity then?
Select the activity, open the Variables tab at the bottom.
Add a variable "ResultCode" of type Int32. This variable will contain the exit code from the copy process.
Add the "InvokeProcess" activity to your workflow.
Open the "InvokeProcess" activity and drop a "WriteBuildMessage" activity inside the Handle Standard Output section.
Set the Importance property to Microsoft.TeamFoundation.Build.Client.BuildMessageImportance.High. Set the Message property to stdOutput.
Drop an instance of the WriteBuildError activity to the Handle Error Output section
Set the Message property to errOutput
Now Set "InvokeProcess" properties
FileName: "xcopy"
Agruments: "Source" "Destination" \s \e \y
Result: ResultCode
Check the "ResultCode" value. I use an IF activity and check for the condition "ResultCode <> 0". Within the "THEN" section add a "THROW" activity and add the exception:
"New Exception("Error copying files")
Details here
If copy fails, Set setbuildproperties status to failed in your custom workflow.
<mtbwa1:SetBuildProperties DisplayName=“Set build status failed“ PropertiesToSet=“Status“ Status=“[Microsoft.TeamFoundation.Build.Client.BuildStatus.Failed]“ />
http://msdn.microsoft.com/en-us/library/bb399143(v=vs.100).aspx
I'm trying Sonar 3.2 with C# projects (the only plugins are C# Core and C# FX Cop) and using the Simple Java Runner.
It worked fine on a solution with a single project, but when I tried to analyse using a solution with 2 projects I always get the following error:
17:01:41.775 INFO .s.b.b.ProjectModule - ------------- Analyzing Project1
17:01:42.055 INFO .s.b.ProfileProvider - Selected quality profile : [name=Custom C#,language=cs]
17:01:42.075 INFO nPluginsConfigurator - Configure maven plugins...
17:01:42.125 INFO org.sonar.INFO - Compare to previous analysis
17:01:42.155 INFO org.sonar.INFO - Compare over 5 days (2012-09-27)
17:01:42.175 INFO org.sonar.INFO - Compare over 30 days (2012-09-02)
17:01:42.215 INFO .b.p.SensorsExecutor - Initializer ProjectFileSystemLogger...
17:01:42.215 INFO jectFileSystemLogger - Source directories:
17:01:42.215 INFO jectFileSystemLogger - $(Solution folder)\Project1
17:01:42.215 INFO .b.p.SensorsExecutor - Initializer ProjectFileSystemLogger done: 0 ms
17:01:42.225 INFO .b.p.SensorsExecutor - Initializer CSharpProjectInitializer...
17:01:42.225 INFO .b.p.SensorsExecutor - Initializer CSharpProjectInitializer done: 0 ms
17:01:42.255 INFO o.s.p.cpd.CpdSensor - Detection of duplicated code is not supported for C#.
Total time: 8.442s
Final Memory: 5M/118M
Exception in thread "main" org.sonar.runner.RunnerException: java.lang.NullPointerException
at org.sonar.runner.Runner.delegateExecution(Runner.java:288)
at org.sonar.runner.Runner.execute(Runner.java:151)
at org.sonar.runner.Main.execute(Main.java:84)
at org.sonar.runner.Main.main(Main.java:56)
Caused by: java.lang.NullPointerException
at org.sonar.plugins.csharp.api.sensor.AbstractRegularCSharpSensor.assembliesFound(AbstractRegularCSharpSensor.java:101)
at org.sonar.plugins.csharp.api.sensor.AbstractRegularCSharpSensor.shouldExecuteOnProject(AbstractRegularCSharpSensor.java:81)
at org.sonar.plugins.csharp.api.sensor.AbstractRuleBasedCSharpSensor.shouldExecuteOnProject(AbstractRuleBasedCSharpSensor.java:48)
at org.sonar.api.batch.BatchExtensionDictionnary.shouldKeep(BatchExtensionDictionnary.java:109)
at org.sonar.api.batch.BatchExtensionDictionnary.getFilteredExtensions(BatchExtensionDictionnary.java:99)
at org.sonar.api.batch.BatchExtensionDictionnary.select(BatchExtensionDictionnary.java:57)
at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:57)
at org.sonar.batch.phases.Phases.execute(Phases.java:93)
at org.sonar.batch.bootstrap.ProjectModule.doStart(ProjectModule.java:139)
at org.sonar.batch.bootstrap.Module.start(Module.java:83)
at org.sonar.batch.bootstrap.BatchModule.analyze(BatchModule.java:131)
at org.sonar.batch.bootstrap.BatchModule.analyze(BatchModule.java:126)
at org.sonar.batch.bootstrap.BatchModule.doStart(BatchModule.java:121)
at org.sonar.batch.bootstrap.Module.start(Module.java:83)
at org.sonar.batch.bootstrap.BootstrapModule.doStart(BootstrapModule.java:121)
at org.sonar.batch.bootstrap.Module.start(Module.java:83)
at org.sonar.batch.Batch.execute(Batch.java:104)
at org.sonar.runner.internal.batch.Launcher.executeBatch(Launcher.java:69)
at org.sonar.runner.internal.batch.Launcher.execute(Launcher.java:61)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.sonar.runner.Runner.delegateExecution(Runner.java:285)
... 3 more
The solution folder contains the following sonar-project.properties:
# Project identification
sonar.projectKey=com.project.btg
sonar.projectVersion=1.0
sonar.projectName=BTG
# Info required for Sonar
sonar.sources=.
sonar.language=cs
sonar.dotnet.visualstudio.solution.file=Sonar.project.sln
sonar.dotnet.buildPlatform=x86
sonar.dotnet.buildConfiguration=Debug
sonar.modules=Project1,Project2
#modules specific configuration
Project1:sonar.sources=.\Project1
Project1:sonar.projectName=Project 1
Project2:sonar.sources=.\Project2
Project2:sonar.sources=Project 2
The solution only has this 2 projects.
I tried adding the modules configuration in a sonar-project.properties for each project with just:
# Project identification
sonar.projectName=Project 1
For the single project I used I had:
# Project identification
sonar.projectKey=com.Project1
sonar.projectVersion=1.0
sonar.projectName=Project 1
# Info required for Sonar
sonar.sources=.
sonar.language=cs
I feel I'm missing something very simple, but I couldn't find much information on this.
If someone can help me with this I have an additional question:
Can you analyse a hybrid solution of C++ and C# project?
Thanks
The support of multi-module is built-in for the C# plugins, you don't need to (and should not) specify:
sonar.modules=Project1,Project2
#modules specific configuration
Project1:sonar.sources=.\Project1
Project1:sonar.projectName=Project 1
Project2:sonar.sources=.\Project2
Project2:sonar.sources=Project 2
, nor add a "sonar-project.properties" inside each module.
The C# Plugins rely on the SLN file to automatically discover the modules. Take a look at our sample application, and just replace the Maven POM by a single "sonar-project.properties" file.