From 3d40fea6bf8b40bead1fe627b97272fc98b7488d Mon Sep 17 00:00:00 2001 From: wkoot <3715211+wkoot@users.noreply.github.com> Date: Thu, 14 Nov 2024 10:23:06 +0100 Subject: [PATCH] Add changelog with backdated changes Closes #72 Signed-off-by: wkoot <3715211+wkoot@users.noreply.github.com> --- .github/workflows/markdown-lint.yml | 21 +++++ CHANGELOG.md | 81 +++++++++++++++++++ MAINTENANCE.md | 16 ++-- README.md | 4 +- tests/.vale.ini | 9 +++ tests/requirements.txt | 1 + .../config/vocabularies/Base/accept.txt | 66 +++++++++++++++ .../config/vocabularies/Base/reject.txt | 3 + 8 files changed, 191 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/markdown-lint.yml create mode 100644 CHANGELOG.md create mode 100644 tests/.vale.ini create mode 100644 tests/styles/config/vocabularies/Base/accept.txt create mode 100644 tests/styles/config/vocabularies/Base/reject.txt diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml new file mode 100644 index 0000000..a2d5c49 --- /dev/null +++ b/.github/workflows/markdown-lint.yml @@ -0,0 +1,21 @@ +--- +name: Markdown lint + +on: + push: + branches: + - master + pull_request: + types: [opened, synchronize, reopened] + +jobs: + vale: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: errata-ai/vale-action@v2.1.1 + with: + fail_on_error: true + filter_mode: nofilter + vale_flags: "--glob=*.md --config=tests/.vale.ini" diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..f1de66d --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,81 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Unreleased] + +### Added + +- Kubernetes Helm chart (#74). +- Changelog with backdated changes (#72). + +## [10.5.1](https://github.com/ICTU/sonar/releases/tag/10.5.1) - 2024-05-23 + +### Changed + +- Update to [SonarQube version 10.5.1](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-5/) (#76). +- Update plugin `checkstyle/sonar-checkstyle` to [version 10.16.0](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.16.0) (#76). +- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 5.0.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/5.0.0) (#76). +- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.9](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.9) (#76). +- Default maximum number of lines of code for frontend languages (#77). + +### Removed + +- PMD plugin (#66). +- Possibility to change rule severity (#57). + +## [10.3.0](https://github.com/ICTU/sonar/releases/tag/10.3.0) - 2023-12-22 + +### Added + +- Swift quality profile (#50). +- Documentation regarding ICTU GitHub policy (#58). +- Default rules to enable "too many lines" checks (#63). + +### Changed + +- Update to [SonarQube version 10.3.0](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-3/) (#55). +- Update plugin `checkstyle/sonar-checkstyle` to [version 10.12.5](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.12.5) (#55). +- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 4.0.1](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/4.0.1) (#55). +- Update plugin `sbaudoin/sonar-yaml` to [version 1.9.1](https://github.com/sbaudoin/sonar-yaml/releases/tag/v1.9.1) (#55). +- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.6](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.6) (#48). + +## [10.1.0](https://github.com/ICTU/sonar/releases/tag/10.1.0) - 2023-09-05 + +### Added + +- Rule versioning to quality profiles (#53). + +### Changed + +- Update to [SonarQube version 10.1.0](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-1/) (#52). +- Update plugin `checkstyle/sonar-checkstyle` to [version 10.12.3](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.12.3) (#52). +- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 4.0.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/4.0.0) (#52). +- Update plugin `sbaudoin/sonar-ansible` to [version 2.5.1](https://github.com/sbaudoin/sonar-ansible/releases/tag/v2.5.1) (#52). +- Reconfigure rules and properties for size, complexity, parameters and suppression (#53). + +### Removed + +- Separate `Dockerfile` for community and developer editions (#54). + +## [9.9.1](https://github.com/ICTU/sonar/releases/tag/9.9.1) - 2023-05-09 + +### Added + +- Default language profile for Kotlin (#48). + +### Changed + +- Update SonarQube to version 9.9.1 (#48). +- Update plugin `checkstyle/sonar-checkstyle` to [version 10.9.3](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.9.3) (#48). +- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 3.1.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/3.1.0) (#48). +- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.3](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.3) (#48). + +## [9.7.1](https://github.com/ICTU/sonar/releases/tag/9.7.1) - 2022-12-02 + +### Changed + +- Update SonarQube to version 9.7.1 (#46). diff --git a/MAINTENANCE.md b/MAINTENANCE.md index 5e3fb21..c3fcdb3 100644 --- a/MAINTENANCE.md +++ b/MAINTENANCE.md @@ -7,8 +7,8 @@ 1. Update external plugins in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) 1. Create profiles based on the internal plugin versions in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) 1. Obtain the base version numbers from the vanilla SonarQube image directory `/opt/sonarqube/lib/extensions`, excluding build number - 1. Update the config rules version number `rules_version` if the rules have been changed -1. Create new version tags on github + 1. Update the configuration rules version number `rules_version` if the rules have been changed +1. Create new version tags on GitHub 1. `MAJOR.MINOR.PATCH` 1. `MAJOR.MINOR.PATCH-developer` 1. Build and push new images to docker hub with [CircleCI](https://app.circleci.com/pipelines/github/ICTU/sonar) @@ -33,10 +33,10 @@ Modify the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.js }, The parameters are: -* (key): language (internal SonarQube language identifier) -* plugin_name: name of the plugin to be used for this profile -* plugin_external: true for external plugin, false (default) when it is contained in the base container image -* version: profile version string (based on the plugin version) +* `(key)`: language (internal SonarQube language identifier) +* `plugin_name`: name of the plugin to be used for this profile +* `plugin_external`: true for external plugin, false (default) when it is contained in the base container image +* `version`: profile version string (based on the plugin version) ## Create rule entries from SonarQubes quality profile backup (xml) @@ -50,8 +50,8 @@ Go to the profiles page in your SonarQube instance, backup a profile to an xml f Modify the corresponding [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) value of `rules[language]`. Each entry represents a rule to be activated or deactivated and has the following syntax: `(operation)(ruleId)#(comment)` -* **operation**: `+` activates a rule; `-` deactivates a rule -* **ruleId**: SonarQube rule identifier +* `operation`: `+` activates a rule; `-` deactivates a rule +* `ruleId`: SonarQube rule identifier Example: diff --git a/README.md b/README.md index e26ce0b..e7a004f 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # ICTU SonarQube container image -A SonarQube container image with plugins, profiles and config used at ICTU +A SonarQube container image with plugins, profiles and configuration used at ICTU ## Creating a new quality profile @@ -28,7 +28,7 @@ It is also possible to adjust individual rule parameter values: PROJECT_RULES=+csharpsquid:S110|max=6;-ts:S1561 -## Running with PostgreSQL via a docker composition +## Running with PostgreSQL via a Docker-composition Example docker-compose file: diff --git a/tests/.vale.ini b/tests/.vale.ini new file mode 100644 index 0000000..b8a4715 --- /dev/null +++ b/tests/.vale.ini @@ -0,0 +1,9 @@ +StylesPath = styles + +MinAlertLevel = suggestion +Vocab = Base + +Packages = proselint + +[*.md] +BasedOnStyles = Vale, proselint diff --git a/tests/requirements.txt b/tests/requirements.txt index 45713d5..1005cfd 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,2 +1,3 @@ python-sonarqube-api >= 2.0 requests >= 2.31 +vale >= 3.9.0.0 diff --git a/tests/styles/config/vocabularies/Base/accept.txt b/tests/styles/config/vocabularies/Base/accept.txt new file mode 100644 index 0000000..5a9e878 --- /dev/null +++ b/tests/styles/config/vocabularies/Base/accept.txt @@ -0,0 +1,66 @@ +Anchore +APIs +Caddy +Checkmarx +Cobertura +Dependabot +Docker-composition +Dockerfile +DTDs +ESLint +Gravatar +Jira +JMeter +JUnit +NCover +Nginx +OJAudit +OpenShift +PDFs +Pydantic +Robocop +Snyk +Trello +Trivy +UUIDs +Wekan +[Hh]ostname +[Uu]nmerged +asyncio +autoformatting +breakpoint +clearable +cloc +discoverability +donut +errored +favicon +fixme +hostnames? +hotspots? +lookback +misconfigured +mypy +namespace +npm +parameterizable +phpldapadmin +[Pp]erformancetest +severities +sparkline +subfolders +submenus +suppressions +todo +tooltips? +tracebacks? +unencrypted +unicode +unmerged +upvotes +url +xml +Dennie +Bouman +Suchow +Redistributions diff --git a/tests/styles/config/vocabularies/Base/reject.txt b/tests/styles/config/vocabularies/Base/reject.txt new file mode 100644 index 0000000..70dde23 --- /dev/null +++ b/tests/styles/config/vocabularies/Base/reject.txt @@ -0,0 +1,3 @@ +docker composition +Docker composition +docker-composition