Skip to content

Update the SonarQube version used for routine software scans. #2270

New issue
New issue
Closed
#2287
Closed
Update the SonarQube version used for routine software scans.#2270
#2287
Assignees
hsoh-u
Labels
component: CI/CDContinuous integration and deployment issuescomponent: code cleanupCode cleanup and maintenance issuepriority: mediumMedium Priorityreporting: DTC AF METplusAir Force METplus Projectrequestor: METplus TeamMETplus Development Teamtype: taskAn actionable item of work
Milestone
MET 11.0.0
@JohnHalleyGotway

Description

@JohnHalleyGotway
JohnHalleyGotway
opened on Sep 22, 2022

Describe the Task

On 9/14/22, folks from SonarSource informed us of a new SonarQube version. See email below.

This task is to update the version of SonarQube we're running for our routine scans. This will impact the development environment for seneca, as defined in this file.

Email:

Will you upgrade to a current SonarQube release?
See our recent news below, if you have any questions, please ask.

SonarQube 9.6 download announcement Release Notes: Check Here + Rich content for Security rules,
Go here to Version Upgrade and Upgrade to a supported version.

PCI / DSS Reports and Regulatory reports in SQ 9.6
Set Expiration on Tokens, SAML Assertion Encryption,
Kubernetes support, rules to find misconfiguration, here
Java analyzer detects Passwords and Secrets in SonarQube
Roadmap follow and post suggestions: SonarLint and SonarQube

Time Estimate

4 hours (?)

Sub-Issues

Consider breaking the task down into sub-issues.
None needed.

Relevant Deadlines

List relevant project deadlines here or state NONE.

Funding Source

2771021 - Air Force METplus

Define the Metadata

Assignee

  • Select engineer(s) or no engineer required: @hsoh-u
  • Select scientist(s) or no scientist required: None required

Labels

  • Select component(s)
  • Select priority
  • Select requestor(s)

Projects and Milestone

  • Select Repository and/or Organization level Project(s) or add alert: NEED PROJECT ASSIGNMENT label
  • Select Milestone as the next official version or Future Versions

Define Related Issue(s)

Consider the impact to the other METplus components.

Task Checklist

See the METplus Workflow for details.

  • Complete the issue definition above, including the Time Estimate and Funding Source.
  • Fork this repository or create a branch of develop.
    Branch name: feature_<Issue Number>_<Description>
  • Complete the development and test your changes.
  • Add/update log messages for easier debugging.
  • Add/update unit tests.
  • Add/update documentation.
  • Push local changes to GitHub.
  • Submit a pull request to merge into develop.
    Pull request: feature <Issue Number> <Description>
  • Define the pull request metadata, as permissions allow.
    Select: Reviewer(s) and Linked issues
    Select: Repository level development cycle Project for the next official release
    Select: Milestone as the next official version
  • Iterate until the reviewer(s) accept and merge your changes.
  • Delete your fork or branch.
  • Close this issue.

Metadata

Metadata

Assignees

Labels

component: CI/CDContinuous integration and deployment issuescomponent: code cleanupCode cleanup and maintenance issuepriority: mediumMedium Priorityreporting: DTC AF METplusAir Force METplus Projectrequestor: METplus TeamMETplus Development Teamtype: taskAn actionable item of work

Type

No type

Projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions