Skip to content

Remove the SonarQube token from the properties file #2757

New issue
New issue
Closed
#2766
#2765
Closed
Remove the SonarQube token from the properties file#2757
#2766
#2765
Assignees
hsoh-u
Labels
component: build processBuild process issuepriority: highHigh Prioritytype: enhancementImprove something that it is currently doing
Milestone
MET-12.0.0
@hsoh-u

Description

@hsoh-u
hsoh-u
opened on Dec 5, 2023

The sonarqube properties file contains the plain text token. It can be used to push scanning result to the SonarQube server and access the scanning result. It can be used to delete the scanning result, too. It's better not to expose the token at the public repository.

Describe the Enhancement

  • The SonarQube token will be saved at the environment variable (per user, met-test at seneca)
  • The SonarQube token at the SonarQube properties file is replaced with the pre-defined string, SONAR_TOKEN_VALUE
  • The SonarQube token will be replaced at the runtime.

Time Estimate

Estimate the amount of work required here.
1 day of work.

Sub-Issues

Consider breaking the enhancement down into sub-issues.

  • Add a checkbox for each sub-issue here.

Relevant Deadlines

List relevant project deadlines here or state NONE.

Funding Source

Define the source of funding and account keys here or state NONE.

Define the Metadata

Assignee

  • Select engineer(s) or no engineer required
  • Select scientist(s) or no scientist required

Labels

  • Review default alert labels
  • Select component(s)
  • Select priority
  • Select requestor(s)

Milestone and Projects

  • Select Milestone as the next official version or Backlog of Development Ideas
  • For the next official version, select the MET-X.Y.Z Development project

Define Related Issue(s)

Consider the impact to the other METplus components.

Enhancement Checklist

See the METplus Workflow for details.

  • Complete the issue definition above, including the Time Estimate and Funding Source.
  • Fork this repository or create a branch of develop.
    Branch name: feature_<Issue Number>_<Description>
  • Complete the development and test your changes.
  • Add/update log messages for easier debugging.
  • Add/update unit tests.
  • Add/update documentation.
  • Push local changes to GitHub.
  • Submit a pull request to merge into develop.
    Pull request: feature <Issue Number> <Description>
  • Define the pull request metadata, as permissions allow.
    Select: Reviewer(s) and Development issue
    Select: Milestone as the next official version
    Select: MET-X.Y.Z Development project for development toward the next official release
  • Iterate until the reviewer(s) accept and merge your changes.
  • Delete your fork or branch.
  • Close this issue.

Metadata

Metadata

Assignees

Labels

component: build processBuild process issuepriority: highHigh Prioritytype: enhancementImprove something that it is currently doing

Type

No type

Projects

Coordinated METplus-5.1 Support

Status

🏁 Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions