2

We are running static analysis tests on two points:

  • On Git pre-commit hook, and in that case we are using phpcs, phpmd, stylelint and eslint engines (vanilla installations + Drupal Coder for Drupal standards addition)
  • Once in a week we are updating our project's dashboard on SonarQube, which runs the following quality profiles: Drupal (PHP), JS and SCSS

We want to align our standards to a single standard, but using different engines makes it much harder (or even impossible?). I can think of some possible ways to achieve that:

  • Manually align the rules on both pre-commit and SonarQube
  • Use SonarQube for our pre-commit tests
    I'm not sure about that, since by looking at the Drupal standards at SonarQube, it seems like there are much less rules there than on the Drupal PHPCS standards (from Drupal Coder) - relevant question I found about it
    (also another relevant question about aligning SonarQube's PHP plugin with phpCS)
  • Create a custom plugin for SonarQube with our engines set (no way..)

The ideal solution in my way of thinking is to have SonarQube read the rules files (e.g. phpcs.dist.xml) in the Git repo just like most of the static analysis tools out there.

I also saw the SonarQube and stylelint Rule Mapping - which is the only mapping I found about those engines.

How can we overcome that issue in the simplest way?

Rotem
  • 442
  • 1
  • 8
  • 23

1 Answers1

0

You can use PHPStan in your CLI, the same way you probably use coding standard checks or PHPUnit tests:

vendor/bin/phpstan analyse src --level=0

Set this in your pre/post-commit hook and you are ready to go. Read more in short post about first install of PHPStan

Tomas Votruba
  • 23,240
  • 9
  • 79
  • 115
  • PHPStan is great, but it still doesn't answer my question. PHPStan doesn't provide a dashboard like SonarQube does, and it only tests PHP and not for coding standards (maybe the last one is wrong..). – Rotem Jan 06 '18 at 11:58
  • Oh, I see. I've read question again with your comment and I have better context now. So you're asking how to merge phpstan, coding standards and linters to single dashboard to see results in SonarQube? Or in any other tool? Why do you actually need this? – Tomas Votruba Jan 06 '18 at 13:55
  • Not exactly. I'm asking if I can use the *same* coding standards and linters on both our pre-commit hook and our SonarQube dashboard. (Other tools that provides a dashboard with scores, trends and so on is also welcome, but again - the main issue is to have the exact same standards on both tests) :) – Rotem Jan 07 '18 at 06:44
  • 1
    I see. I was confused by the title, where is only hook and static analysis, no SonarQube. In that case, I have no idea, since I do not use SonarQube :) I recommend you to update and shorten the question. Someone who knows SonarQube will definitely skip this question based on title, which would be pity, since he or she migth help you. I shall delete my answer shortly. – Tomas Votruba Jan 07 '18 at 22:43
  • You can leave your answer since it clarified our need. Is the new title better than the previous one? – Rotem Jan 08 '18 at 19:29
  • Allright, I will keep it then. It's big improvement to previous one. What I understand so far, you ask "How to include phpcs to SonarQube dashboard" (only 1 tool, because that's all you need, you can easily replicate the answer to other). -------- But if you ask: "I can use the same coding standards and linters on both our pre-commit hook and our SonarQube dashboard" I'd say just try and see if something fails. Since pre-commit hook and SonarQube are different places, it should be no problem (take in account I don't know SonarQube workflow). – Tomas Votruba Jan 08 '18 at 19:43
  • Not sure I understand what you meant to say here, but SonarQube in our pre-commit is less preferred since it is missing some tests that we have in our phpcs configuration (just one example). – Rotem Jan 09 '18 at 19:03
  • I'll be more than happy to share it here, but I'm not sure which code you need to see, our pre-commit is pretty basic - run the linters on all staged files while we have the linters configuration files on our project's root directory (e.g phpcs.dist.xml) – Rotem Jan 09 '18 at 19:56