Skip to content

sede-open/ecoCode-csharp-sonarqube

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

EcoCode C#

ecoCode is a collective project aiming to reduce environmental footprint of software at the code level. The goal of the project is to provide a list of static code analyzers to highlight code structures that may have a negative ecological impact: energy and resources over-consumption, "fatware", shortening terminals' lifespan, etc.

ecoCode is based on evolving catalogs of good practices, for various technologies. This SonarQube plugin then implements these catalogs as rules for scanning your C# projects.

This SonarQube plugin is based on a generated plugin from SonarSource Sonarqube Roslyn SDK with a slightly different rules import process.

The EcoCode C# Sonarqube plugin relies on the EcoCode nuget package that is responsible of the codebase analysing part. You can then track detected issues within a compatible Sonarqube instance.

⚠️ This is still a very early stage project. Any feedback or contribution will be highly appreciated. Please refer to the contribution section.

License: GPL v3 Contributor Covenant

🌿 SonarQube Plugins

This plugin is part of the ecoCode project.
You can find a list of all our other plugins in the ecoCode repository

🚀 Getting Started

You can give a try with a one command docker :

docker run -ti --rm \
       -p 9000:9000 \
       --name sonarqube-ecocode-csharp ghcr.io/green-code-initiative/sonarqube-ecocode-csharp:latest

or (with logs and data locally stored) :

docker run -ti --rm \
       -v sq_ecocode_logs:/opt/sonarqube/logs \
       -v sq_ecocode_data:/opt/sonarqube/data \
       -p 9000:9000 \
       --name sonarqube-ecocode-csharp ghcr.io/green-code-initiative/sonarqube-ecocode-csharp:latest

... and configure local SonarQube (security config and quality profile : see configuration for more details).

To install other ecocode plugins, you can also :

  • download each plugin separatly and copy the plugin (jar file) to $SONAR_INSTALL_DIR/extensions/plugins and restart SonarQube.
  • install different ecocode plugins with Marketplace (inside admin panel of SonarQube)

Then you can use C# test project repository to test the environment : see README.md of C# test project

To analyze a .net codebase without having to install required components (i.e. .net SDK, JDK/JRE, etc.), you can use our docker dotnetscan wrapper.

Finally, you can directly use a all-in-one docker-compose

By default, Dockerfile use the official Sonarqube LTS Community image version. You can override this behaviour and use a custom version of your choice by specifying a build-arg to the build command, for example :

docker build --build-arg SONARQUBE_VERSION=10.5.1-community .

If you want to use the docker-compose file, you can use the below commands to use an overriding dockerfile build :

docker compose build --build-arg SONARQUBE_VERSION=10.5.1-community
docker compose up -d --no-build

🛒 Distribution

Ready to use binaries are available from GitHub.

🧩 Compatibility

Plugin version SonarQube version EcoCode nuget package version
1.1.0+ 9.9.+ LTS to 10.5.1 1.1.0

🤝 Contribution

check ecoCode repository

🤓 Main contributors

check ecoCode repository

Links

About

Reduce the environmental footprint of your C# software programs

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 83.1%
  • Shell 13.9%
  • Dockerfile 2.9%
  • HTML 0.1%