Configure SonarAnalyzer.CSharp with .editorconfig, no need for SonarCloud or SonarQube

Our goal was to use SonarSource/SonarQube static code analysis with the most "minimal" install/configuration footprint.

We wanted the static code analysis to break/fail the build on the local developer machines as well as our CI/CD Azure DevOps environment if a rule was violated.

SonarSource products usually rely on some external source, SonarCloud/SonarQube to determine which rules to apply on the local dev machine, and to store the results. We wanted to eliminate these dependencies.

SonarSource also provides a Visual Studio extension called SonarLint to help check the static code analysis rules within the Visual Studio IDE without needing an external source for the rules.

The static code analysis rules SonarLint enforces are also defined in the SonarAnalyzer.CSharp nuget package. This nuget package is a set of Roslyn Code Analyzers.

In .NET Core, Roslyn Code Analyzers are triggered during a build if the nuget package is referenced by the project. Also in .NET Core, these analyzers can be configured in .editorconfig instead of ruleset files.


Given all that, to get SonarQube static code analysis to execute on local machine and Azure DevOps builds with the most minimal setup, just reference the SonarAnalyzer.CSharp nuget package in each of your projects and add an editorconfig file to the root of your project. You can configure rule severity in the editorconfig file by adding lines like this:


# S1075: URIs should not be hardcoded
dotnet_diagnostic.S1075.severity = error


Hope this helps,

Aaron


Thanks to this github issue for getting me to the finish line with the editorconfig file.

Comments

Post a Comment

Popular posts from this blog

Search iPhone Text Messages with SQLite SQL Query

Image
While you're here, check out some of our interactive visualizations: Would you like to visualize your text messages? ------------------------------------------------------------------------------- In my experience, the iPhone text message search functionality is usually pretty awful. Especially if you're trying to find a text from a few years ago. Luckily, if you backup your iPhone using iTunes, your text messages are exported/stored in a SQLite database, and it is fairly easy to query. Here are the steps to SQL Query your Text Messages.   1. Backup your iPhone using iTunes.   2. Find the SQLite file that contains your text messages .     - in ~/Library/Application Support/MobileSync/Backup/* with a filename of 3d0d7e5fb2ce288813306e4d4636395e047a3d28   3. Ensure you have a SQLite Query tool ( SQLiteBrowser is pretty good ).   4. Open your SQLite Text Message DB File using your favorite SQLite query tool.   5. Execute this query to see all your mess
Read more

How to Turn Off Microsoft Arc Touch Mouse Scroll Sound Vibration

Image
I recently purchased a Microsoft Arc Touch Mouse and wanted to turn off the middle button wheel scroll sound vibration. It is possible, however perhaps not obvious.  First you need to download the "Mouse and Keyboard Center" executable available on this page https://www.microsoft.com/accessories/en-us/products/mice/arc-touch-mouse/rvf-00052#techspecs-connect . (direct link Win10 x64: https://go.microsoft.com/fwlink/?linkid=849754  ) Run the executable and install the software.  After the software is installed, turn off "Vibration." See image below: Hope this helps, Aaron p.s.  Want to make that next report really pop ? Check out this new tool I'm working on : drag-and-drop interactive data visualization
Read more