New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[action][sonar] replace deprecated sonar.login parameter with sonar.token #21736
[action][sonar] replace deprecated sonar.login parameter with sonar.token #21736
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @Panajev Thanks for your first contribution :)
Could you look into the comment and see if it makes sense? Thanks
Hello @lacostej no worries, I checked your comment and took a stab at it. Added a couple of commits to sort it. Will squash them together to make the delta from my original commit easier. |
da05429
to
c06fe62
Compare
The 2 options should conflict each other --> this means that the script should break if they are both set at the same time right? |
c06fe62
to
fa19ff5
Compare
I think the conflicting_options array should do the trick in terms of ensuring we cannot pass both options: FastlaneCore::ConfigItem.new(key: :sonar_login,
env_name: "FL_SONAR_LOGIN",
description: "Pass the Sonar Login Token (e.g: xxxxxxprivate_token_XXXXbXX7e)",
deprecated: "Deprecated in sonar-scanner >= 5.0.x",
optional: true,
sensitive: true,
conflicting_options: [:sonar_token]),
FastlaneCore::ConfigItem.new(key: :sonar_token,
env_name: "FL_SONAR_TOKEN",
description: "Pass the Sonar Token (e.g: xxxxxxprivate_token_XXXXbXX7e)",
optional: true,
sensitive: true,
conflicting_options: [:sonar_login]), What do you think? |
This could still affect people on an old version of SonarQube though (not sure when the sonar.token property was added... I guess we could still use the old option if the user has an older SonarQube instance?). Edit: This parameter was added to SonarQube (not the client) in March 2023 and SonarCloud should have updated in July ( https://community.sonarsource.com/t/deprecating-sonar-login-and-sonar-password-in-favor-of-sonar-token/95829 ) so it is reasonable to assume it is the default option. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Anyone else wants to review?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @Panajev 👋
Thanks for your PR!
Would you mind merging latest master into this branch? There was a recent fix in CI that needs to be merged into this PR so we can move it forward 🙏
I also left some comments in the PR 🙇
Thank you!
Thanks for your comments, I shall action them and report back :)! |
95cba3d
to
b6263e5
Compare
@rogerluan implemented the suggestions. Resolved most of the conversation, left open the one I still had a question for you on (sorry if I should have closed none of them). Please let me know what you think :). |
Thanks @Panajev ! I've replied to the open discussion 😊 No apologies needed, all good with closing the resolved ones 🤗 |
b6263e5
to
9a10188
Compare
@rogerluan thanks again for the kind feedback. Addressed by implementing your suggestion :)! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good @Panajev ! Thank you for your contribution! 🤗
…oken (fastlane#21736) Co-authored-by: Goffredo Marocchi <goffredo.marocchi@gamesys.co.uk> Co-authored-by: Roger Oba <rogerluan.oba@gmail.com>
Checklist
bundle exec rspec
from the root directory to see all new and existing tests passbundle exec rubocop -a
to ensure the code style is validci/circleci
builds in the "All checks have passed" section of my PR (connect CircleCI to GitHub if not)Motivation and Context
Addresses #21436, for more information see SonarQube deprecation notice of the login property here: https://community.sonarsource.com/t/deprecating-sonar-login-and-sonar-password-in-favor-of-sonar-token/95829
Description
SonarQube has deprecated the login parameters and requires the token passed as -Dsonar.token. Warnings appear in fastlane
Testing Steps
Test changes when submitting data to sonarqube using a recent (5.0.x+) version of the sonar-scanner CLI too.