SonarQube do not support Powershell language at present to analyze a Powershell code. There is no SonarQube PowerShell Plugin available as of now.
Please refer – https://www.sonarqube.org/features/multi-languages/
Alternative method is PSScriptSAnalyzer.
What is PSScriptSAnalyzer?
PSScriptAnalyzer is a static code checker for PowerShell modules and scripts. PSScriptAnalyzer checks the quality of PowerShell code by running a set of rules.
Please refer this – https://docs.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/overview?view=ps-modules
Can we integrate PSScriptSAnalyzer in SonarQube?
Yes. SonarQube plugins is a best way to integrate externals tools and functionality.
Refer – https://www.sonarplugins.com/ But i could not find any officual plugins for this. Later, based on more searches, i found 2 plugins which has been developed by community for the same integration.
- Plugin #1- https://github.com/gretard/sonar-ps-plugin
- Plugin #2- https://github.com/jairbubbles/sonar-powershell
Plugin #1 seems to be latest and updated code which we must try and see the integration.Plugin #1 is using PSScriptSAnalyzer only as a scan engine. Plugin #2 is writtern in 2016 and i feel that this has been obselete and need to be re-written.
Intro of sonar-ps-plugin
- Reporting of issues found by PSScriptAnalyzer
- Cyclomatic and cognitive complexity metrics (since version 0.3.0)
- Reporting number of lines of code and comment lines metrics (since version 0.3.2)
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- Installing Jupyter: Get up and running on your computer - November 2, 2024
- An Introduction of SymOps by SymOps.com - October 30, 2024
- Introduction to System Operations (SymOps) - October 30, 2024
