SonarQube do not support Powershell language at present to analyze a Powershell code. There is no SonarQube PowerShell Plugin available as of now.
Please refer – https://www.sonarqube.org/features/multi-languages/
Alternative method is PSScriptSAnalyzer.
What is PSScriptSAnalyzer?
PSScriptAnalyzer is a static code checker for PowerShell modules and scripts. PSScriptAnalyzer checks the quality of PowerShell code by running a set of rules.
Please refer this – https://docs.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/overview?view=ps-modules
Can we integrate PSScriptSAnalyzer in SonarQube?
Yes. SonarQube plugins is a best way to integrate externals tools and functionality.
Refer – https://www.sonarplugins.com/ But i could not find any officual plugins for this. Later, based on more searches, i found 2 plugins which has been developed by community for the same integration.
- Plugin #1- https://github.com/gretard/sonar-ps-plugin
- Plugin #2- https://github.com/jairbubbles/sonar-powershell
Plugin #1 seems to be latest and updated code which we must try and see the integration.Plugin #1 is using PSScriptSAnalyzer only as a scan engine. Plugin #2 is writtern in 2016 and i feel that this has been obselete and need to be re-written.
Intro of sonar-ps-plugin
- Reporting of issues found by PSScriptAnalyzer
- Cyclomatic and cognitive complexity metrics (since version 0.3.0)
- Reporting number of lines of code and comment lines metrics (since version 0.3.2)
- An Introduction of GitLab Duo - December 22, 2024
- Best Hospitals for affordable surgery for medical tourism - December 20, 2024
- Top Global Medical Tourism Companies in the World - December 20, 2024