Add changelog

.github/workflows/markdown-lint.yml

@@ -0,0 +1,21 @@
+---
+name: Markdown lint
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  vale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: errata-ai/[email protected]
+        with:
+          fail_on_error: true
+          filter_mode: nofilter
+          vale_flags: "--glob=*.md --config=tests/.vale.ini"

CHANGELOG.md

@@ -0,0 +1,76 @@
+# Changelog
+
+## [Unreleased]
+
+### Added
+
+- Kubernetes Helm chart (#74).
+- Changelog with backdated changes (#72).
+
+## [10.5.1](https://github.com/ICTU/sonar/releases/tag/10.5.1) - 2024-05-23
+
+### Changed
+
+- Update to [SonarQube version 10.5.1](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-5/) (#76).
+- Update plugin `checkstyle/sonar-checkstyle` to [version 10.16.0](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.16.0) (#76).
+- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 5.0.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/5.0.0) (#76).
+- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.9](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.9) (#76).
+- Default maximum number of lines of code for frontend languages (#77).
+
+### Removed
+
+- PMD plugin (#66).
+- Possibility to change rule severity (#57).
+
+## [10.3.0](https://github.com/ICTU/sonar/releases/tag/10.3.0) - 2023-12-22
+
+### Added
+
+- Swift quality profile (#50).
+- Documentation regarding ICTU GitHub policy (#58).
+- Default rules to enable "too many lines" checks (#63).
+
+### Changed
+
+- Update to [SonarQube version 10.3.0](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-3/) (#55).
+- Update plugin `checkstyle/sonar-checkstyle` to [version 10.12.5](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.12.5) (#55).
+- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 4.0.1](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/4.0.1) (#55).
+- Update plugin `sbaudoin/sonar-yaml` to [version 1.9.1](https://github.com/sbaudoin/sonar-yaml/releases/tag/v1.9.1) (#55).
+- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.6](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.6) (#48).
+
+## [10.1.0](https://github.com/ICTU/sonar/releases/tag/10.1.0) - 2023-09-05
+
+### Added
+
+- Rule versioning to quality profiles (#53).
+
+### Changed
+
+- Update to [SonarQube version 10.1.0](https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-10-1/) (#52).
+- Update plugin `checkstyle/sonar-checkstyle` to [version 10.12.3](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.12.3) (#52).
+- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 4.0.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/4.0.0) (#52).
+- Update plugin `sbaudoin/sonar-ansible` to [version 2.5.1](https://github.com/sbaudoin/sonar-ansible/releases/tag/v2.5.1) (#52).
+- Reconfigure rules and properties for size, complexity, parameters and suppression (#53).
+
+### Removed
+
+- Separate `Dockerfile` for community and developer editions (#54).
+
+## [9.9.1](https://github.com/ICTU/sonar/releases/tag/9.9.1) - 2023-05-09
+
+### Added
+
+- Default language profile for Kotlin (#48).
+
+### Changed
+
+- Update SonarQube to version 9.9.1 (#48).
+- Update plugin `checkstyle/sonar-checkstyle` to [version 10.9.3](https://github.com/checkstyle/sonar-checkstyle/releases/tag/10.9.3) (#48).
+- Update plugin `dependency-check/dependency-check-sonar-plugin` to [version 3.1.0](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/tag/3.1.0) (#48).
+- Update plugin `spotbugs/sonar-findbugs` to [version 4.2.3](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.3) (#48).
+
+## [9.7.1](https://github.com/ICTU/sonar/releases/tag/9.7.1) - 2022-12-02
+
+### Changed
+
+- Update SonarQube to version 9.7.1 (#46).

MAINTENANCE.md

@@ -7,8 +7,8 @@
 1. Update external plugins in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json)
 1. Create profiles based on the internal plugin versions in the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json)
     1. Obtain the base version numbers from the vanilla SonarQube image directory `/opt/sonarqube/lib/extensions`, excluding build number
-    1. Update the config rules version number `rules_version` if the rules have been changed
-1. Create new version tags on github
+    1. Update the configuration rules version number `rules_version` if the rules have been changed
+1. Create new version tags on GitHub
     1. `MAJOR.MINOR.PATCH`
     1. `MAJOR.MINOR.PATCH-developer`
 1. Build and push new images to docker hub with [CircleCI](https://app.circleci.com/pipelines/github/ICTU/sonar)
@@ -33,10 +33,10 @@ Modify the [config.json](https://github.com/ICTU/sonar/blob/master/src/config.js
     },
 
 The parameters are:
-* (key): language (internal SonarQube language identifier) 
-* plugin_name: name of the plugin to be used for this profile
-* plugin_external: true for external plugin, false (default) when it is contained in the base container image
-* version: profile version string (based on the plugin version)
+* `(key)`: language (internal SonarQube language identifier) 
+* `plugin_name`: name of the plugin to be used for this profile
+* `plugin_external`: true for external plugin, false (default) when it is contained in the base container image
+* `version`: profile version string (based on the plugin version)
 
 
 ## Create rule entries from SonarQubes quality profile backup (xml)
@@ -50,8 +50,8 @@ Go to the profiles page in your SonarQube instance, backup a profile to an xml f
 Modify the corresponding [config.json](https://github.com/ICTU/sonar/blob/master/src/config.json) value of `rules[language]`.
 Each entry represents a rule to be activated or deactivated and has the following syntax: `(operation)(ruleId)#(comment)`
 
-* **operation**: `+` activates a rule; `-` deactivates a rule
-* **ruleId**: SonarQube rule identifier
+* `operation`: `+` activates a rule; `-` deactivates a rule
+* `ruleId`: SonarQube rule identifier
 
 Example:
 

README.md

@@ -1,6 +1,6 @@
 # ICTU SonarQube container image
 
-A SonarQube container image with plugins, profiles and config used at ICTU
+A SonarQube container image with plugins, profiles and configuration used at ICTU
 
 
 ## Creating a new quality profile
@@ -28,7 +28,7 @@ It is also possible to adjust individual rule parameter values:
     PROJECT_RULES=+csharpsquid:S110|max=6;-ts:S1561
 
 
-## Running with PostgreSQL via a docker composition
+## Running with PostgreSQL via a Docker-composition
 
 Example docker-compose file:
 

tests/.vale.ini

@@ -0,0 +1,9 @@
+StylesPath = styles
+
+MinAlertLevel = suggestion
+Vocab = Base
+
+Packages = proselint
+
+[*.md]
+BasedOnStyles = Vale, proselint

tests/requirements.txt

@@ -1,2 +1,3 @@
 python-sonarqube-api >= 2.0
 requests >= 2.31
+vale >= 3.9.0.0

tests/styles/config/vocabularies/Base/accept.txt

@@ -0,0 +1,66 @@
+Anchore
+APIs
+Caddy
+Checkmarx
+Cobertura
+Dependabot
+Docker-composition
+Dockerfile
+DTDs
+ESLint
+Gravatar
+Jira
+JMeter
+JUnit
+NCover
+Nginx
+OJAudit
+OpenShift
+PDFs
+Pydantic
+Robocop
+Snyk
+Trello
+Trivy
+UUIDs
+Wekan
+[Hh]ostname
+[Uu]nmerged
+asyncio
+autoformatting
+breakpoint
+clearable
+cloc
+discoverability
+donut
+errored
+favicon
+fixme
+hostnames?
+hotspots?
+lookback
+misconfigured
+mypy
+namespace
+npm
+parameterizable
+phpldapadmin
+[Pp]erformancetest
+severities
+sparkline
+subfolders
+submenus
+suppressions
+todo
+tooltips?
+tracebacks?
+unencrypted
+unicode
+unmerged
+upvotes
+url
+xml
+Dennie
+Bouman
+Suchow
+Redistributions

tests/styles/config/vocabularies/Base/reject.txt

@@ -0,0 +1,3 @@
+docker composition
+Docker composition
+docker-composition