go-coffee/sonar-project.properties at main · DimaJoyti/go-coffee · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# Go Coffee Platform - SonarQube Configuration
# Static Application Security Testing (SAST) and Code Quality Analysis

# Project identification
sonar.projectKey=go-coffee-platform
sonar.projectName=Go Coffee Platform
sonar.projectVersion=1.0.0
sonar.organization=dimajoyti

# Source code configuration
sonar.sources=.
sonar.exclusions=**/vendor/**,**/node_modules/**,**/*.pb.go,**/mock_*.go,**/*_test.go,**/testdata/**,**/tests/**,**/docs/**,**/scripts/**,**/deployments/**,**/k8s/**,**/web-ui/frontend/**

# Test configuration
sonar.tests=.
sonar.test.inclusions=**/*_test.go
sonar.test.exclusions=**/vendor/**,**/node_modules/**

# Go specific configuration
sonar.go.coverage.reportPaths=coverage/coverage.out
sonar.go.golint.reportPaths=reports/golint-report.out
sonar.go.govet.reportPaths=reports/govet-report.out
sonar.go.golangci-lint.reportPaths=reports/golangci-lint-report.xml

# Language configuration
sonar.language=go

# Encoding
sonar.sourceEncoding=UTF-8

# Security hotspots and vulnerabilities
sonar.security.hotspots.inheritFromParent=true

# Quality gate
sonar.qualitygate.wait=true

# Coverage thresholds
sonar.coverage.exclusions=**/*_test.go,**/mock_*.go,**/testdata/**,**/main.go,**/cmd/**

# Duplication exclusions
sonar.cpd.exclusions=**/*_test.go,**/mock_*.go,**/*.pb.go

# Analysis parameters
sonar.analysis.mode=publish

# Branch analysis (for CI/CD)
# sonar.branch.name=main
# sonar.branch.target=main

# Pull request analysis (for CI/CD)
# sonar.pullrequest.key=
# sonar.pullrequest.branch=
# sonar.pullrequest.base=main