Challenge Overview
Challenge Objectives
-
To retrieve the SonarQube scan results using the SonarQube Web API
-
To upload the scan results to Amazon S3
Project Background
-
There are two modules in this project. The first one is a processor which listens to messages in Topcoder’s Kafka stream and when a submission upload event is detected, it attempts to scan the submission using SonarQube through the Sonar Scanner.
-
The second module is the API which is used as a webhook in SonarQube. When a scan result completes, this webhook is called with the details of the scan (summary only) and this module then attempts to create a review for the submission based on the overall scan result and stores the summary as an artifact under the submission.
-
For this contest, only the API module is needed. You don’t need the processor, a Sonar Scanner and SonarQube instance are sufficient.
Technology Stack
-
Nodejs (version 10)
-
SonarQube. You can set one of your own or use a docker based instance.
Code access
You can access the code here. Kindly use the develop branch as your base branch.
Individual requirements
To retrieve the SonarQube scan results using the SonarQube Web API (Major Requirement)
-
SonarQube has a web api, whose documentation can be found in the footer of the SonarQube UI.
-
We are particularly interested in the following APIs:
-
/api/measures/search_history
-
/api/issues/search
-
-
In the API module, the service that processes the summary payload from the scan needs to be enhanced to make the above two api calls.
-
Improve the service code to make individual function calls, for each type of action carried out instead of writing all the logic in a single function
To upload the scan results to Amazon S3 (Major Requirement)
-
Once the data from the API is available, you need to create a json file with the following structure:
{
"project_key": "", // retrieved from the summary payload
"measures": { // retrieved from /api/measures/search_history. The “history.value” for each metric is mentioned against that metric
"code_smells": ,
"bugs": ,
"vulnerabilities: ,
"security_hotspot":
},
"issues": { // retrieved from /api/issues/search, provide the entire issues array as received
"code_smells": [],
"bugs": [],
"vulnerabilities: [],
"security_hotspot": []
},
"scan_time": "" // current datetime
}
-
Upload this json file to an Amazon S3 bucket read through configuration
Deployment guide and validation document
Update the deployment guide as needed. No verification document is necessary.
Important Notes
-
Follow existing conventions used in the API
-
Ensure there are no lint errors
-
For both the api calls, you only need to retrieve the following metrics. For each metric, you need to retrieve all the records (in other words, paginate if necessary to get all the responses):
-
Code Smell
-
Bug
-
Vulnerability
-
Security Hotspot
-
-
You need to update the tests for the API based on the changes carried out in this contest. Add new tests as needed. Aim for a code coverage of more than 80%.
Final Submission Guidelines
Submit a git patch of your changes. Kindly verify that the git patch can be applied successfully against the latest commit in the develop branch