diff --git a/source/documentation/information/we-dont-do-that.html.md.erb b/source/documentation/information/we-dont-do-that.html.md.erb index f47f3ee..1008311 100644 --- a/source/documentation/information/we-dont-do-that.html.md.erb +++ b/source/documentation/information/we-dont-do-that.html.md.erb @@ -69,6 +69,10 @@ Please contact [digital_it_forum](https://moj.enterprise.slack.com/archives/C028 Please contact [digital_it_forum](https://moj.enterprise.slack.com/archives/C0282GUGKL7) Slack channel +## Sonarcloud + +Please contact [#ask-panda-cyber](https://moj.enterprise.slack.com/archives/C0476G42C0N) Slack channel for alternative strategic tooling + ## Trello Please contact [digital_it_forum](https://moj.enterprise.slack.com/archives/C0282GUGKL7) Slack channel diff --git a/source/documentation/services/sonarcloud.html.md.erb b/source/documentation/services/sonarcloud.html.md.erb deleted file mode 100644 index 6a42edd..0000000 --- a/source/documentation/services/sonarcloud.html.md.erb +++ /dev/null @@ -1,55 +0,0 @@ ---- -owner_slack: "#operations-engineering-alerts" -title: SonarCloud -last_reviewed_on: 2025-01-07 -review_in: 6 months ---- - -# SonarCloud - -SonarCloud is a powerful cloud-based code analysis and continuous code quality service provided by SonarSource. Designed to enhance your development process, SonarCloud automatically analyzes your code for bugs, security vulnerabilities, code smells, and maintainability issues. - -Some of the key features include: - -* Code Quality Analysis: Identify coding issues and bugs through static code analysis. -* Security Vulnerability Detection: Scan your code for potential security issues. -* Code Smells Detection: Uncover design issues to improve code maintainability and performance. -* Technical Debt Management: Prioritize and address critical technical debt issues. -* CI/CD Integration: Integrate SonarCloud into your CI/CD pipeline. -* Pull Request Analysis: Catch issues in code changes before merging into the main codebase. - -## Logging into SonarCloud - -To access Sonarcloud, use your existing GitHub account for seamless login through the "Login With GitHub" option on the main page. - -If you require a GitHub account or have any other issues logging in, please contact [Operations Engineering](https://user-guide.operations-engineering.service.justice.gov.uk/documentation/information/contact.html) - -## Viewing projects - -A SonarCloud project represents a specific software codebase or repository that undergoes code analysis on the SonarCloud platform, in our case, it points to a GitHub Repository. - -For Ministry of Justice SonarCloud projects, visit: https://sonarcloud.io/organizations/ministryofjustice. - -If you cannot see the project you are after, refer to the Adding Repositories below - -## Adding projects - -> Please note that only public repositories can be added to SonarCloud and everything on SonarCloud is open to the internet. - -If you cannot see the project you are after, there is a good chance the repository has to be added to SonarCloud, please contact [Operations Engineering](https://user-guide.operations-engineering.service.justice.gov.uk/documentation/information/contact.html) - -Once project is added SonarCloud will automatically begin analyzing the repository and will become part of the pull request automatically. You will see the results within the pull request and via email. - -## Adding Code Coverage to CICD and Pull Requests - -If you wish Code Coverage to run as part of a CICD process and for checks to be run when pull requests are created, please follow this [guide](https://github.com/SonarSource/sonarcloud-github-action). - -To generate a SonarCloud token, press the 'Generate Token' button [here](https://sonarcloud.io/account/security) - you can add this to your GitHub Repository in Settings -> Secrets and Variables -> Actions whilst on your GitHub Repository. - -If you have any problems with setting this up please contact [Operations Engineering](https://user-guide.operations-engineering.service.justice.gov.uk/documentation/information/contact.html) - -## Changing Quality Controls - -You may wish the rules that Sonarcloud uses to test your code to differ from the standard conditions, only Admins can do this so please contact [Operations Engineering][https://user-guide.operations-engineering.service.justice.gov.uk/documentation/information/contact.html). - -You can see the existing Quality Gates [here](https://sonarcloud.io/organizations/ministryofjustice/quality_gates/show/9) diff --git a/source/index.html.md.erb b/source/index.html.md.erb index 59dd3d6..4847cf8 100644 --- a/source/index.html.md.erb +++ b/source/index.html.md.erb @@ -1,7 +1,7 @@ --- owner_slack: "#operations-engineering-alerts" title: Operations Engineering -last_reviewed_on: 2024-12-06 +last_reviewed_on: 2025-02-10 review_in: 6 months --- @@ -61,9 +61,8 @@ This guide is designed for developers, power users, and all team members at the * [CircleCI](documentation/services/circleci.html) * [Renovate](documentation/services/renovate.html) -#### Security and Code Quality +#### Shared Password Management -* [SonarCloud](documentation/services/sonarcloud.html) * [1Password](documentation/services/1password.html) #### Additional Resources @@ -74,5 +73,3 @@ This guide is designed for developers, power users, and all team members at the ### Organisational Fit Operations Engineering falls under the Hosting Service within the Platforms and Architecture sector at the Ministry of Justice. - -For a comprehensive and interactive view of our organisational structure, refer to our [Organisation Diagram](https://drive.google.com/file/d/1eYCm5PqpsQXKQdT_XhNi-wbH4976t9M5/view?usp=sharing).