Skip to content

Commit

Permalink
update documentation (#95)
Browse files Browse the repository at this point in the history
* update readme

Signed-off-by: Nicklas Körtge <nicklas.koertge1@ibm.com>

* update readme

Signed-off-by: Nicklas Körtge <nicklas.koertge1@ibm.com>

---------

Signed-off-by: Nicklas Körtge <nicklas.koertge1@ibm.com>
  • Loading branch information
n1ckl0sk0rtge authored Aug 12, 2024
1 parent df33179 commit e41ffc6
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 12 deletions.
11 changes: 4 additions & 7 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,24 +36,21 @@ mvn checkstyle::check

## Build

In the project directory run the following command:
Execute the following command in the project directory:
```shell
mvn clean package
```
The `.jar` file will be stored in the target directory and also copied to
`.SonarQube/plugins`.


## Run the Plugin with SonarQube

```shell
UID=${UID} GID=${GID} docker-compose up
UID=${UID} docker-compose up
```

### Configure SonarQube

For the initial configuration and setup have a look to the [official SonarQube documentation](https://docs.sonarqube.org/latest/try-out-sonarqube/).

### Create a Quality Profile with Crypto Rules
For the initial configuration and setup,
take a look at the [official SonarQube documentation](https://docs.sonarqube.org/latest/try-out-sonarqube/).

See detailed instructions in the root [README.md](./README.md#create-a-quality-profile-with-crypto-rules)
11 changes: 6 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,16 @@ in source code and generates [CBOM](https://cyclonedx.org/capabilities/cbom/).
## Installation

> [!NOTE]
> To run the plugin, you need a running SonarQube instance with one of the supported
> versions. If you don't have one but want to try the plugin, you can use the
> included Docker Compose to set up a development environment. See
> [here](CONTRIBUTING.md#build) for instructions.
Copy the plugin (the JAR file from the [latest releases](https://github.com/IBM/sonar-cryptography/releases))
to `$SONARQUBE_HOME/extensions/plugins` and restart
SonarQube ([more](https://docs.sonarqube.org/latest/setup-and-upgrade/install-a-plugin/)).

> [!NOTE]
> We are currently in the process of adding the plugin to the SonarQube marketplace. You will then be able to install
> the plugin directly via the marketplace (only applicable for the community version,
> [see](https://docs.sonarsource.com/sonarqube/latest/instance-administration/marketplace/)).
## Using

The plugin provides new inventory rules (IBM Cryptography Repository) regarding the use of cryptography for
Expand Down

0 comments on commit e41ffc6

Please sign in to comment.