Move away from Codecov and implement Sonar Cloud

[zFernand0]

This should alleviate the burden of having to increase coverage on unrelated code since Codecov usually got confused between target branches.
Examples of sonar cloud usage are Zowe Imperative and Zowe CLI

[VitGottwald]

@zFernand0 what is the benefit of sonar cloud? My experience with sonar is that it cannot be run on developers machines and significantly increases development feedback time.

[zFernand0]

what is the benefit of sonar cloud? My experience with sonar is that it cannot be run on developers machines and significantly increases development feedback time.

Hey @VitGottwald, Apologies for not replying any sooner. I hope that the conversation during today's call was able to resolve some of the concerns regarding the feedback time.
As said on the call, we will be sharing the the contents of the webinar as soon as we can.
CC'ing @MikeBauerCA

[MikeBauerCA]

@VitGottwald @zFernand0 @crawr @jellypuno you can register and view the webinar at https://webinars.devops.com/a-zowe-cli-enabled-roadmap

The demo is focused on incorporating code quality tools like SonarQube into CI/CD pipelines for mainframe apps. It shows the value of SonarCloud and how to run the scan from the developer's machine using the Sonar Scanner CLI.

[VitGottwald]

Thank you for the answer @zFernand0! I have one more question.

Is the sonar cloud configuration - the definition of linting rules, thresholds, etc. - stored in the form of a config file in the repo? Or is it stored in sonarcloud?

[zFernand0]

We will be discussing more on this in the #zowe-explorer OMP slack channel.

The short answer is yes, it's possible to configure SonarCloud from either the server or the repository. : )

[VitGottwald]

I should have really asked this as the very first question. Can someone point me to an example of where Codecov was broken?

[zFernand0]

Hey @VitGottwald, Here is a reference to the issue in codecov. codecov/codecov-bash#83
In this comment you can find an example of one of the problems this issue causes.

[VitGottwald]

The report of the issue codecov/codecov-bash#83 says that a rebase on master resolves the problem. Did we try that in the cases we had a problem?

[VitGottwald]

oops, clicked on wrong button, sorry

[zFernand0]

The report of the issue codecov/codecov-bash#83 says that a rebase on master resolves the problem. Did we try that in the cases we had a problem?

If I remember correctly we have done it in the past, and the issue seemed to go away, but because of the branch protection rules, we soon find ourselves in a similar situation as before. 😢

[VitGottwald]

I did a small research today. All of the open source projects I could come up with either do not use code coverage within their pull requests at all or use Codecov. I wonder why it is not an issue for them but it is here. I wish I had such a broken branch to play with it.

[JillieBeanSim]

closing now that we have Sonar Cloud working

[github-actions]

Thank you for raising this issue.
The community has 90 days to upvote 👍 the issue.
If it receives 10 upvotes, we will move it to our backlog. If not, we will close it.

[t1m0thyj]

Re-opening since we are still using Codecov to report on patch/project coverage, and SonarCloud is not reporting coverage info.

In the future, we should investigate migrating to SonarCloud for reporting coverage info on PRs and in the readme badge.

[zFernand0]

closing in favor of:

• Tech-Debt: Switch from Automatic analysis to GH Actions for Sonar Cloud #2715