INSTALLATION
2.
Unzip the contents of the file to a path of your choice, e.g.
(C:\ C:\sonarqube-4.0).
3.
Check that SonarQube server starts correctly by performing the
following C:\ C:\sonarqube-4.0 \bin\ windows-x86-xx
\StartSonar.bat. If you are using either a Linux or a Mac machine please
select the appropriate sub folder within bin directory and execute sonar.sh.
CONFIGURE MAVEN
First
you have to edit the settings.xml file of your Maven installation. This is
normally found at $MAVEN_HOME/conf or ~/.m2 e.g (C:\apache-maven-3.x.x\conf).
Add the
following snippet within you current profiles (i.e. <profiles>
</profiles> tags).
1
2
3
4
5
6
7
8
9
10
11
12
13
|
<profile>
<id>sonar</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<properties>
<sonar.jdbc.url>
</sonar.jdbc.url>
<sonar.jdbc.username>admin</sonar.jdbc.username>
<sonar.jdbc.password>admin</sonar.jdbc.password>
</properties>
</profile>
|
ANALYSE PROJECTS
USING MAVEN
Adding
and analysing a maven project is trivial. In the directory of your project’s
pom.xml execute
mvn clean install -DskipTests=true
and
once it completes please execute
The
reason we are skipping the tests in the first command is that sonar will
execute the test by default so there is no need for them to run twice.
You can
now check the results on your server. In the projects section you will see your
project appear.
Click
on it and you will be transferred to the projects dashboard where you will see
analytical details.
Start
browsing the issues by clicking on one of the categories. Blocker,
Critical, Major, Minor, Info.
Select
various issues and see how sonar suggests the specific issue should be
fixed.
Perform
the changes in your code and then execute
mvn clean install -DskipTests=true
mvn sonar:sonar
Go back
to the Sonarqube server. The issues should not appear any more.
CHANGING QUALITY
PROFILES
You
might need to alter the profiles against which your code is checked. Log in
using the default username & password: admin / admin
Click
on Quality profiles:
Select
Sonar way with Findbugs as your default profile:
Recompile
your code
mvn clean install -DskipTests=true
mvn sonar:sonar
Go back
to the SonarQube server. Since the code is now checked against 500+ rules there
is a high chance that you will see changes on your projects Dashboard.
CODE COVERAGE BY UNIT TESTS
The
simplest way to include code coverage report to your project analysis is by
unit testing. Sonar needs an appropriate plugin. Jacoco plugin is available out
of the box. You only need to alter your projects pom.xml file by adding the
following properites:
1
2
3
4
5
6
7
8
|
<sonar.language>java</sonar.language>
<sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
<!-- force sonar to reuse reports generated during build
cycle -->
<sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
<!-- set path for unit tests reports -->
<sonar.jacoco.reportPath>${project.basedir}/target/jacoco-unit.exec</sonar.jacoco.reportPath>
<!-- all modules have to use the same integration tests
report file -->
<sonar.jacoco.itReportPath>${project.basedir}/../target/jacoco-it.exec</sonar.jacoco.itReportPath>
|
And the
following plugin:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
<plugin>
<groupid>org.jacoco</groupid>
<artifactid>jacoco-maven-plugin</artifactid>
<version>0.6.2.201302030002</version>
<executions>
<execution>
<id>prepare-unit-tests</id>
<goals>
<goal>prepare-agent</goal>
</goals>
<configuration>
<destfile>${sonar.jacoco.reportPath}</destfile>
</configuration>
</execution>
<execution>
<id>prepare-integration-tests</id>
<goals>
<goal>prepare-agent</goal>
</goals>
<phase>pre-integration-test</phase>
<configuration>
<destfile>${sonar.jacoco.itReportPath}</destfile>
<propertyname>itCoverageAgent</propertyname>
</configuration>
</execution>
</executions>
</plugin>
|
As in
previous steps recompile your code
mvn clean install -DskipTests=true
mvn sonar:sonar
and in
your dashboard you will be able to see the results: