Wednesday, 7 February 2018

SONARQUBE LOCAL INSTALLATION GUIDE

INSTALLATION


1.    First of all download the latest SonarQube Distribution found http://www.sonarsource.org/downloads/.
2.    Unzip the contents of the file to a path of your choice, e.g. (C:\ C:\sonarqube-4.0).
3.    Check that SonarQube server starts correctly by performing the following C:\ C:\sonarqube-4.0 \bin\ windows-x86-xx \StartSonar.bat. If you are using either a Linux or a Mac machine please select the appropriate sub folder within bin directory and execute sonar.sh.
 Description: http://yetanotherdevblog.com/sites/default/files/console_0.png
4.    Once you see similar to the above outcome check that your server is up, by visiting http://localhost:9000/
Description: http://yetanotherdevblog.com/sites/default/files/sonarqube.png

CONFIGURE MAVEN

First you have to edit the settings.xml file of your Maven installation. This is normally found at $MAVEN_HOME/conf or ~/.m2 e.g (C:\apache-maven-3.x.x\conf).
Add the following snippet within you current profiles (i.e. <profiles> </profiles> tags).
?
1
2
3
4
5
6
7
8
9
10
11
12
13
<profile>
   <id>sonar</id>
   <activation>
       <activeByDefault>false</activeByDefault>
   </activation>
   <properties>
       <sonar.jdbc.url>
         jdbc:h2:tcp://localhost:9092/sonar
       </sonar.jdbc.url>
       <sonar.jdbc.username>admin</sonar.jdbc.username>
       <sonar.jdbc.password>admin</sonar.jdbc.password>
   </properties>
</profile>

ANALYSE PROJECTS USING MAVEN

Adding and analysing a maven project is trivial. In the directory of your project’s pom.xml execute
 mvn clean install -DskipTests=true
and once it completes please execute
mvn sonar:sonar
The reason we are skipping the tests in the first command is that sonar will execute the test by default so there is no need for them to run twice.
You can now check the results on your server. In the projects section you will see your project appear.
Description: http://yetanotherdevblog.com/sites/default/files/results_sonar.png
Click on it and you will be transferred to the projects dashboard where you will see analytical details.
Description: http://yetanotherdevblog.com/sites/default/files/detailis.png
Start browsing the issues by clicking on one of the categories. Blocker, Critical, Major, Minor, Info.
Select various issues and see how sonar suggests the specific issue should be fixed. 
Description: http://yetanotherdevblog.com/sites/default/files/fixes.png
Perform the changes in your code and then execute
mvn clean install -DskipTests=true
mvn sonar:sonar
Go back to the Sonarqube server. The issues should not appear any more.

CHANGING QUALITY PROFILES

You might need to alter the profiles against which your code is checked. Log in using the default username & password: admin / admin
Description: http://yetanotherdevblog.com/sites/default/files/change_profile.png

Click on Quality profiles:
Description: http://yetanotherdevblog.com/sites/default/files/click_profile.png
Select Sonar way with Findbugs as your default profile:
Description: http://yetanotherdevblog.com/sites/default/files/findbugs.png
Recompile your code
mvn clean install -DskipTests=true
mvn sonar:sonar
Go back to the SonarQube server. Since the code is now checked against 500+ rules there is a high chance that you will see changes on your projects Dashboard.

CODE COVERAGE BY UNIT TESTS

The simplest way to include code coverage report to your project analysis is by unit testing. Sonar needs an appropriate plugin. Jacoco plugin is available out of the box. You only need to alter your projects pom.xml file by adding the following properites:

?
1
2
3
4
5
6
7
8
<sonar.language>java</sonar.language>
<sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
<!-- force sonar to reuse reports generated during build cycle -->
<sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
<!-- set path for unit tests reports -->
<sonar.jacoco.reportPath>${project.basedir}/target/jacoco-unit.exec</sonar.jacoco.reportPath>
<!-- all modules have to use the same integration tests report file -->
<sonar.jacoco.itReportPath>${project.basedir}/../target/jacoco-it.exec</sonar.jacoco.itReportPath>
And the following plugin:
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<plugin>
  <groupid>org.jacoco</groupid>
  <artifactid>jacoco-maven-plugin</artifactid>
  <version>0.6.2.201302030002</version>
  <executions>
    <execution>
      <id>prepare-unit-tests</id>
      <goals>
    <goal>prepare-agent</goal>
      </goals>
      <configuration>
    <destfile>${sonar.jacoco.reportPath}</destfile>
      </configuration>
    </execution>
     
    <execution>
      <id>prepare-integration-tests</id>
      <goals>
    <goal>prepare-agent</goal>
      </goals>
      <phase>pre-integration-test</phase>
      <configuration>
    <destfile>${sonar.jacoco.itReportPath}</destfile>
    <propertyname>itCoverageAgent</propertyname>
      </configuration>
    </execution>
  </executions>
</plugin>
As in previous steps recompile your code
mvn clean install -DskipTests=true
mvn sonar:sonar
and in your dashboard you will be able to see the results:
Description: http://yetanotherdevblog.com/sites/default/files/dashboard.png

No comments:

Post a Comment