Friday, August 25, 2017

Jenkins - Sonar Qube Integration

Testing is one of the important aspects of code to identify various issues that can occur while running the code. At the same time it is necessary to examine the code quality while moving the code to production.

Static analysis also called as static code analysis is a method of debugging that is done by examining the code without executing that. This allows developers a better understanding of the code structure and can help developers to ensure that the code adheres to industry standards. The main advantage of the static analysis is that it reveals errors that do not occur until months and years of application running. It is said that the static analysis is only a first step in a comprehensive software quality-control regime. Sonar is one such tool which provides us the static code analysis.

Sonar is an open source web-based application to manage code quality which covers seven axes of code quality as: Architecture and design, comments, duplications, unit tests, complexity, potential bugs and coding rules. Developed in Java and can cover projects in Java, FlexPHPPL/SQL,  Visual Basic 6. It's very efficient to navigate; offering visual reporting and you can follow metrics evolution of your project and combine them.

In this article we will see how we can install SONAR tool and use that.

1. Download SonarQube from here

2. Extract the tar file to /op/sonarqube.
Once extracted move to the /opt/sonarqube/bin/linux-x86-64.And run the “sonar.sh  start”.

That’s all you need to do in starting the sonarqube. Access the sonarqube console using the “localhost:9000” and we can see the web console as below,

 The default credentials for login are admin and admin.

2.In the Jenkins server, install the sonar-qube plugin using the Manage plugins. Configure the Sonar-qube in the “Configure System” as
Since this is a community version, we don't need to add any credentials details.

4.Download the sonar-runner on the slave machine and extract
wget http://repo1.maven.org/maven2/org/codehaus/sonar/runner/sonar-runner-dist/2.4/sonar-runner-dist-2.4.zip

A sonar-runner is the tool that actually scans the source code for conventions and pass them to the sonar qube server for displaying them on web page.

5.Now go to the “Configure Global tool” section and configure sonar-runner under the sonarqube scanner

6.Create a Maven Job and in the Add pre build step , choose a “Execute SonarQube Scanner” option
Fill the details as above.In the path to project properties location , pass the location where sonar.properties exists in the project source code. Naturally this will be present on the root level.

We can either add the sonar.properties file in source code or paste them in the analysis properties field.

In the maven Build arguments pas the "mvn clean install" and see the results in the Sonar qube web application as below,
More to come , Happy learning :-)

No comments :

Post a Comment