Introduction to SonarQube:
We all are well aware of the importance of codebase quality, unhampered of “deadly programming skills” which can wreck our code. But isn’t it quite cumbersome to implement different tools to look upon its different aspects. What if in one place, we can have detailed insight of all the development sins. This one place is SONARQUBE.
SonarQube offers an easy way to manage all the 7 axes of code quality – Spaghetti design, Comments, Coding rules, Duplicacy, Test-cases coverage, Potential bugs and Code complexity. It has got a very efficient way of navigating, a balance between high-level view, dashboard, time machine and defect hunting tools. This enables to quickly uncover project components that are in technical debts to establish necessary action plans.
It also has 3 components namely Database, Analyzer and a Web server and so it requires trio-setup. It can be configured across different platforms however through this blog would be about a Grails development project.
Setting up and Starting SonarQube:
1) Download and unzip sonarqube and sonarqube-runner from Downloads page under
Any DB specific configurations can be done in
sonarqube/conf/sonar.properties file. SonarQube supports MySQL, Oracle, PostgreSQL,Microsoft SQL Server. In order to configure them, all you need to do is uncomment the server specifications, pass in your database-name, grant all the privileges to your user and we are good to go here! Or you can use the default h2 database too.
2) You can also customize web server information like HTTP port (default is 9000), search indexes, logging, development specifications in this file. In order to start SonarQube, execute
/etc/sonarqube(your version)/bin/[OS]/sonar.sh start(linux) or
3) Navigate to http://localhost:9000 and login as Administrator (admin / admin). If everything went well, we have successfully started SonarQube, next we will install language-specific plugins under Settings > Update Center > Available Plugin.
For sample project inspection you can install Cobertura, FindBugs, Issues Report, for instance, with any language-specific plugin (Here we have used Groovy).
4) SonarQube supports multiple analyzers for mavenized as well as non-maven projects, use SonarQube Runner for non-maven projects. For the type of SonarQube DB that is being used, you have to configure the
sonarqube-runner/conf/sonar-runner.properties. In this example, I have used sonar-runner however you can have different analyzers configured for your projects.
Setting sonar-runner for your project
After having configured SonarQube successfully, next move is to configure sonar-runner in the project. For this, create a sonar-project.properties file at the root of Grails project with details as –
sonar.projectName=Your Project Name
Your project should have code coverage plugin installed prior to this for xml generation.
To generate coverage.xml, execute
grails test-app -coverage -xml
Once done till here, run a simple command as
sonar-runner from your project root. It may take few seconds, but when its done go to http://localhost:9000 and your project with its technical debts, code complexity, duplications, unit tests coverage and all the issues with blockers too will be visible under Dashboard page.
Here is a screenshot of the project dashboard page.
You can then navigate to these links for detailed inspection. You can also configure other metrics from Measures tab in top most bar, define custom rules, add your action plans for the project.
Lets write great code with SonarQube managing our code very well.
Hope you find this post useful.
Senior Software Engineer- To The New Digital