Running Sonar Analysis Using Maven

In last post I have covered how to configure SonarQube. Let’s see how you can run a Sonar code analysis using Maven.

You need to enable sonar profile, for that you need to add following profile configuration to your settings.xml.

<id>sonar</id>
 <activation>
 <activeByDefault>true</activeByDefault>
 </activation>
 <properties>
 <sonar.jdbc.url>
 jdbc:mysql://localhost:3306/sonarqube?useUnicode=true&amp;characterEncoding=utf8&amp;rewriteBatchedStatements=true
 </sonar.jdbc.url>
 <sonar.jdbc.username>sonarUserName</sonar.jdbc.username>
 <sonar.jdbc.password>sonarPassword</sonar.jdbc.password>
 <sonar.host.url>
 http://localhost:9000
 </sonar.host.url>
 </properties>
 </profile>
   
  

you can add above code in global settings.xml, which is kept in c:\users\\.m2 folder. Or you can create a file in your parent project and while running maven command use mvn –settings settings.xml command, maven –settings option is used to provide custom setting file.

In your parent pom.xml, you can specify sonar specific properties.

<sonar.language>java</sonar.language>
<sonar.java.source>1.6</sonar.java.source>
<sonar.projectVersion>1.0</sonar.projectVersion>
<sonar.sourceEncoding>UTF-8</sonar.sourceEncoding>
<sonar.binaries>target\classes</sonar.binaries>
      

To run the SonarQube analysis run

mvn sonar:sonar

Maven will connect to the MySQL server and will run the code analysis on your code using configured rules, once the instrumentation us done, data will be persisted to MySQL server. once build is sucessfull you can access the report on your SonarQube application.

Advertisements
Running Sonar Analysis Using Maven

Configuring SonarQube

SonarQube is all in one code quality tool, it covers following main aspects of code quality
1) Complexity
2) Code coverage
3) Potential bugs
4) Architecture and Design

It is easy to use and configurable as per your need, SonarQube reuses the tools like FindBug, PMD, Cobertura, JUnits etc. Sonar also supports multiple languages. You can configure your own rules, rules can be configured project specific. You can integrate Sonar with Jenkins, so once your project is built all required rules will be analysed and published on SonarQube.

Shopizer Project On SonarQube

This is a quick start tutorial to setup a SonarQube.
You need JRE 6 or above to run the 4.5 SonarQube distribution.

Download the SonarQube distribution from the site, I used 4.5 version. Download from SonarQube 4.5

Extract the content of the file to a folder.

I used MySQL as backend to store the analysis data. to configure MySQL, run following queries on MySQL

 
CREATE DATABASE SonarDBName CHARACTER SET utf8 COLLATE utf8_general_ci;

CREATE USER 'sonar' IDENTIFIED BY 'sonar';
GRANT ALL ON SonarDBName.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
GRANT ALL ON SonarDBName.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
FLUSH PRIVILEGES; 

Change the SonarDBName to whatever you prefer, if you have your mySQL running on different server, change the value of ‘localhost’ to the specific host.

Configure Sonar to use MySQL as your default DB,Open the file conf/sonar.properties to edit, search for “sonar.jdbc.url”

 
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonarQube?useUnicode=true&amp;amp;characterEncoding=utf8&amp;amp;rewriteBatchedStatements=true&amp;amp;useConfigs=maxPerformance

In above snippet sonarQube is the Sonar DB name.

Now start your SonarQube /bin/windows-x86-32 (if you are running it on different platform, choose appropriate directory), in initial start up Sonar will download two plugins by default java and FindBug. if you need additional plugins you can download it from Sonar plugin site and copy it to /extensions/plugins. This is manual method.

I have used following plugins
sonar-checkstyle-plugin-2.1.1.jar
sonar-cobertura-plugin-1.6.3.jar
sonar-findbugs-plugin-2.4.jar
sonar-java-plugin-2.5.jar
sonar-javascript-plugin-2.1.jar
sonar-pmd-plugin-2.2.jar
sonar-scm-activity-plugin-1.8.jar
sonar-scm-stats-plugin-0.3.1.jar
sonar-web-plugin-2.3.jar

Your default password for admin user is admin, login to the SonarQube instance by hitting localhost:9000 and change the default admin password, if required you can add more users and user groups. plugins also available to synch with Active Directory.

Configuring SonarQube