Sonar Qube - Server Setup
Sonar Qube helps in analyzing the code for its quality and coverage, which helps the developers write clean and efficient code.
Let's try to understand how we can set up a Sonar Qube server, and integrate it with a Spring Boot application.
Download and Install
The download page provides the download link which downloads the ZIP file, which needs to be extracted.
Then, go into the "bin" folder, choose the folder related to the operating system, then click on the "StartSonar" batch file, which executes the batch file.
After successful execution, access the Sonar Qube application on http://localhost:9000 as shown below.
Sonar Qube - Create Project
Follow the below steps to create a new project on the Sonar Qube application.
- Click the "Create Project" link in the Projects section.
- Provide the project display name and key and set up the new project, which takes you to the section "How do you want to analyze your repository?" section. Choose any of the options.
- Then, generate a token, which is required for generating the analysis.
- Then, run the analysis on the project.
For running the analysis on a Spring Boot project, follow the below instructions.
Spring Boot Application Integration
After the project is created in Sonar Qube, follow the below instructions to generate an analysis report for the application.
Add the below profile to the pom.xml file, where we can specify the exclusions.
<profiles>
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<sonar.host.url>http://localhost:9000</sonar.host.url>
<sonar.exclusions>
/src/main/java/com/example/demo/model/*.java,
/src/main/java/com/example/demo/dto/*.java
</sonar.exclusions>
</properties>
</profile>
</profiles>
Add the below plugin to the pom.xml file, within the build plugins.
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>
</plugin>
Then, run the below maven command to analyze the code and publish the report to the respective project on Sonar Qube located at http://localhost:9000 as specified in the command.
- This can be executed from a command line from the project's root location.
- Or run it directly on IDE, like STS without the word "mvn" in the command.
Here, the below properties are important to identify the project defined on the Sonar Qube.
projectKey- the key defined for the project while creating the project on the Sonar Qubehost.url- defines the Sonar Qube URLlogin- defines the token created for the project on Sonar Qube
mvn clean verify sonar:sonar \
-Dsonar.projectKey=demo \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=sqp_fa782b47b1a4ef8bdea5720a7b3f40af0b0b910e
The above command generates the sonar report and updates the same on the Sonar Qube running on http://localhost:9000 as shown below.
Access the report on the Sonar Qube application, which looks like the one below.
Resources
Download link: https://www.sonarqube.org/downloads/
Quick Start Guide: https://docs.sonarqube.org/latest/setup/get-started-2-minutes/
Conclusion
Now, we know how to set up a Sonar Qube server, integrate it with a Spring Boot application, and generate an analysis report.