Internal Errigal Collaboration Wiki

User Tools

Site Tools

Trace:
Writing /app/www/public/data/meta/toolsandtechnologies/sonarqube.meta failed
toolsandtechnologies:sonarqube

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
toolsandtechnologies:sonarqube [2017/05/18 15:53] pmurphytoolsandtechnologies:sonarqube [2021/06/25 10:09] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +====== SonarQube Code Quality ======
 +Author : Paddy Murphy
 +\\ Date : 2017-05-03
 +
 +**What is it?**
 +
 +SonarQube is an open source tool which gives a snapshot of code quality. It uses the following quality metrics:
 +  * **Potential Bugs** - This uses coding rules to detect potential bugs, bugs can be ranked as Blocker, Critical, Major, Minor, or Info
 +  * **Tests** - This measures unit-test coverage
 +  * **Duplications** - Detect copy-paste code and give a percentage value
 +  * **Comments** - Measures the percentage of comments. Only API comments are measured; inline comments are ignored.
 +  * **Architecture & Design** - only supported for Java analysis, LCOM4 determines how the code stacks up from an object oriented design perspective, the tidiness of the programs architecture is also measured i.e. do classes in package A include classes in package B
 +  * **Complexity** - Measures how complex the logic of the code is; this is calculated by adding the complexity value for each file analysed.
 +
 +
 +It consists of two components a SonarQube server which displays the the results and a SonarQube scanner which carries out the code analysis. 
 +
 +**Where is it installed?**
 +
 +The SonarQube server is currently installed on the erato server.
 +View dashboard at: [[http://10.91.100.111:9000/sonar/dashboard/|http://10.91.100.111:9000/sonar/dashboard/]]
 +
 +Log in with the usual credentials, the home page displays a list of projects that have been analysed.
 +
 +{{:toolsandtechnologies:screen_shot_2017-05-18_at_12.51.53.png|}}
 +
 +===== How to Install SonarQube Server on Ubuntu ===== 
 +SonarQube requires Java 8 and MySQL – 5.6 or greater
 +  * wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-5.6.4.zip --no-check-certificate
 +  * sudo unzip sonarqube-5.6.4.zip
 +  * sudo nano sonarqube-5.6.4/conf/sonar.properties
 +  * uncomment the following lines
 +\\ #sonar.web.host=0.0.0.0
 +\\ #sonar.web.context=
 +\\ #sonar.web.port=9000
 +
 +Add the following values:
 +\\ sonar.web.host=<server ip address>
 +\\ sonar.web.context=/sonar
 +\\ sonar.web.port=9000
 +
 +**Start Application**
 +  * cd /opt/sonar/sonarqube-5.6.4/bin/linux-x86-64
 +  * sudo ./sonar.sh start
 +  * point browser at:
 +  * http://server_ip_address:9000/sonar/dashboard/
 +
 +**Add sonar database**
 +\\ By default SonarQube uses the H2 database engine. This is not suitable for a production instance.
 +\\ Ensure that a MySQl version 5.6 or greater is installed.
 +  * login to mysql server
 +  * create database sonar;
 +  * sudo nano sonarqube-5.6.4/conf/sonar.properties
 +  * uncomment the JDBC MySQL Driver line & the following lines:
 +
 +\\ #sonar.jdbc.username=
 +\\ #ssonar.jdbc.password=
 +
 +Change values:
 +\\ #sonar.jdbc.username=root
 +\\ #ssonar.jdbc.password=ozzrules 
 +
 +If everything is configured correctly the dashboard page should display when SonarQube is restarted.
 +
 +===== Troubleshooting on erato server =====
 +
 +Logs can be viewed at: /opt/sonar/sonarqube-5.6.4/logs/sonar.log
 +
 +**Stop application**
 +
 +  * cd /opt/sonar/sonarqube-5.6.4/bin/linux-x86-64
 +  * sudo ./sonar.sh stop
 +
 +
 +
 +**Restart Application**
 +
 +  * cd /opt/sonar/sonarqube-5.6.4/bin/linux-x86-64
 +  * sudo ./sonar.sh start
 +
 +**Sonarqube won't start with ElasticSearch exceptions in the log**
 +  * you will see something like '2018.08.27 03:45:37 INFO  app[o.s.p.m.Monitor] Process[es] is stopped' in the logs
 +  * most likely the elasticsearch data is corrupted
 +  * you will need to stop the sonarqube and delete the elasticsearch folder:
 +  * //sudo rm -rf /opt/sonar/sonarqube-5.6.4/data/es/sonarqube///
 +  * start sonarqube again
 +  * sonarqube will rebuild the elasticsearch data startup (which can take few minutes)
 +  * check the ui if it works
 +
 +
 +===== Jenkins 2 Integration =====
 +Install the Jenkins SonarQube plugin
 +
 +**Add SonarQube Server**
 +
 +See Setting up SonarQube in [[toolsandtechnologies:jenkins_2|Jenkins 2]]
 +
 +**Add SonarQube scanner**
 +
 +  * Go to Jenkins, Manage Jenkins, Global Tool Configuration
 +  * In the JDK section install a Java 8 version if not already installed
 +  * In SonarQube Scanner section select Add SonarQube Scanner
 +  * Give the scanner a suitable name
 +  * From dropdown select Sonarqube Scanner 2.8
 +  * At bottom of page select Apply and Save
 +
 +**Add SonarQube Scanner build step to Grails 2 Project**
 +
 +As this build step can take some time on larger projects this build step should be last.
 +
 +  * Choose add build step and select Execute SonarQube Scanner.
 +  * For JDK Select a Java 8 version
 +  * In Analysis properties use template below and edit to suit your needs.
 +
 +<code>
 +# must be unique in a given SonarQube instance
 +sonar.projectKey=com.errigal.reporting-manager
 +# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.
 +sonar.projectName=reporting-manager
 +sonar.projectVersion=1.0
 + 
 +# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
 +# Since SonarQube 4.2, this property is optional if sonar.modules is set. 
 +# If not set, SonarQube starts looking for source code from the directory containing 
 +# the sonar-project.properties file.
 +sonar.sources=.
 + 
 +# Encoding of the source code. Default is default system encoding
 +#sonar.sourceEncoding=UTF-8
 +
 +# Exclude files from SonarQube analysis
 +sonar.exclusions=src/templates/artifacts/**, web-app/js/prototype/**
 +# Language
 +#sonar.language=grvy
 +</code>
 +SonarQube Scanner Build Example
 +
 +{{:toolsandtechnologies:screen_shot_2017-05-19_at_14.20.40.png|}}
 +
 +  * If no language is specified an analysis is done on all Java, Groovy, & JavaScript code.
 +  * Use the following syntax to specify an analysis for a single language only.
 +
 +<code>
 +# Groovy 
 +sonar.language=grvy
 +
 +# Java 
 +sonar.language=java
 +
 +# JavaScript
 +sonar.language=js
 +</code>
 +
 +**Grails 3 Projects**
 +\\ Grails 3 projects use the Gradle build system.
 +\\ See the Alarm-cache Project for an example of grails 3 and SonarQube integration (http://10.91.100.112:8080/job/alarm-cache/):
 +
 +build.gradle
 +<code>
 +  dependencies {
 +    classpath "org.grails:grails-gradle-plugin:$grailsVersion"
 +    classpath "org.grails.plugins:hibernate5:${gormVersion - ".RELEASE"}"
 +    classpath "org.grails.plugins:views-gradle:1.1.6"
 +    classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.3"
 +  }
 +}
 +... 
 +
 +apply plugin: "jacoco"
 +if (JavaVersion.current() == JavaVersion.VERSION_1_8) {
 +  apply plugin: "org.sonarqube"
 +  //Define sonar url and login token for all sub project
 +  //https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Gradle#AnalyzingwithSonarQubeScannerforGradle-AnalyzingMulti-ProjectBuilds
 +  sonarqube {
 +    properties {
 +      property "sonar.host.url", "http://10.91.100.110:9000/sonar"
 +      property "sonar.login", "cf6a76dc8f93946096c8c21e746e249e53d619dc"
 +    }
 +  }
 +}
 +</code>
 +
 +Jenkinsfile.groovy
 +
 +<code>
 +#!groovy
 +// Define versioning strategy
 +versionNumber = "0.1.0." + currentBuild.number
 +currentBuild.displayName = versionNumber
 +// ID of the Jenkins credentials for interaction with BitBucket
 +bitbucketCredentialsId = 'bitbucket'
 +// The hostname/path part of the git URL
 +repoLocation = 'bitbucket.org/errigal/alarm-cache.git'
 +
 +...
 +
 +stage('Unit Test') {
 +    try {
 +      sh './gradlew test --continue'
 +    } finally {
 +      // Archive test result so they are browsable from Jenkins
 +      step([$class: 'JUnitResultArchiver', testResults: '**/build/test-results/test/*.xml'])
 +    }
 +  }
 +
 +  stage('Integration Test') {
 +    try {
 +      sh './gradlew integrationTest --continue'
 +    } finally {
 +      // Archive test result so they are browsable from Jenkins
 +      step([$class: 'JUnitResultArchiver', testResults: '**/build/test-results/integrationTest/*.xml'])
 +    }
 +  }
 +
 +  stage('Coverage') {
 +    try {
 +      sh './gradlew jacocoTestReport'
 +    } finally {
 +      // Archive coverage result so they are browsable from Jenkins
 +      step([$class: 'JacocoPublisher'])
 +    }
 +  }
 +
 +  stage('SonarQube') {
 +    sh "./gradlew sonarqube -Dsonar.projectVersion=$versionNumber"
 +  }
 +}
 +</code>
 +
 +Jenkins 2 & Grails 3 integration
 +{{:toolsandtechnologies:screen_shot_2017-05-23_at_14.55.09.png|}}
  

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki