SonarQube our ally to improve the webapp projects

Hi all,

Today I would like to comment on an indispensable (free)software in the continuous delivery of our projects.

The official definition is:

“SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can fix the leak and therefore improve code quality systematically.“

For us, it allows us to detect possible bugs of our project and manage the corrections. It allows us to improve the quality of the presented software.

So, let’s go to install this fabulous software on your local PC (this guide is made for windows, although it is available in different platforms).

Prerequisites

(based on: http://(based on: http://www.tecnohobby.net/ppal/index.php/programacion/java/28-instalar-sonarqube-con-postgresql )

1.- Install local data base: SonarQube needs a local database, in our case we will use postgres. Go to https://www.postgresql.org/ and download and install postgres.

When the installation has completed, install your local database storage on C:\pgsqldb, to do this, user this command “initdb -D C:\pgsqldb“.

2.- Assing local windows path for postgres commands and then start your local database server with command: “postgres -D C:\pgsqldb > C:\pgsqldb\logs\logfile.log 2>&1 &“

(NOTE): you can user the following .bat file to do second stept automatically:

@ECHO ON
REM The script sets environment variables helpful for PostgreSQL
@SET PATH="C:\pgsql\bin";%PATH%
@SET PGDATA=C:\pgsqldb
@SET PGDATABASE=postgres
@SET PGUSER=postgres
@SET PGPORT=5432
@SET PGLOCALEDIR=C:\pgsqldb\share\locale
REM "C:\pgsql\bin\initdb"
"C:\pgsql\bin\pg_ctl" -D "C:\pgsqldb" -l logfile start
ECHO "Click enter to stop"
pause
"C:\pgsql\bin\pg_ctl" -D "C:\pgsqldb" stop -m fast

In the options add the followin parameters:

• General: Add name (free text)
• Connections: add server address, port, database name, user and password

Save this options.

Add name:

Add password on definition tab:

Modify privileges as follow:

And then add definiton:

#PostgreSQL configuration
sonar.jdbc.username=sonar
sonar.jdbc.password=sonar
sonar.jdbc.url=jdbc:postgresql://localhost/sonar

• Login: admin
• Password: admin

8.- Install new plugins. My recommendation is to install “Sonarjs“, “CSS/SCSS/Less” and “Sonarxml“.

Todo this, goes to “Administration > System > Update Center” and then search plugin and push on “install”. After install all plugins you must restart aplication.

Prepare run the analysis

9.- Before we can perform the analysis, we need to install the sonarQube analysis client. We will download the client program at  https://docs.sonarqube.org/display/SONARQUBE45/Installing+and+Configuring+SonarQube+Runner

Then unzip the files, in my case in “C:\sonar-runner” and add path variable on to windows.

10.- Add file configuration called  “sonar-project.properties” at the root of the project “\WebContent” with the following content (sonar.projectName and sonar.projectKey text can be customized):

sonar.projectKey=org.sonarqube:javascript-lcov-sq-scanner
sonar.projectName=your_name_project
sonar.projectVersion=1.0

sonar.sources=.
sonar.sourceEncoding=UTF-8
sonar.exclusions=node_modules/**

# To import the LCOV report
sonar.javascript.lcov.reportPath=report/lcov.dat

You can user “sonar.exclusions” to discard files or folders.

Execute analisis and get results

11.- In the system symbol, you can execute the command “sonar-runner”. At the end of the analysis we will have the following result

12.- Then in http://localhost:9000/projects you can analyze the results of the analysis:

For more information:

https://docs.sonarqube.org/display/SONAR/User+Guide

In next post I will add examples of the use of this tool in our projects ui5