In this session we will look at how to use maven commands to evaluate the project's source code.
We are going to use maven to test the source code as the scanner.
To proceed further first, the appropriate software must be installed
1.We must first download the sonarqube. I am using SonarQube 7.6. You can download latest version of sonar qube also but it requires java 11 installed in your machine. 2. Download latest maven from link "https://maven.apache.org/download.cgi"
Before downloading check if you have the system requirements specified by maven
Here I am downloading "apache-maven-3.6.2-bin.zip"
You must first download these two software programs and then continue with this tutorial In my local machine I have already downloaded and extracted these two software's
After downloading What we need to do is set up the maven configuration What it means is to assign the environment variable to the bin folder when you install the maven software. How you can do is copy path upto bin folder "E:\Tutorials\softwares\apache-maven-3.6.2\bin" Go to my computer, right click on it select properties,
Go to the Advanced system settings and click on environment variables
Then in environment variables window go to system settings In system settings go to path
Click on edit, then in variable value go to end put ";" semi-colen paste the path till bin folder of the maven software. click on ok
Now you can go to any directory, open command prompt and see which maven edition you've installed So the command to check the version "mvn -version"
It is going to display the version of maven and also the java version. We have installed and configured the maven in our system. Now we will have a look at how to integrate sonarqube with maven To integrate sonarqube with maven what you need to do is go to maven conf folder
In conf folder open settings.xml file in editor
In settings.xml you need to enter the two configurations 1. Plugins group In plugin group you need to enter following code
<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
It is going to download the sonar scanner plugin for maven. It will take care for running your project. 2.Second thing is you need to enter following code in profile tag in same file i.e setting.xml
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<!-- Optional URL to server. Default value is http://localhost:9000 -->
<sonar.host.url>
http://localhost:9000
</sonar.host.url>
</properties>
</profile>
</code></pre>
In profile id is going to be sonar active will be true and properties will include sonar host url:http://localhost:9000
In this url you can access the report after running the sonar scanner. After confugration of sonar scanner to maven next step is to create a maven project to analyze the source code. To create a maven project open eclipse Go to File > New > Other as show below
Type "maven" in search
Here we will create quickstart project.
Enter artifact id and group id and click finish
Here in this quickstart project you will see by default we have one App class and at the same time you can see in the src/test one class AppTest with one test case
Now we will amalyze the source code of our maven project i.e MavenSonar using sonar scanner as a maven For that you need to run the sonarqube which we have downloaded. Go to your folder where you have downloaded sonarqube. I have downloaded sonarqube 7.6
Go to bin folder and select the folder according to you Operating System
Here you will see StartSonar.bat file. Open command prompt and type the command "StartSonar.bat" Once sonarqube is started it will show
Now the sonarqube is up You need to go to our maven project location where we will find our pom.xml file Right click on your maven project go to prperties copy the path
Open the command prompt window in that location where you have your pom.xml file
Now we will clean the project first. For that enter following command mvn clean
Then enter command mvn install. This download the required jars which are there in pom.xml file
Now last step is we need to run our sonar scanner. In order to run sonar scanner, sonarqube server should be up which we had done previously StartSonar.bat To start sonar scanner enter command mvn sonar:sonar
This run the scanner on our project and analyze our source code. It will send the report to sonarqube server. We can access the report by opening our browser and enter "http://localhost:9000"
Here you could see our project MavenSonar. When you click on issues tab it will show one issues
It is bad practice to use system.out.println and replace it with logger. You can solve these errors and again analyze the source code. Hope you have understood the configuration and analysis of maven sonar project.