Use maven commands to evaluate the project's source code | CodeUsingJava








In this session we will look at how to use maven commands to evaluate the project's source code.



We are going to use maven to test the source code as the scanner.

To proceed further first, the appropriate software must be installed
1.We must first download the sonarqube. I am using SonarQube 7.6. You can download latest version of sonar qube also but it requires java 11 installed in your machine. 2. Download latest maven from link "https://maven.apache.org/download.cgi"

sonar4_1

Before downloading check if you have the system requirements specified by maven

sonar4_2

Here I am downloading "apache-maven-3.6.2-bin.zip"

sonar4_3

You must first download these two software programs and then continue with this tutorial In my local machine I have already downloaded and extracted these two software's

sonar4_4

After downloading What we need to do is set up the maven configuration What it means is to assign the environment variable to the bin folder when you install the maven software. How you can do is copy path upto bin folder "E:\Tutorials\softwares\apache-maven-3.6.2\bin" Go to my computer, right click on it select properties,

sonar4_5

Go to the Advanced system settings and click on environment variables

sonar4_6

Then in environment variables window go to system settings In system settings go to path

sonar4_7

Click on edit, then in variable value go to end put ";" semi-colen paste the path till bin folder of the maven software. click on ok

sonar4_8

Now you can go to any directory, open command prompt and see which maven edition you've installed So the command to check the version "mvn -version"

sonar4_9

It is going to display the version of maven and also the java version. We have installed and configured the maven in our system. Now we will have a look at how to integrate sonarqube with maven To integrate sonarqube with maven what you need to do is go to maven conf folder

sonar4_10

In conf folder open settings.xml file in editor

sonar4_11

In settings.xml you need to enter the two configurations 1. Plugins group In plugin group you need to enter following code


	<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>


sonar4_12

It is going to download the sonar scanner plugin for maven. It will take care for running your project. 2.Second thing is you need to enter following code in profile tag in same file i.e setting.xml


		<profile>
            <id>sonar</id>
            <activation>
                <activeByDefault>true</activeByDefault>
            </activation>
            <properties>
                <!-- Optional URL to server. Default value is http://localhost:9000 -->
                <sonar.host.url>
                  http://localhost:9000
                </sonar.host.url>
            </properties>
        </profile>
</code></pre>
In profile id is going to be sonar active will be true and properties will include sonar host url:http://localhost:9000

sonar4_13

In this url you can access the report after running the sonar scanner. After confugration of sonar scanner to maven next step is to create a maven project to analyze the source code. To create a maven project open eclipse Go to File > New > Other as show below

sonar4_14

Type "maven" in search

sonar4_15

Here we will create quickstart project.

sonar4_16

Enter artifact id and group id and click finish

sonar4_17

Here in this quickstart project you will see by default we have one App class and at the same time you can see in the src/test one class AppTest with one test case

sonar4_18

Now we will amalyze the source code of our maven project i.e MavenSonar using sonar scanner as a maven For that you need to run the sonarqube which we have downloaded. Go to your folder where you have downloaded sonarqube. I have downloaded sonarqube 7.6

sonar4_19

Go to bin folder and select the folder according to you Operating System

sonar4_20

Here you will see StartSonar.bat file. Open command prompt and type the command "StartSonar.bat" Once sonarqube is started it will show

sonar4_22

Now the sonarqube is up You need to go to our maven project location where we will find our pom.xml file Right click on your maven project go to prperties copy the path

sonar4_22

Open the command prompt window in that location where you have your pom.xml file

sonar4_23

Now we will clean the project first. For that enter following command mvn clean

sonar4_24

Then enter command mvn install. This download the required jars which are there in pom.xml file

sonar4_25

Now last step is we need to run our sonar scanner. In order to run sonar scanner, sonarqube server should be up which we had done previously StartSonar.bat To start sonar scanner enter command mvn sonar:sonar

sonar4_26

This run the scanner on our project and analyze our source code. It will send the report to sonarqube server. We can access the report by opening our browser and enter "http://localhost:9000"

sonar4_27

Here you could see our project MavenSonar. When you click on issues tab it will show one issues

sonar4_28

It is bad practice to use system.out.println and replace it with logger. You can solve these errors and again analyze the source code. Hope you have understood the configuration and analysis of maven sonar project.