SonarQube is undoubtedly one of the top tools for code quality. By default, it has a whole lot of rules that catch common bugs and code smells. It even reports code coverage! In this post, we’ll look at quickly setting up a local instance that devs can use to improve their code quality and we’ll also look at using the AEM-Rules-for-SonarQube.
Prerequisites
You’ll need docker: [mac] [windows]. But fear not, as docker knowledge is not necessary, and I will cover some commands you can use. Follow the instructions and make sure docker works from your terminal.
The sonarqube-aem image
I’ve built a docker image which is identical to the official SonarQube Docker image but with a couple extra additions:
To get started with the image, you can get it from Docker Hub or build from source:
Clone the sonarqube-aem git repo and run the shell file ./build-and-run-container.sh this will build the docker image and create a container that will be accessible on port 9000. It will also add the AEM-Rules-for-SonarQube and add Custom Quality Gates as documented in the repo. That’s it! Now you have a running sonar instance that you can do with whatever you want!
If you are on windows, run the two commands in the
./build-and-run-container.shfrom CMD.
Adding You’r Own Custom Quality Checks
Looking at the git repo, you’ll see the quality-gates.sh which adds the custom quality gate. Let’s look at one of the conditions I added:
info "Creating Condition: Code Smells - A required" create_condition \ -d metric=code_smells \ -d gateId=$gate_id \ -d error=1 \ -d op=GT
This uses the Create Condition API to add a new condition. As you can see, we are setting this condition to error if the code_smells metric has more than 1 code smell. See the list of Metrics you can use in the Sonar Docs and add your own metrics in the same fashion, then run the ./build-and-run-container.sh script to build the image and create a new container. Make sure to use the kill command below to kill any other instances you have running to free port 9000 or adjust the script to run the container on a different port.
Useful Docker Commands
docker container ps will show you the currently running container/s.
Here is a sample output:
admed.musallam$ docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0609eddf64d4 sonarqube-aem "/bin/sh -c './bin/q…" 13 minutes ago Up 13 minutes 0.0.0.0:9000->9000/tcp serene_feistel
docker container kill <conatiner name> will kill the container by name. if you want to kill above container: docker container kill serene_feistel
docker container restart <conatiner name> will restart the container by name. if you want to kill above container: docker container kill serene_feistel
Configuring with Maven
to your pom.xm add the following property and plugin:
<properties>
...
<sonar.host.url>http://localhost:9000</sonar.host.url>
...
</properties>
<build>
<plugins>
...
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.6.0.1398</version>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>sonar</goal>
</goals>
</execution>
</executions>
</plugin>
...
</plugins>
</build>
Running the Sonar Analysis
If you’ve added the plugin above, running mvn clean install will run the analysis and display the results in your sonar instance at localhost:9000. If you don’t want to add the plugin, you can run mvn sonar:sonar and that will do the same thing.
And there you have it! A simple sonar instance your devs can use with ease!
Hi Ahmed,
Thanks for this article. Could you please elaborate or share steps on how to install docker? I am unable to run the build-and-run-container as well and executing docker cmd gives docker is not recognized. Thanks in advance.
Vaishali.