All You Need to Know (AYNK)

Sonarqube Basics

Sonarqube Basics

Navneet Ranjan's photo
Navneet Ranjan
·

2 min read

About Sonarqube

SonarQube is the leading tool for continuously inspecting the Code Quality and Security of your codebases and guiding development teams during Code Reviews.

dev-cycle.png

Static Code Analysis

Static code analysis identifies defects, vulnerabilities, and compliance issues as you code.it finds issues that are often missed by other tools and methods such as compilers and manual code reviews. With Static code Analysis, you can fix coding issues earlier-lowering overall costs and enabling you to Perform a quality on time

Quality Gates

Quality Gate is provided by SonarSource, activated by default, and considered as built-in and read-only. This Quality Gate represents the best way to implement the Clean as You Code concept by focusing on new code.

Screenshot (865).png

How to Analyze Code Using SonarQube

Run StartSonar Command from the Cmd (You Will need JDK 11 
for Running Sonarqube Else it Will give an Error)

Screenshot (844).png

 Go to The Url http://localhost:9000 as it the default port for 
Sonarqube, You Will be Redirected to Sonarqube Home Page, 
log in using default id and Password

Screenshot (849).png

     Create a Demo Maven Project

Screenshot (882).png

Navigate to the folder Where your Maven Project Resides 
and run the Command:

mvn clean install sonar:sonar  -Dsonar.host.url=http://localhost:9000 -Dsonar.analysis.mode=publish

Screenshot (846).png

       Navigate to SonarQube and Check the Project

Screenshot (849).png


      Check the Project Bugs

Screenshot (850).png

      Check Code Smells

Screenshot (851).png

       Check the Code Coverage

Screenshot (852).png