Tuesday, April 28, 2015

Analyzing the application code by using the sonarqube ANT/MAVEN

SonarQube™ software (previously known as “Sonar”) is an open source project hosted at Codehaus. By using this we can analyze the source code, its very easy to configure and use.

1. Download and unzip the SonarQube distribution ("C:\sonarqube" or "/etc/sonarqube")

2. Start the SonarQube server: under bin folder run the executable file according to respective OS.


3.Browse the results at http://localhost:9000

we will use Embedded database for learning.

under sonarqube/conf/sonar.properties will have the db base configuration, default it uses embeded db H2 which is in build in java.

Application level ANT configuration :

Download the sonar-ant-task jar file download

copy the jar file to /lib folder

add following to existing build.xml file of the application.

<taskdef uri="antlib:org.sonar.ant" resource="org/sonar/ant/antlib.xml">
    <classpath path="path/to/sonar-ant-task-*.jar" />

if you don't want to modify the existing build.xml file then use below xml file and run "ant -f analyze-code.xml"

after the successful execution it will provide the url to access the result.

for maven application it simple run the following command

mvn clean install sonar:sonar

sample result page :