Analyzing a Multi-Module Maven Project with SonarQube

SonarQube Setup

Start by downloading SonarQube from the official website.

Unzip and navigate to the bin directory, you should see multiple folders

  • linux-x86-32
  • linux-x86-64
  • macosx-universal-64
  • windows-x86-32
  • windows-x86-64

Navigate into the folder depending on your current operating system, i.e. linux-x86-64.

Execute the sonar.sh script. Sonar should now startup. After a few seconds, you can navigate to SonarQube within your Webbrowser:

http://localhost:9000

The default admin login is admin:admin.

Navigate to Administration > System > Update Center.

You may now uninstall plugins you do not require like C#.

If you are using Java, you should consider installing PMD, FindBugs and possibly CheckStyle by clicking the Available-Tab. You have to restart SonarQube to apply the changes.

By default, SonarQube launches with an In-Memory database. To have persistent analysis, you need to configure a database. Navigate into the conf directory and open up the sonar.properties file.  Edit the following properties:

sonar.jdbc.username=tickeos
sonar.jdbc.password=topsecret

# Postgres Example
sonar.jdbc.url=jdbc:postgresql://localhost/sonar

# MySQL Example
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance

The config contains multiple examples for JDBC configuration. Make sure the database exists.

After changing the configuration, restart SonarQube.

$SONAR_HOME/bin/linux-x86-64/sonar.sh restart

Setting up SonarQube Scanner

The easiest way to analyze your project is using the SonarQube Scanner.

Download the SonarQube Scanner (CLI), which provides a CLI to analyze projects of any language.

Unpack the SonarQube Scanner and navigate into the conf directory. Open up the sonar-scanner.properties.

sonar.host.url=http://127.0.0.1:9000

You are ready to analysize your Multi-Module Maven Project!

Analyzing the Multi-Module-Maven Project

Imagine we have a Multi-Module Maven Project with the following structure

  • Parent
    • Module1
    • Module2
    • Module3

There are multiple ways of configuring SonarQube for your project. You may define the project settings on the parent-level, or overwrite properties in each module. For the sake of simplicity, let us just define the settings in the parent module.

Create a sonar-project.properties file in the parent folder.

sonar.projectKey=projectKey
sonar.projectName=Project Name
sonar.projectVersion=1.0

sonar.modules=Module1,Module2,Module3

# Modules inherit properties set at parent level
sonar.sources=src
sonar.sourceEncoding=UTF-8
sonar.language=java

You have to define each module in sonar.modules property.

Navigate into the Parent folder and execute Maven and afterwards, execute the Scanner.

mvn clean install

# Linux
/path/to/sonar-scanner/bin/sonar-scanner -Dsonar.login=admin -Dsonar.password=admin

# Windows
C:/Apps/sonar-scanner-2.8/bin/sonar-scanner.bat -Dsonar.login=admin -Dsonar.password=admin

By the way, you can also pass the parameter for sonar.host.url in here, if you do not want to edit the sonar-scanner.properties.

When navigating the Projects Administration Page (Adminstration > Projects > Management) you should be able to see your Projects. Click on the project and you should see the results from the analysis.

Undertow, analyzed with SonarQube, Project overview
Image contains the overview of an analyzed project in SonarQube

Go to Issues to see the issues that were analyzed. You can also disable rules under Quality Profiles, if you find rules that do not apply to your project or you do not want to see.

This is it, enjoy static code analysis and improve your code :).

 

Comments

comments

Leave a Reply