Oct
4
2018

What is SonarQube?

SonarQube is an open source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages.

Step 1. Download and setup SonarQube

  1. Download SonarQube: https://www.sonarqube.org/downloads/
  2. Unzip downloaded file.
  3. Move downloaded file under /Applications/ folder. (I prefer it to keep it that way)
  4. Rename it to SonarQube and delete version suffix.

Step 2. Download and Setting up SonarScanner

  1. Download SonarScanner: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner and click on Mac OS X 64 bitto download Mac OS X specific SonarScanner
  2. Unzip downloaded file.
  3. Move downloaded file under /Applications/ folder. (I prefer it to keep it that way)
  4. Rename it to SonarScanner and delete version suffix.

Step 3. Updating .bash_profile with new path

  1. Start Terminal and run following command.
    – cd ~/
    – vi .bash_profile
  2. Above commands will open your bas_profile in vi editor.
  3. Use down-arrow key to jump to last line.
  4. Use left-right arrows to navigate to last character.
  5. Press i to enable insert mode.
  6. Copy & paste following lines.
    – export PATH=$PATH:/Applications/SonarScanner/bin
    – export PATH=$PATH:/Applications/SonarQube/bin
  7. Press esc key and : will appear at bottom-left corner in vi editor.
  8. Enter wq to save & quit.

Step 4: Setting up SonarSwift from Backlite

  1. Download : https://github.com/Backelite/sonar-swift/releases
  2. Download jar. In my case, I downloaded backelite-sonar-swift-plugin-0.3.6.jar
  3. Move this jar file under following folder.
    – /Applications/SonarQube/extensions/plugins/

Step 5: Starting up SonarQube

  1. Run following command to start SonarQube server.
    – sh /Applications/SonarQube/bin/macosx-universal-64/sonar.sh console
  2. You should see console as follows if everything goes well.Running SonarQube…   wrapper | –> Wrapper Started as Console
    wrapper | Launching a JVM…
    jvm 1 | Wrapper (Version 3.2.3)http://wrapper.tanukisoftware.org
    jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
    jvm 1 |           jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /Applications/SonarQube/temp jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key=’es’, ipcIndex=1, logFilenamePrefix=es]] from   [/Applications/SonarQube/elasticsearch]:    /Applications/SonarQube/elasticsearch/bin/elasticsearch -Epath.conf=/Applications/SonarQube/temp/conf/es jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and runningjvm 1 | 2017.11.02 16:23:18 INFO app[][o.e.p.PluginsService] no modules loadedjvm1|2017.11.0216:23:18INFOapp[[o.e.p.PluginsService]loadedplugin[org.elasticsearch.transport.Netty4Plugin]
  3. But once you see following message under console, you should start browser.
    jvm 1 | 2017.11.02 16:23:40 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up
    jvm 1 | 2017.11.02 16:23:40 INFO app[][o.s.a.SchedulerImpl] SonarQube is up

Step 6: Logging IN

  1. Go to browser. Open following URL.
        –http://localhost:9000/about
  2. Click on Log in.
  3. Use admin as username, admin as password.

Step 7: Setting up the Project

  1. Navigate to following URL.
        –http://localhost:9000/admin/projects_management
  2. Click on Create Project.
  3. Enter Project name.
  4. Enter project key.
  5. Click Create.

Step 8: Performing Analysis on your Project.

  1. Start Terminal
  2. Navigate to your project’s root directory where you’ve yourproject.xcodeProject file.
  3. For Example:
  4.    – cd ~/Projects/iOSApplications/myProject
  5. To Start analysis, run following command.
    – sonar-scanner -Dsonar.projectKey=MyProjectKey -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000

NOTE: Make sure you replace MyProjectKey with your project key.

  1. Analysis will begin with following console log.
         INFO: Scanner configuration file: /Applications/SonarScanner/conf/sonar-scanner.properties
         INFO: Project root configuration file: NONE
         INFO: SonarQube Scanner 3.0.3.778
         INFO: Java 1.8.0_121 Oracle Corporation (64-bit)
         INFO: Mac OS X 10.12.6 x86_64
         INFO: User cache: /Users/e070190/.sonar/cache
         INFO: Publish mode
         INFO: Load global settings
         INFO: Load global settings (done) | time=56ms
  2. And, analysis will end with following console log.
         INFO: Task total time: 21.407 s
         INFO: ————————————————————————
         INFO: EXECUTION SUCCESS
         INFO: ————————————————————————
         INFO: Total time: 22.791s
         INFO: Final Memory: 57M/1531M
         INFO: ————————————————————————

Step 9: Viewing the Reports.

  1. Navigate to following URL.
  2.     http://localhost:9000/dashboard?id=MyProjectKey

NOTE: Make sure you replace MyProjectKey with your project key.