Oct
4
2018

What is SonarQube?

SonarQube is an open source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages.

Step 1. Download and setup SonarQube

blog-img

  • Unzip downloaded file.
  • Move downloaded file under /Applications/ folder. (I prefer it to keep it that way)

blog-img

  • Rename it to SonarQube and delete version suffix.

blog-img

Step 2. Download and Setting up SonarScanner

blog-img

  • Unzip downloaded file.
  • Move downloaded file under /Applications/ folder. (I prefer it to keep it that way)

blog-img

  • Rename it to SonarScanner and delete version suffix.

blog-img

Step 3. Updating .bash_profile with new path

  • Start Terminal and run following command.
    - cd ~/
    - vi .bash_profile

blog-img

  • Above commands will open your bas_profile in vi editor.
  • Use down-arrow key to jump to last line.
  • Use left-right arrows to navigate to last character.
  • Press i to enable insert mode.

blog-img

blog-img

  • Copy & paste following lines.- export PATH=$PATH:/Applications/SonarScanner/bin
    - export PATH=$PATH:/Applications/SonarQube/bin

blog-img

  • Press esc key and : will appear at bottom-left corner in vi editor.
  • Enter wq to save & quit.

blog-img

Step 4: Setting up SonarSwift from Backlite

  • Download jar. In my case, I downloaded backelite-sonar-swift-plugin-0.3.6.jar

blog-img

  • Move this jar file under following folder.
    - /Applications/SonarQube/extensions/plugins/

blog-img
blog-img

Step 5: Starting up SonarQube

  • Run following command to start SonarQube server.
    - sh /Applications/SonarQube/bin/macosx-universal-64/sonar.sh console

blog-img

  • If your machine has didn’t install JAVA or JDK. So please first download and then install it.

blog-img
blog-img
blog-img
blog-img

  • You should see console as follows if everything goes well.]

    Running SonarQube...   wrapper | --> Wrapper Started as Console
    wrapper | Launching a JVM...
    jvm 1 | Wrapper (Version 3.2.3)http://wrapper.tanukisoftware.org
    jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
    jvm 1 |           jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /Applications/SonarQube/temp jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='es', ipcIndex=1, logFilenamePrefix=es]] from

    [/Applications/SonarQube/elasticsearch]:    /Applications/SonarQube/elasticsearch/bin/elasticsearch -
    Epath.conf=/Applications/SonarQube/temp/conf/es jvm 1 | 2017.11.02 16:23:18 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and runningjvm 1 | 2017.11.02 16:23:18 INFO app[][o.e.p.PluginsService] no modules loadedjvm1|2017.11.0216:23:18INFOapp[[o.e.p.PluginsService]loadedplugin[org.elasticsearch.transport.Netty4Plugin]

  • But once you see following message under console, you should start browser.
    jvm 1 | 2017.11.02 16:23:40 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up
    jvm 1 | 2017.11.02 16:23:40 INFO app[][o.s.a.SchedulerImpl] SonarQube is up

blog-img

Step 6: Logging IN

  • Click on Log in.
  • Use admin as username, admin as password.

blog-img

Step 7: Setting up the Project

  • Click on Create Project.

blog-img

  • Enter Project name.
  • Enter project key.
  • Click Create.

blog-img
blog-img

Step 8: Performing Analysis on your Project.

  • Start Terminal
  • Navigate to your project’s root directory where you’ve your project.xcodeProject file.
  • For Example:
  •    - cd ~/Projects/iOSApplications/myProject

blog-img

  • To Start analysis, run following command. - sonar-scanner -Dsonar.projectKey=MyProjectKey -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000

blog-img

NOTE: Make sure you replace MyProjectKey with your project key.

  • Analysis will begin with following console log.     INFO: Scanner configuration file: /Applications/SonarScanner/conf/sonar-scanner.properties     INFO: Project root configuration file: NONE     INFO: SonarQube Scanner 3.0.3.778     INFO: Java 1.8.0_121 Oracle Corporation (64-bit)     INFO: Mac OS X 10.12.6 x86_64     INFO: User cache: /Users/e070190/.sonar/cache     INFO: Publish mode     INFO: Load global settings     INFO: Load global settings (done) | time=56ms
  • And, analysis will end with following console log.
    INFO: Task total time: 21.407 s     INFO: ------------------------------------------------------------------------     INFO: EXECUTION SUCCESS     INFO: ------------------------------------------------------------------------     INFO: Total time: 22.791s     INFO: Final Memory: 57M/1531M     INFO: ------------------------------------------------------------------------

blog-img

Step 9: Viewing the Reports.

  • Navigate to following URL.

    http://localhost:9000/dashboard?id=MyProjectKey

NOTE: Make sure you replace MyProjectKey with your project key.


blog-last-img