Blog Infos
Author
Published
Topics
,
Published
Detailed tech guide for integrating SonarQube for automating code review & generating reports

Code reviews are often required whether be it a small or enterprise level project to identify bugs, security, performance and vulnerable issues at early stages which contributes to overall code quality.

What is Automated Code Review?
Content
1. Prerequisite
2. What is Docker?
Image:
Container:

TLDR; Image is recipe and Container is cake

3. Preparing SonarQube in Docker
Docker version 20.10.8, build 3967b7d
C:\Users\hemanshu.varma>docker pull sonarqube:9.1.0-community
9.1.0-community: Pulling from library/sonarqube 
a0d0a0d46f8b: Pull complete 
ebb745650a9d: Pull complete 
8ac639e3bf55: Pull complete 
Digest:sha256:628a2c7f2xxxxxc61ec5ddeb0a09c3555a701dxxxxxe796f6582dad8axxxxx90 
Status: Downloaded newer image for sonarqube:9.1.0-community docker.io/library/sonarqube:9.1.0-community
C:\Users\hemanshu.varma>docker images 
REPOSITORY    TAG               IMAGE ID      CREATED       SIZE 
sonarqube     9.1.0-community   9ff84ae48545  18 hours ago  560MB
docker run -d --name sonarqube -p  9000:9000 sonarqube:9.1.0-community

Full Output:

C:\Users\hemanshu.varma>docker run -d --name sonarqube -p 9000:9000 sonarqube:9.1.0-community c7d8009eexxxxx1d15d0f3e5976e7fxxxxx2075bab15b15ad380xxxxxab36b21

Job Offers

Job Offers

There are currently no vacancies.

OUR VIDEO RECOMMENDATION

No results found.

Jobs

C:\Users\hemanshu.varma>docker ps -a 
CONTAINER ID   IMAGE                        COMMAND              CREATED             STATUS           PORTS                      NAMES 
c7d8009ee4aa   sonarqube:9.1.0-community    "n/opt/sonarqube/bin/…" 38 minutes ago      Up 38 minutes    0.0.0.0:9000->9000/ tcp sonarqube
4. Configuring Sonar Dashboard

 

SonarQube login page

 

4.1 Creating Project:

 

Project setup on Sonar

 

4.2 Analyzing Repository:

SonarQube dashboard with on screen instructions for Android setup

           On-screen instructions for Gradle based Android Project

 

5. Integrating in Android Application
classpath ‘org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:3.3’
apply plugin: “org.sonarqube”
sonarqube {
    properties {
        property "sonar.projectName", "My Android App"
        property "sonar.projectKey", "@1ph@num3r1ck3y"
        property "sonar.sources", "src"
        property "sonar.sourceEncoding", "UTF-8"
        property "sonar.tests", ["src/test/java"]
        property "sonar.test.inclusions", "**/*Test*/**"
        property "sonar.exclusions", '**/.gradle/**,' +
                "**/androidTest/**," +
                "**/R.class," +
                "**/BuildConfig.*," +
                "**/Manifest*.*," +
                "**/android/databinding/*," +
                "**/androidx/databinding/*," +
                "**/*MapperImpl*.*," +
                "**/BuildConfig.*," +
                "**/Manifest*.*," +
                "**/google-services.json"
    }
}
gradlew sonarqube -Dsonar.projectKey=HV-Sonar-Demo-7hv3lxxxxx1auceom2j5d2p8 -Dsonar.host.url=http://localhost:9000 -Dsonar.login=2ed5425a24XXXXX8ff4fa219cc68XXXXX108688b

 

SonarQube dashboard after running script via Android Studio

SonarQube dashboard with Code Analysis report

6. Bonus 🚀
docker stop <CONTAINER_ID>
classpath 'com.android.tools.build:gradle:4.2.2'
in build.gradle(project level)
AND
distributionUrl=https\://services.gradle.org/distributions/gradle-6.7.1-all.zip
in gradle-wrapper.properties
Additional Ref: 📝

YOU MAY BE INTERESTED IN

YOU MAY BE INTERESTED IN

blog
In this article, we explore the step-by-step process of configuring our server, as well…
READ MORE
Menu