Introduction:
SonarQube is an open-source tool that helps developers and teams improve the quality of their code:
- Code quality analysis: Analyzes code quality for over 30 languages, frameworks, and IaC platforms
- Automatic reviews: Performs automatic reviews with static analysis of code to detect bugs and code smells
- Integration with DevOps platforms: Integrates with GitHub, GitLab, Azure, and Bitbucket
- Real-time feedback: Provides immediate feedback in your IDE as you write code
- Quality gates: Keeps code with issues from being released to production
Steps to implement:
I followed this medium article https://medium.com/@niranjanky14/sonarqube-tutorial-for-getting-started-in-android-app-7d11e2ef6932 while trying to implement SonarQube.
Step 1: Download SonarQube Free Edition from below link
Step 2: Download and install Docker from below link
Step 3: Open terminal and run the following command
docker pull sonarqube:latest
If you get an error — Docker command not found, then export its path
export PATH="$PATH:/Applications/Docker.app/Contents/Resources/bin/"
Keep Docker Application open in your system while typing the command docker pull sonarqube:latest, otherwise you may get the following error
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
If Step 3 is successful, you will see the following
latest: Pulling from library/sonarqube a186900671ab: Download complete 4821edbf1831: Download complete 4bec9b5f92ec: Download complete b0c3c08b4553: Download complete 4f4fb700ef54: Download complete 666db0722bb8: Download complete 26811a6e12de: Download complete 6c88cd8dd883: Download complete Digest: sha256:0842dcd4c8f851ce44f8edaf45ac93f7c9079017d60d99f614663e60cef5efe9 Status: Downloaded newer image for sonarqube:latest docker.io/library/sonarqube:latest
Step 4: After step 3, enter the following command to pull all the necessary postgres library
docker run -d --name sonarqube-db -e POSTGRES_USER=sonar -e POSTGRES_PASSWORD=sonar -e POSTGRES_DB=sonarqube postgres:alpine
If Step 4 is successful, you will see the following results
Unable to find image 'postgres:alpine' locally alpine: Pulling from library/postgres 440196fcba86: Download complete c97ff27562e7: Download complete 2f5a5dbb159e: Download complete e64e42d2e378: Download complete 0a8fa91fd8dd: Download complete 368fad94fbf5: Download complete cf04c63912e1: Download complete 044d9972b6f9: Download complete 1c4b963fa70b: Download complete fc336a10ac24: Download complete Digest: sha256:14195b0729fce792f47ae3c3704d6fd04305826d57af3b01d5b4d004667df174 Status: Downloaded newer image for postgres:alpine 44c04103a85884090a9cbe479c4dd3c2fa73f4d61c56c35cfaed5c474db52528
Step 5: Setup the SonarQube container with a link to PostgresSQL using the following command
docker run -d --name sonarqube -p 9000:9000 --link sonarqube-db:db -e SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonarqube -e SONAR_JDBC_USERNAME=sonar -e SONAR_JDBC_PASSWORD=sonar sonarqube
On successful completion of Step 5, you will see a hash value. For me it was
b473d891d6f9e842fe2e7ba72b2b0493640ca44552250e6770d6d9468ad1c956
Once SonarQube is up and running, you can access the web interface by opening http://localhost:9000
(or the appropriate IP address if running on a remote server) in your web browser.
The default login credentials for the first-time login are admin
for both username and password. You’ll be prompted to change the password after the initial login.
Job Offers
Next, we can see how to configure SonarQube in Android Studio
Configuration:
Step 1: In app’s build.gradle, if we add SonarQube Plugin and other details like this
allprojects { apply plugin: 'org.sonarqube' sonar { properties { property "sonar.host.url", "http://localhost:9000" property "sonar.test.inclusions", "src/test/**" property 'sonar.profile', 'Android Lint' property "sonar.sourceEncoding", "UTF-8" property "sonar.projectName", "SonarTestApp" property "sonar.projectKey", "SonarTestKey" property "sonar.projectVersion", 1.0.0 property "sonar.login", "sqp_123123kj123k123j123kj123j1k23k123jk132j" } } }
we may get the following error Plugin with id ‘org.sonarqube’ not found
So, we can try this instead (applying plugin outside allprojects and mentioning other details inside allprojects)
plugins { id "org.sonarqube" version "4.0.0.2929" }
allprojects { sonar { properties { property "sonar.host.url", "http://localhost:9000" property "sonar.test.inclusions", "src/test/**" property 'sonar.profile', 'Android Lint' property "sonar.sourceEncoding", "UTF-8" property "sonar.projectName", "SonarTestApp" property "sonar.projectKey", "SonarTestKey" property "sonar.projectVersion", 1.0.0 property "sonar.login", "sqp_123123kj123k123j123kj123j1k23k123jk132j" } } }
In the above code, property “sonar.projectVersion” should match your project’s versionName.
Step 2: In gradle.properties
systemProp.sonar.host.url=http://localhost:9000 # (Optional, if not using credentials in build.gradle) systemProp.sonar.login=your_sonar_username systemProp.sonar.password=your_sonar_password
Step 3: Finally run your sonar analysis for your project using this command in Android Studio Terminal:
./gradlew sonarqube
You may get the following error if JDK is not installed.
The operation couldn’t be completed. Unable to locate a Java Runtime.
I downloaded suitable JDK Version 17 as my Android Gradle plugin requires Java 17 to run. After installing JDK and typing the same command ./gradlew sonarqube again
Build was getting failed due to an error.
Execution failed for task ‘:app:sonarqube’. > Cannot get property ‘0.0’ on null object
Solution? From Step 2, we should replace property “sonar.projectVersion”, 1.0.0 to “sonar.projectVersion”, 1.0 (as my project’s versionName is 1.0) like this
allprojects { sonar { properties { property "sonar.host.url", "http://localhost:9000" property "sonar.test.inclusions", "src/test/**" property 'sonar.profile', 'Android Lint' property "sonar.sourceEncoding", "UTF-8" property "sonar.projectName", "SonarTestApp" property "sonar.projectKey", "SonarTestKey" property "sonar.projectVersion", 1.0 property "sonar.login", "sqp_123123kj123k123j123kj123j1k23k123jk132j" } } }
After all steps are successful, we will get BUILD SUCCESSFUL message in terminal
View SonarQube Reports:
- Open your SonarQube server URL (usually
http://localhost:9000
) in a web browser. - Log in with your SonarQube credentials.
- You should see your project listed and its code quality metrics.
Screenshots for my sample project has been attached for reference
Thanks for reading this article. If you like this post, Please give a clap (👏).
Also, if you like to support me through
https://buymeacoffee.com/dilipchandar, please do.
Let’s connect on LinkedIn https://www.linkedin.com/in/dilip-chandar-97570158?
This article is previously published on proandroiddev.com.