SonarQube

 admin
Ramadevi@09
9000

SonarQube is a Continuous Code Quality Management Tool.
It is going to check your quality of your source code.

Code Coverage:

  • How much of Source Code is tested by unit test cases.
  • According to the industry standard 80% of code has to be tested by unit test cases.

    • Hello.java-----------------------Source code
    • 100 lines 
      • HelloTest.java --------Junit Test Case

Code Review:

  • Going through source code validating whether code is written as per the standards (or) not.
  • Before deply to the production we need to do that Code Review.
  • Code Review by Sr.Developer.
    • Sr.TechLead
    • Technical Leads

Intorduction

  • SonarQube (Previously called Sonar) is an Open Source Software quaility management tool. 
  • It will Continuously analyze and measures quality of the Source code.
  • It will generate the report any issues in html format / PDF format.
  • It is a web based tool support multiple language (Java, C# , JS...,)
  • It will support a multiple platform (Linux, Mac, Windows...,)
  • It will support a multiple database (MYSQL, Postgre SQL, Oracle,  MS SQL Server)
  • Support muntiple browser ( IE , Microsoft Edge , FF , Chrome ,  Safari)
  • It will identify the below catagory of issues.
    • Duplicated Code
    • Coding Standards,
    • Unit Test,
    • Complex code,
    • Comments,
    • Potential Bugs,
    • Architecture & Design.

Types of Data Bases

    Relatinal DBs

  • MYSQL
  • Postgre SQL
  • Oracle
  • MS SQL Server
  • DB2 -----------------------> IBM product (SonarQube not support to DB2)

    Non-Relatinal DBs  (Non SQL DBs ) 

  • Mongo DB
  • Cloudant
    • Non Relational Dbs store the data in document format.
    • It is like un structured data
    • JSON format.
      • These databases are very usefull for small amout of data.
      • Fot fetching only.
      • Performance very good compare to Relationla DBs.

Youtube Videos

Architecture

  • The SonarQube platform is made of 4 Components.
    • Compute Engine   (Compute Engine is going to classific into your report what ever getting from SonarQube Scanner.)
      • Valunarabilities.
      • Bugs
      • Code Smells
    • H2 Database (Store the reports (html format / PDF format).
    • Web Server  (Get the report from H2 Database and it will display in dashboard.)
    • Search Engine
      • It will diplay the Search results.
      • It is not going to run in as a normal user (Thats why we create a sonar user).

Installation

7.6 ------------> Java 1.8
7.9 ------------> Java 11

sudo yum install java-17-openjdk

  • SonarQube Server is not going to run root user.
  • Search Engine is not going to run in as a normal user (Thats why we create a sonar user).
Add User:
  • useradd <Username>
  • Visudo
  • Change the ownershitp permisson to the sonarqube
  • Chown -R Sonar:sonar /opt/Sonarqube
  • Chmod -R 755 /opt/Sonarqube
  • su - sonar
Conf:
         Sonar.properties
Bin:
       Linux
                sh Sonar.sh Start     --------------As a normal user (Not root user)
                Sonar.sh Status
                Sonar.sh Stop
       Windows
       Mac

By mistake we swited into sudo user and start SonarQube Server, and what happend ?

Route cause

  • Check the log files
    • logs
      • sonar.log ( cat sonar.log )
    • delete temp files  (rm -rf )
    • ps -ef | grep sonarqube
    • netstat -tunlap

How to execute SonarQube report?

Goto Pom.xml

<Properties>
 <Sonar.host.url>
 <Sonar.login>
 <Sonar.password>
<Properties>      

What is the command to execute the sonarqube report?

    plugin name
|
|
mvn sonar:sonar
                                     |
                                     |
                                     goal name

mvn sonar:sonar
mvn package sonar:sonar
mvn clean package sonar:sonar

How to generate the token?

  • My Account
    • Securit
      • Generate Tokens  (Copy token)
      • <sonar.login> Sonar_Qube_Token</sonar.login>
      • .
      • <sonar.login>..........................</sonar.login>
      • <sonar.Password> .................</sonar.Password>

In which Envrement we generate the SonarQuber Report?

  • Only one time we are generate the SonarQube report.
  • Either before deploy the Dev Env (or) after deploy the Dev Env.

Quality Profile

Quality profiles are collection of rules to apply when you execute the report.
Default Quality Profile  = Sonar Way
  • Quality Profile
    • Create
      • Name
      • Language
      • Parent
        • Activate More
  • How to apply Quality profile to project?
  • Go to 
  • Projects
    • Administration
      • Quality Profile
      • select language (Java Language)
      • apply Quality profile.

Quality Gates

Collection of condections it is going to apply mark as a passed or fail.
Default Quality Gate = Sonar Way

  • Create
    • Name
      • Add Conduction
      • Metric
  • How to apply Quality Gate to project?
  • Go to 
  • Project
    • Adinistration
      • Quality Gate
      • Select which Quality gate you want it.

Administration: 

Create a user:
  • Administration
    • Security
      • users
By default in sonarqube server have 2 groups

1. Sonar-Administrators
2. Sonar-users

sonarcloud.io --------------------Cloud version

SoanrQube is scan your source code.
Not your artifacts, before creating a packages it will scan the source code.





















Comments

Post a Comment

Popular posts from this blog

AWS

Image
Challenges of on-premises Data Centers: Scaling of infrastructure Time consuming Expensive Wasting resources Cloud Service: Any Service which is made available to the user via Internet based on the demand. From a Cloud Computing provider’s Servers. EC2 Instance. Cloud Computing: Cloud Computing is the delivery of computing Services-Servers, Storage Database Networking Software Analytics and more over the internet. Cloud Service Models: IaaS  (Host) -----------------------> Ec2 Paas  (Build) --------------------->  EKS , RDS SaaS  (Consume) --------------->   Cloud Watch Advantages of AWS: Cost-Effectiveness ------------ Pay as you Go Elasticity & Agility Flexibility  & Openness Security Reliable & High Performance AWS Global Infrastructure: Regions -----------------22 Availability Zones ----55 How to choose the right Region in AWS?                  (Interview Question) User/Customer Loca...
Read more

Linux

Image
Linux is started around 1991 by Linus Torvalds. Open Source Linux is a multi-user & multi-tasking OS. Linux is "Case-sensitive". Linux distributions : Redhat Centos Ubuntu SusLinuxux Mandriva Ferodo Debian Gentoo Slackware       Linux File Structure: home:     Users' information    Reddy    Rama    Lakshmi    Krishna bin:      Contains of binary files (ls,mkdir,cd....etc) sbin:       System-bin (Contains of binary files)    bin:        Normal Users can access sbin, bin:   Root user can access Types of users: Admin User-----------Super User--Root User Normal User System User---------[ After installing the packages System user will create them automatically ] etc:                   All configuration files ---------------------------------[  password,shadow,group & sshd_Config...
Read more

kubernetes

Image
  Class 001 What is Kubernetes? K ubernetes is an Orchestration engine and open-Source Platform for managing containerized applications . Responsibilities includes Container Deployment, S caling & descaling of container & C ontainer load balancing . K ubernetes is not a replacement for Docker. Kubernetes can be considered as a replacement for docker swam . Kubernetes is significantly more complex than Swarm. Born in Google , written in Go/Golan. Donate to CNCF (Cloud Native Computing Foundation) in 2014. Kubernetes V1.0 was released on JULY 21, 2015. Current stable release v1.27 Kubernetes Features: Automated Scheduling. Self-Healing Capabilities. Automated rollout & rollback -------------------------- (Releasing a new version/Previous version). Horizontal Scaling & Load balancing. Autoscaling of PODS (Containers) Manual Service Discovered & Load balancing. (DNS) Storage Orchestration. Kubernetes Architecture: Kubernetes implements a cluster computing backgr...
Read more