How To Start Sonarqube In Windows

In this weblog, nosotros will do the SonarQube Installation on Windows. Quick and like shooting fish in a barrel steps for download and SonarQube installation on Windows to automate lawmaking inspection

Read out my article What is sonarqube to gain basic knowledge of the tool.

Pre-requisite:

• Java one.viii or above  as per the version of the sonarqube (Make sure to install information technology on your arrangement)

Download Sonarqube

ane. Download SonarQube:  In this article, we will install 8.four.1 version of sonarqube

         * Download the latest stable version and extract the .zip on to the local organisation.

2. Extract the sonarqube binaries and navigate to the directly and run the below control

          D:\DevOps\sonarqube-half dozen.vii.3\bin\windows-x86-64
StartSonar.bat

3. If y'all get the java error and then make sure JAVA_HOME is gear up properly or manually update the wrapper.conf file which is present under conf folder of sonarqube installation directory to point to your coffee

wrapper.java.command=C:\Program Files\Java\jdk-14.0.2\bin\java

Running SonarQube on control prompt

4. In one case the SonarQube is up, go to the browser : http://localhost:9000 to access SonarQube dashboard.

5. Login with default credentials (admin both as userId and Password).

6. Get to Assistants -> Security ->Generate token (copy and save  the token for futurity use, e.k. while integrating with Jenkins).

Background

          How to evaluate Quality of code?        

It is quite facile to evaluate other products and professions, viz quality of a dairy product, corrective product or Doctors( via number of successful operations) etc. In the process of evaluating quality , there exists certain enumerated standards, depending on which ane tin can decide the course of that product/service. More than the checked list of standards followed is direct proportional to the increasing quality of the product/service.

Example : Quality characteristics/attributes for a sunscreen production

• Amount of coverage (e.1000. spf 30, spf forty etc)
• Peel Biocompatibilty
• Sensitive skin suitability
• Physical barrier
• Chemical bulwark
• Suitability to various skin types (oily, dry out & combination pare etc)

          "More your product sticks to the standards, more is its quality and acceptability by the customers."        

At present, assume the visitor has created a product which satisfies merely 4 characteristics and it reaches the market. May be subsequently purchasing, it is possible that customers might non be satisfied with the quality or attributes that it offers. And because of the negative feedback, the company binds to invest again on research to conform to the all-time standards available.

Let's switch the sunscreen for a software product, company with the developers and customers with the clients/end users. Perception of both  developers and end users related to product quality is different.

What can be software characteristics/attributes –

1. Specific convention to be followed while coding.
2. No duplicates code.
3. Less complicated code logic.
4. Established best practices to be followed.
5. Avoid bad practices.
6. Lawmaking with good documentation & comments.
7. Unit tests associated with code.
8. Good design and architectural principles followed by lawmaking.

One time the characteristics are pen down, now the major question is how to impose information technology to automation ???

          Here enters "SonarQube" for static code analysis.        

SonarQube for automated analysis

What is SonarQube?

Equally defined by Wiki, SonarQube is an open source platform developed by SonarSource for continuous inspection of code quality. Information technology is written in JAVA and supports 20+ programming languages.

SonarQube Home Folio

Features:

1. Not just tells what is wrong, likewise aids you lot to rectify via Quality Management tool.
2. Covers a greater stretch every bit far as definition of Quality is concerned (every bit proudly flaunt past its developers – Seven Axes of Quality), as compared to its competitors, whom major accent is on bugs & complexity.
3. Its focus is not only just constraint to potential bugs or code conventions, but too extends to bridge coding standards, duplications, exam coverage, unit of measurement testing, code complication, API documentation, architecture, comments, bugs forth with providing details in a dashboard is cherry on the top.
4. It provides metrics, tracking of which tin can help you to take right decision.
5. Information technology provides various features to support Continuous Inspection exercise, viz. Quality Gates, Focus on leak, highlighting hotspots, branch analysis, analyze pull requests, visualizing the history of project.

Why SonarQube?

Even if your visitor has considerable number of developers, who can persistently peer review each other'southward code, the upshot would be still susceptible to errors and false positive outcomes. Thus doing static code assay manually is extremely time consuming when dealing with enormous amount of lawmaking.

Thankfully automated analysis is bachelor to save the state of affairs. It is comparatively faster & facile method to consistently bank check the code for errors. It blends a large, predefined set of common & less-common errors with intelligent algorithms and techniques, in lodge to systematically and cost-effectively runway downwardly bugs, potential errors or poor coding practices in a  matter of seconds, while it would take a human hours or days.

SonarQube -->  Collects & clarify source code --> measure quality ---> provide reports for your projection.

Conclusion:

Everything that affects our code base, from small-scale styling details to critical design errors, is inspected and evaluated by SonarQube, thereby enabling developers to access and track code assay data ranging from styling errors, potential bugs, and code defects to design inefficiencies, lawmaking duplication, lack of examination coverage, and backlog complexity. The Sonar platform analyzes source lawmaking from different aspects and hence information technology drills downwardly to your code layer by layer, moving from the module level downward to the form level. At each level, SonarQube produces metric values and statistics, revealing problematic areas in the source that require inspection or improvement.

Congratulations!! You lot have successfully completed  SonarQube installation on your system and you are ready to integrate it with CI server to analyse your code.

References:

• https://www.sonarqube.org/features/make clean-code/

Source: https://devops4solutions.com/sonarqube-installation-windows/

Posted by: dawsonwounce.blogspot.com

Share this post