Skip to main content

Sonarqube Installation Process And Viewing Quality Report For .Net Projects

Sonar is an open source platform, which is used by development teams to maintain the code quality. It has been developed with a main objective in mind to make the code quality management accessible to everyone with minimal effort. It provides code analyzers, reporting tools, detects hunting modules etc.
SonarQube is an open platform to manage the code quality. It covers 7 axes of code quality.

Prerequisites and assumptions
  • Assume that you have a .NET source code that compiles with no errors and generates .pdb files.
  • Install .NET reference assemblies.
  • Install Java JDK here.
Once JVM is installed in your system, you can run SonarQube with the steps given below.
Step 1
Download SonarQube setup online for the testing purpose.
Step 2
Let's say you have downloaded setup files and placed them in your D\, as shown below.

Open a command Window and run D\Santosh\Practices\2016\SonarQube\sonarqube-5.1\bin\windows-x86-64\StartSonar.bat (or -x86-32 for 32-bit machines).
Once, you run “StartSonar.bat” batch file, the command prompt will give you the screen, as shown below.

Step 3
After Step 2 completes, if you try to access SonarQube Server at http//localhost9000, then it should be able to access it. The default username/password is admin/admin. If you observe the Server port number, which is "9000" and you want to change it to another port number, then you can change it to another port number as well. Please refer to the screenshot given below, where you can change the port number.

In the same way, if you want to change the default user credentials, then you can do it from the screenshot given above.
Step 4
Open a new Windows Command prompt and navigate to the "D\Santosh\Practices\2016\SonarQube\sonar-runner-dist-2.4\sonar-runner-2.4\bin" folder and run "sonar-runner –h". This will show you the usage statement; if things are working fine.
Step 5
Change the conf/sonar-runner.properties file. This has configuration items, which are used by the runner and a few of which can be overridden in the project's config file. Up to a minimum extent, you need to set the sonar.host.url to point to where you have your Sonar Server running and the database configured. For reference, refer  to the screenshot given below.


  1. sonar.projectKey=OWASP  
  2. sonar.projectVersion=1.0  
  3. sonar.projectName=OWASP  
  4.  
  5. # Info required for Sonar   
  6. sonar.sources=.  
  7. sonar.language=cs   
  8.  
  9. #Core C# Settings  
  10. sonar.dotnet.visualstudio.solution.file=OWASP.sln  
  11. #sonar.silverlight.4.mscorlib.location=C:/Program Files (x86)/Reference Assemblies/Microsoft/Framework/Silverlight/v4.0  
  12. sonar.dotnet.excludeGeneratedCode=true  
  13. sonar.dotnet.4.0.sdk.directory=C:\Windows\Microsoft.NET\Framework64\v4.0.30319  
  14. sonar.dotnet.version=4.0   
  15. # To prevent any issues while analyzing multiple solutions containing projects with similar keys  
  16. # Will be set by default to safe starting at version 2.2: http://jira.codehaus.org/browse/SONARDOTNT-339  
  17. sonar.dotnet.key.generation.strategy=safe  

Step 6
Copy C plugin (\Sonar\sonar-csharp-plugin-4.1.jar) files into the /extensions/plugins location of your SonarQube Server installation folder. For reference, find the screenshot given below.

Step 7
Each Solution should have its own sonar-project.properties file. Please find the screenshot given below for reference.

Step 8
In sonar-project.properties file, you can find the project identification section, where you should configure the project key, which is used by the SonarQube Server to group analysis report with time and at the same time, it provides your project name in the UI etc. This should be unique across all the projects. The project version can be used to track different branches.

Now, describe the source code layout. The sources field points to the top-level folder, where  the source code exists. If your .sln and .csproj files have a relative file location internally, then this should be the top-level folder location. Let's assume you do not have any strange layouts.This will likely be the same folder as your .sln file (where your .properties file exists), so it can just be "." If your language used is C, then you can set sonar.language = cs. See the image given below for easy understanding.

Step 9
In sonar-project.properties file, you can find C specific settings, where you should configure the information like where the .sln file exists and which version of .NET; you are using and where the key libraries are located. The screenshot is given below for the reference.

Step 10
Run the highlighted batch file given below, using Windows command prompt from its physical location.

You will see the SonarQube runner start up by listing some details like the working folder etc. If there are any errors, then you will receive an exception. Sometimes the received exception details are enough to troubleshoot the issue and sometimes the exception details are not enough to resolve the issue. In such scenarios, you need to run with the -X command line argument to get more details when the error occurs.
For instance, you have received a source file parsing fail error. You can see this in 2 ways, which are given below.
  1. Maybe the files do not end up in the SonarQube Web UI.
  2. Something like the below error shows in the runner log

You can resolve such issues by setting the encoding in your sonar-runner.properties file or in sonar-project.properties file.

Step 11
View SonarQube Report
Once you run successfully, then you can see the results in SonarQube Server page with port number 9000 (http//localhost9000/). Here, the port number is 9000, which is a default port number. If you want to change the port number, as per your need, then you can change it in the sonar.properties file.
In the SonarQube Server home page, you can see the configured Application with the provided Application's solution name. The home page of the Application will show you the project's quality control with a few configurable metrics.

To get the complete report, you can click on the project and get its dashboard.

If you observe the screenshot given above, then you can find 3 fields CriticalMajor and Minor. Thus, as per the report in your project code, you have 24 critical issues, 678 major issues and 1536 minor issues. When you click on any item, which is either critical or major or minor, then you will get a complete list of issues in each section. Also, SonarQube will tell you what is the wrong with your code and how can you rectify it.
SonarQube is one of the best tool to optimize your code in the best way and it helps you to minimize the risk. It also helps you to boost your Application performance.

Comments

Post a Comment

Popular posts from this blog

Top 10 ASP.NET Web API Interview Questions

What is ASP.NET Web API? ASP.NET Web API is a framework that simplifies building HTTP services for broader range of clients (including browsers as well as mobile devices) on top of .NET Framework. Using ASP.NET Web API, we can create non-SOAP based services like plain XML or JSON strings, etc. with many other advantages including: Create resource-oriented services using the full features of HTTP Exposing services to a variety of clients easily like browsers or mobile devices, etc. What are the Advantages of Using ASP.NET Web API? Using ASP.NET Web API has a number of advantages, but core of the advantages are: It works the HTTP way using standard HTTP verbs like  GET ,  POST ,  PUT ,  DELETE , etc. for all CRUD operations Complete support for routing Response generated in JSON or XML format using  MediaTypeFormatter It has the ability to be hosted in IIS as well as self-host outside of IIS Supports Model binding and Validation Support for OD...
2 comments
Read more

Extension methods in C#

Consider the class C# 1 2 3 4 5 6 7 8 9 10 11 12 13          namespace ExtensionMethod      {          public class testClass {              public string sayHello ( ) {              return "Hello" ;            }        }      }     Invoke the above from your form using C# 1 2 3 4 5 6          testClass test = new testClass ( ) ;      MessageBox . Show ( test . sayHello ( ) ) ;     This will show “Hello” in message box. Consider the scenario where you don...
5 comments
Read more

What is cookie? Advantages and disadvantages of cookies?

What is cookie? A cookie is a small piece of text file stored on user's computer in the form of name-value pair. Cookies are used by websites to keep track of visitors e.g. to keep user information like username etc. If any web application using cookies, Server send cookies and client browser will store it. The browser then returns the cookie to the server at the next time the page is requested. The most common example of using a cookie is to store User information, User preferences, Password Remember Option etc.It is also one of the common and mostly asked interview questions. Some facts about Cookie Here are a few facts to know about cookies: · Cookies are domain specific i.e. a domain cannot read or write to a cookie created by another domain. This is done by the browser for security purpose. · Cookies are browser specific. Each browser stores the cookies in a different location. The cookies are browser specific and so a cookie created in one browser(e.g in Google Chrome...
2 comments
Read more