Good quality in code plays an essential role when it comes to software, thus it assets efficiency, reliability, robustness, portability, maintainability and readability like essential factors. Considering a GitHub project, there are plenty of options to measure code quality. Considering options I would like to chose SonarQube for this particular purpose. Let me take down the steps, how I used SonarQube to measure code quality using a Java project, one of my GitHub hosted projects, Depli.
NB: The best way to analyze a maven project is to use the maven sonar plugin as the SonarQube docs says.
You do not require a
sonar-project.properties in that case.
Step 1 - Create an account in travis-ci.org
SonarQube needs sonar-runner to analyze the code. To run the analysis process using sonar-runner on code changes continuously, the ideal solution is using a CI server. Here I had to use Travis-CI since it is the perfect matured CI solution for GitHub projects.
Step 2 - Create an account in sonarqube.com
Then I created and logged into SonarQube using the same GitHub account.
Step 3 - Create Travis-CI configuration file
Next step was to create a configuration file for Travis-CI to instruct it to how to run the sonar-scanner as known as sonar-runner.
To do that I created a
.travis.yml, A YAML file in my project’s root directory.
step 4 - Create a SonarQube token
After creating a Travis configuration file I generated a security token and copied it to clipboard,
for Travis to use when updating SonarQube database.
Step 5 - Encrypt SonarQube token
Public access to a security token is a bad thing. So I had to encrypt the SonarQube token when inserting it to Travis configuration file.
To achieve that I used
travis from ruby gems.
Step 6 - Create a SonarQube configuration file
A metadata file including project details is required for SonarQube. So I created
sonar-project.properties in my project’s root.
sonar.sources is the place where sonar-scanner starts to analyze.
Step 7 - Add status to read me
Now to display the project status on readme, I added labels from Travis and SonarQube on
After following above steps I pushed all changes to GitHub. And waited until Travis sent me a mail confirming that my build has been successful. Now the readme is displaying the build status and whether my project has passed the quality gate.
By clicking on the
quality gate badge, I can access the SonarQube dashboard, detailed analysis of code quality of my repository.
Please refer my open source project, https://github.com/lpsandaruwan/depli if there is any doubt.
Continuous Code Quality On My OpenSource Project by Lahiru Pathirage is licensed under a Creative Commons Attribution 4.0 International License.
Based on a work at https://github.com/lpsandaruwan/depli.