DEV Community

Azom Shahriar
Azom Shahriar

Posted on

Sonarqube Installation

SonarQube Installation:

What is SonarQube?
Ans: SonarQube is an open source platform for continuous inspection of code quality & security. Automatic code review with static analysis to detect bug, code smell, security vulnerability around 20+ languages.It also offers reports of duplicate code, coding standard, unit test, code coverage, code complexity, comments, bugs, security vulnerability.

Server Installation using docker: 
Default server 9000 port
Can be installed by docker , manual ubuntu installation
Ubuntu Installation (https://developerinsider.co/install-sonarqube-on-ubuntu/)
 
Docker command:
 docker pull sonarqube
docker run -d -p 9000:9000 sonarqube

Integration with your code:

  • Create Project from sonarqube server interface
  • Choose project-key and display name
  • Copy the token from the server.

Changes build.gradle- 

plugins {
id "org.sonarqube" version "3.0"
}
Gradle Command for Single Module App:

./gradlew sonarqube \
-Dsonar.projectKey= \
-Dsonar.host.url= \
-Dsonar.login=
Gradle Command for Multi module App:

./gradlew ::sonarqube \
-Dsonar.projectKey=\
-Dsonar.host.url= \
-Dsonar.login=

After running command you will find all vulnerability at sonarqube server dashboard.

Top comments (0)