Spring Boot 2.2.6 Code Quality with Sonarqube 8.2-community

Bahadir Tasdemir
Apr 7, 2020 · 4 min read
Code Quality Improvement with Sonarqube

While our software projects evolve, they must be in good quality. Thus, we apply practices like TDD and pair programming. Besides, we can benefit from quality measurement tools like Sonarqube. Above all, in this post, we are going to check out how we can configure Spring boot 2.2.6 with Sonarqube 8.2.

Tools and Versions

Below components are used for the sample project:

Maven Plugin Details

Before starting the example, let’s learn what are these plugins for.

Sonar Maven Plugin

This plugin provides a Sonar Scanner for Maven. When we run the plugin’s goal with `sonar:sonar`, the code quality measurement processes locally and sends the report to the configured Sonarqube server.

Maven Surefire Plugin

This plugin is special for maven. Even though you don’t include it into the project, when you run the tests with maven it will download and run the tests with this plugin. Also, you can specify running order, test class name patterns to include, etc.. After running the tests, the Surefire plugin generates reports like below:

-------------------------------------------------------------------------------
Test set: com.trendyol.qualitymeasurementsample.controller.TestControllerTest
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 3.007 s - in com.trendyol.qualitymeasurementsample.controller.TestControllerTest

Jacoco Maven Plugin

Jacoco plugin is used to calculate the test coverage ratio. With the latest version of Sonarqube, the coverage is only generated via this plugin. Thus, you cannot get the coverage info without Jacoco anymore.

Sample Project

First of all, you can access the sample project in this Github repo.

To be able to bootstrap our project, we are going to benefit from a simple docker-compose.yml file. This is going to boot up an instant Sonarqube service.

Note: I have used the Sonarqube docker image versioned as 8.2-community for the sake of stability. You can check it out from the Github repo.

When you boot the docker container with this compose configuration, the Sonarqube server will be ready at http://localhost:9000.

To demonstrate a project sample, we will use Spring Boot 2.2.6. with java 11. Next, we prepare a basic test controller.

Now the most important part, configuring the pom.xml.

Adding the sonar-maven-plugin is very straightforward.

Next, the most important part #1. To be able to pass the jacoco measurement result to the surefire plugin correctly, we should set `propertyName` in the pre-agent configuration stanza.

As you can see above, there are two execution phases configured.

Pre Agent

In the pre-agent configuration, the report file destination path is configured and passed to a property for the surefire plugin.

Report

This execution configures the report creation. Thus, the data file and output directory are configured here. Above all, this configuration ensures that the coverage report for unit tests created after unit tests have been run.

The next most important part is to configure the surefire plugin.

There are only two configurations here.

Arg-Line

Arg line section is the configuration where we pass the jacoco `propertyName` so that the surefire plugin can process the report generated by the jacoco plugin.

Reports Directory

Reports directory configures the path where the surefire reports will be created.

Last but not least, we should add Sonar properties.

To explain each:

  • project.test.result.directory: This is a custom property that we add to be able to easily manage the test result directory value.

You can find more configuration keys in the Sonarqube server Administration -> Configuration -> Analysis Scope.

Sonar Configuration Wildcards

Sonar wildcards are explained below.

  • * -> Match zero or more characters. This is used to define generic class names or all.

Running the Analysis

The above configurations and codes complete the sample project. Now we can simply type below command in the root directory of the project.

This command will run all the tests and generate the report on the Sonarqube server. As a result, you can see the sample screenshot below.

Sonarqube First Analysis Result

When we run the analysis command without any test, it will show the coverage ratio incomplete. Let’s add a test to completely cover our code.

With this test run the same analysis command. You will see a test overview like the below screen.

Sonarqube Second Analysis Result — Complete Coverage Ratio

Now we can commit our codes with relief 😎

Please investigate the Sonarqube documentation for further configurations.

In conclusion, we have learned how to configure our Spring Boot project for Sonarqube. Please like and share if you like the topic. Don’t forget to write comments if you have any suggestions or questions.

Please gently read my other blog post about Cloud-Native Configuration Management.

P.S.: My screenshots are dark because I am using this chrome extension.

Trendyol Tech

Trendyol Tech Team

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store