Sonorob is a powerful open source tool that helps you maintain the quality and security of the code by analyzing your own code base for insects and risks. And when your CI/CD is integrated into the pipeline, it can play an important role.
In this tutorial, we will cover:
What is Sonerobi?
How to improve the quality of the Sonorob Code
Stepped installation and configuration
How to drive your first code analysis
What is Sonerobi?
Sonorob is an open source tool that continuously checks the quality of the code. It analyzes the code to find matters such as duplication, bad methods, test coverage gaps, insects and risks, which provide detailed reports. It works with many programming languages ​​such as Java, C#, JavaScript, Azigar, Type Script, and Kotlin.
You can add sugar to your CI/CD pipelines, IDES, and version control systems such as Gut Hub, Gut Lab, or Bit Book. It provides detailed dashboards that show the matrix, trends and problems in your code.
You can use customs rules to enforce coding criteria and reduce technical loans. Sonorbone also supports code coverage analysis to help teams improve their tests. With the quality of the quality gate, teams can only make sure to produce a clean, maintaining code.
Sonorob offers both free and paid versions according to the size of any team. Overall, it helps improve the quality of the software and encourages good coding methods.
How does the Sonerobe Code improve the quality?
This is how the Sonorborkbone helps improve the quality of the code:
Early Big Finding: Identifies them before the insect production reaches
Better maintain: Highlights the code and design issues
Security insights: Indicates risks and security risks
Code coverage: Integration with testing tools to monitor unit test coverage
Custom Rules: Allows teams to compile coding standards and policies
Team cooperation: Ensures permanent quality of code in development teams
Stepped installation and configuration
Terms:
These are the terms you will need before installing the Sonorbone
Java Run Time Environment (JRE): Java 11 or above is installed in your system.
System requirements: 2 GB Ram at least (recommended: 4GB+).
Macos: You can use Humbro, a package manager for Macos, which facilitates software installation.
Below are the steps to install the Sonercob in your local machine:
Download the Sonorbone
Download from the software Soner Source Download And select Community Edition For open source projects.
Squeeze and form
Installing the Sonorbo You, you need to run a command below to non -zipper the file:
unzip sonarqube-.zip
cd sonarqube-/bin/
Start the Sonercobi
On the Linux/Mac, you need to run down command:
./sonar.sh start
On Windows, you need to run it:
StartSonar.bat
Access to Sonarobe
Sonercobi access to you, you need to open the browser and go:
Enter the default credentials:
The page will look like below:
Setting the Sonercobe in your project
To set the Sonorb in your project, start the Java project on your machine. At the root of the project, make a Sonar-Project.Prior File
Add key value pairs below the file:
sonar.projectKey=spring-myproject
sonar.projectName=My Project
sonar.projectVersion=1.0
sonar.sources=.
sonar.host.url=
How to drive your first code analysis
Create and run the Sonerskner
Sonerscker is the tool that actually sends your code to Sonorob for analysis. Below are detailed steps to process for its use:
Install the Sonerscore:
On Windows/Linux, download from the software Sonarsore And make it non -zipper:
unzip sonar-scanner-cli-.zip
On Macos, run down command:
>brew install sonar-scanner
For both Windows/Linux and MacOS, running the bottom command confirms:
>sonar-scanner -v
Creating a Sonerscore
After installing the Sonerskner, you will need to configure it by setting up Sonorboob server URL and Verification token. Then go to your Sonarbone Profile (Top right corner> My Account> Security) and prepare a token.
Provide a name for the token and click on ‘generat’:
I sonar-project.properties File in your project, add and save ‘Sonar.Logan’ property.
sonar.projectKey=test-project
sonar.projectName=Test Project
sonar.host.url=
sonar.login=
Run the analysis
Once the Sonerser is formed, you can start scanning your project.
In the terminal or command prompt, go to the root of your project (where the Sonar Project. Property is located).
Run the following command:
>sonar-scanner
The Sonerskner will analyze your code and push the results to your local Sonorba server. See And you will see your project on the dashboard.
To see the analysis report, go /Dashboard? ID = Java-Sonar Demo:
If you go to the ‘Issues’ tab in the top left corner, you can see the variety of software quality, the intensity of problems and other different features in your code.
Conclusion
Now you have installed and configured Sonorobe and learned that how to scan your code using Sonarskner. You can easily create it in your own plans for permanent code quality analysis.
This is a wonderful tool to clean and maintain your code base. As the next step, you can consider adding test coverage reports, imposing standard doors in your pipeline, and searching for a Sonercloud for cloud -based analysis.
##