Maven and Sonar Integration

maven, code, quality, coverage, sonar, java  · 

How do you make sure that the code quality in your project is as high as it can be?

GuestBook - The Beginning

I guess as many software developers, the roots of my career started with some random exploration of HTML on MS Frontpage for my homepage that a 13-year-old me decided should be interesting to someone for some reason. After fiddling around and setting up a few landing pages on a few different topics, I decided that it's not very interacive. And that's when my quest to create a guestbook started. Like now I remember loading altavista search trying to find some way of how to enable my guests to leave something in my guestbook.

And that's how the rabbit hole sucked me in - first were the tries with Perl and cgi-bin, which worked but it seemed so unnatural. The file storage with delimiters did not somhow impress me as well. Then I found it - the holy grail of guestbooks - PHP. Finally, I was equipped to deliver the guestbook of my life.

A few years into the rabbit hole, I was coding my own forums, galleries, comment sections and poll questionnaires. It seemed that there is nothing that PHP can't do. I felt like a super hero!

Clean Code

My initial obsession with code coverage and code quality. So coming from the background of PHP initially, some small ridiculous tasks of JAVA in the University, I was never aware of what kind of beast it was. My professional carreer brought me to this established company with a more mature Agile process, JUnit Testing, CI and SVN (which later was migrated to Mercurial (Hg)). I felt like I moved to this big pond from a cup! Of course on my first commit I broke the build :)

And then one of the more senior colleagues showed me this book - Clean Code by Robert C. Martin - it changed the way I see things. I was disgusted by the code I wrote a few days ago. Soon after that enlightening moment I was introduced to Sonar code quality measuring system and then it all fell into places. It's possible to write clean, beatiful and quality code, control it with the help of various devops tools and make sure the project doesn't compromise on quality no matter the size.

Prerequisites

So to run SONAR locally you'll just need to download the newest version of it and start the server, if you're on bash:

[ben@bens-laptop ~]$ cd sonarqube-latest/bin/linux-x86-64
[ben@bens-laptop linux-x86-64]$ ./sonar.sh start
Starting SonarQube...
Started SonarQube.

Note: By default SONAR runs on in-memory H2 database, but if you'd like to run SONAR on some remote server and use in CI then it is recommended to configure and use a regular database like MySQL.

Once the server is started we can start looking at the project itself.

Other things you are going to need is installed Java, maven and a preferred IDE.

Configuring Maven

First of all maven has to be configured to to be able to use sonar targets. In the local maven repository file settings.xml should be configured and look like this:

<settings>
    <pluginGroups>
        <pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
    </pluginGroups>
    <profiles>
        <profile>
            <id>sonar</id>
            <activation>
                <activeByDefault>true</activeByDefault>
            </activation>
        </profile>
     </profiles>
</settings>

There might be some additional things needed to configure if sonar is not running on default settings on your local or if external sonar server is used.

Example Sonar-Maven Project

Let's start by creating a quick Spring Boot project. The easieast way to do it is using the really nice spring boot initializer at start.spring.io - just chose if you wanna use maven of gradle, group and artifact names and the dependencies you want to use and the project can be downloaded. It literally takes seconds. Import it to your preferred IDE and you're ready to go.

Now the first thing you'll need is to add a couple of plugins:

	...
	<plugin>
		<groupId>org.apache.maven.plugins</groupId>
		<artifactId>maven-surefire-plugin</artifactId>
		<version>2.20</version>
	</plugin>
	...
	...
	<plugin>
		<groupId>org.jacoco</groupId>
		<version>0.7.9</version>
		<artifactId>jacoco-maven-plugin</artifactId>
		<executions>
			<execution>
				<id>pre-unit-test</id>
				<goals>
					<goal>prepare-agent</goal>
				</goals>
			</execution>
			<execution>
				<id>post-unit-test</id>
				<phase>test</phase>
				<goals>
					<goal>report</goal>
				</goals>
			</execution>
		</executions>
	</plugin>
	...

That is basically everything that is needed to have sonar configured on the project and measuring unit test coverage.

Now to test the configuration just added some service returning hello world:

@Component
public class HelloWorldService {

	public String giveMeHelloWorld(String name) {
		return "Hello World, " + name + "!";
	}

}

And a quick test for it:

public class HelloWorldServiceTest {

	private HelloWorldService helloWorldService = new HelloWorldService();

	@Test
	public void shouldReturnHelloWorld() {
		// given
		String name = "Benjaminas";

		// when
		String result = helloWorldService.giveMeHelloWorld(name);

		// then
		assertThat(result, containsString(name));
		assertThat(result, containsString("Hello World"));
	}

}

Running Tests and Sonar Targets

To run the tests and sonar analysis, in the root folder run:

[ben@bens-laptop examplesonarproject]$ mvn clean test sonar:sonar

And if everything is fine, you should be able to see those lines in the end of a successful build:

[INFO] Analysis report generated in 75ms, dir size=36 KB
[INFO] Analysis reports compressed in 6ms, zip size=12 KB
[INFO] Analysis report uploaded in 20ms
[INFO] ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard/index/com.razbenny:example-sonar-project
[INFO] Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
[INFO] More about the report processing at http://localhost:9000/api/ce/task?id=AV3G5tDuLq35wMHxQS6n
[INFO] Task total time: 4.837 s
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------

View Project on Sonar

Now once the Example Project is analyzed, you can view it on Sonar Web App.

Sonar Project Screen

As we can see the statistics of the project looks good: 74 lines in total, 66 XML lines, 8 Java line and 100% test coverage.

Final Words

So to conclude, Sonar can be very useful tool for everyone - especially people working at modern fast paced agile teams. Especially when it is combined with Jenkins and is included in the CI cycle. As numbers and diagrams geek I really enjoy nice and simple way that Sonar visualises the measurements of code quality.

Hope that you guys enjoyed this post and waiting for your feedback on the comments.

Further improvements

A few ideas that could help improving the quality of a project further: