SonarQube integration with Selenium Scripts:
In this post we are going to learn, what is SonarQube, how to integrate our selenium automation script or any other code with SonarQube for automatic Code Quality analysis and identify the different vulnerabilities.
What is SonarQube?
SonarQube is an open-source platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities. It also offers various reports on code coverage, complexity, coding practices as well as on duplicate code. SonarQube Supports 20+ Programming languages.
Please Note before starting further on this blog, I am assuming you have basic knowledge about maven, and it is already installed in the local machine as well as in your ide along with all other maven plugins to execute the test.
How to install SonarQube:
We Can download SonarQube from the official website of Sonar under the download section or directly using the below links.
Installing from a zip file
- Download the SonarQube Community Edition.
- As a non-
root
user, unzip it, let's say in C:\sonarqube or /opt/sonarqube. As a non-
root
user, start the SonarQube Server:# On Windows, execute: C:\sonarqube\bin\windows-x86-xx\StartSonar.bat # On other operating systems, as a non-root user execute: /opt/sonarqube/bin/[OS]/sonar.sh console
If your instance fails to start, check your logs to find the cause.
- Log in to http://localhost:9000 with System Administrator credentials (login=admin, password=admin).
- Click the Create new project button to analyze your first project.
Using Docker
Images of the Community, Developer, and Enterprise Editions are available on Docker Hub.
- Start the server by running:
$ docker run -d --name sonarqube -p 9000:9000 <image_name>
- Log in to http://localhost:9000 with System Administrator credentials (login=admin, password=admin).
- Click the Create new project button to analyze your first project.
To Start SonarQube
In SonarQube installation folder under the bin, depending on your OS version there would be file name StartSonar.bat click on that file.
In the command prompt we will be getting a message stating that “SonarQube is up”.
By default SonarQube runs on http://localhost:9000
Default username and password of SonarQube is admin.
Sometime it may also ask the user to generate token this is a completely optional step and could be skip.
Now let’s check out how we can integrate Selenium or any other project with SonarQube.
1) Inside project POM.xml file add the below two plugins i.e maven Sonar Scanner and jacoco Plugin.
<plugin> | |
<groupId>org.sonarsource.scanner.maven</groupId> | |
<artifactId>sonar-maven-plugin</artifactId> | |
<version>3.2</version> | |
</plugin> | |
<!-- https://mvnrepository.com/artifact/org.jacoco/jacoco-maven-plugin --> | |
<plugin> | |
<groupId>org.jacoco</groupId> | |
<artifactId>jacoco-maven-plugin</artifactId> | |
<version>0.8.1</version> | |
<executions> | |
<execution> | |
<id>prepare-agent</id> | |
<goals> | |
<goal>prepare-agent</goal> | |
</goals> | |
</execution> | |
</executions> | |
</plugin>
mvn clean install sonar:sonar
|
Great Learning!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.