SonarQube analysis and SonarLint integration with Visual Studio 2019

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello guys today we are going to see how to install sonar cube locally and get the code quality report for dotnet core project including code coverage for unit test we will also see how to use honor link with visual studio and integrate it with sonarq reports during the demo we will also go through the common issues you might face with installation and also while generating the reports i will show you how to fix them so that you won't need to spend our time in researching for same and just for note uh for today's demo actually i'm using visual studio 2019 community edition and uh for all all the scanning and the integration will be done for same okay let's start the first thing we will need to do is download sonarqube on our local system so for downloading it you will need to go to the site so not cube.org under download section you can get the community edition so just download the file uh it will be a zip file which will be downloaded on your system so once downloaded you will need to extract that file so let me just show you on how i have done it on my local system so yeah if you can see under c drive i have folder name swapnil and under that i have folder name sonarq and this is the zip file before extracting the zip file just make sure you go to the properties section and under this properties this file might be blocked on your system so you will just need to check the unblock checkbox present over here apply those changes click ok and then extract it just don't go and directly extract this file else you will face some issues later while configuring it so just make sure you go to properties and block the file and then only extract it let me show you the content of this folder so as you can see there are multiple folders available under here but uh we will be dealing with bin and config folder only so later on in this video when we will be configuring sonar cube locally so we will go through these two folders only but we won't need to go through our other folders because we won't be making any changes on those okay now let's go through the project which you will be today using for scanning okay on my screen you can see the project it's a profile management system so what it does uh we keep record of user profiles and now this application based on the request will provide us the pro user profile and his basic info so the main project it contains program.cs file which is starting port point for our application then we have a couple of layers like application layer containing business logic then persistence layer containing uh calls of calls for database communication i have also added one project for unit test so if you go to the project you will see there is one unit test as of now and there is a one more unit test but this is commented out so for the first can we will use only one unit test and then we will do one more scan just to see uh what changes uh the report will show once we uncomment this particular unit test so the second scan will have two unit test cases i'm using 2019 visual studio community edition so we don't have any direct support for calculating the code coverage or for the unit test cases so for that actually we are using uh one open source utility that is called as a coverlet so using that coverlet utility actually we can calculate the code coverage for so to add that utility what you will need to do just right click on the unit test project go to manage nuget packages yeah search for coverlet it will show you this one package build so what it does using our build ms build we we can command it to calculate the code coverage so just install this particular nuget package into unit test project only so now with this done let's go to the another setting which we need to do or i will say the utility which we need to download so let's go to sonar scanner uh this document which is created help document which is created by sonarcube so under this page actually if you go to the ms build section so you will see we need to download one utility or i will say tool for scanning our project or the solution for sonar scanner or sonarqube reports so you will need to execute this command for installing this.net sonar scanner utility so just go to developer tool fire this command don't need to specify this version uh parameter you need to just execute this this command and it will download the latest version so once that latest version is available on your local system you can execute the command related to sonar cube and then only the analysis will be performed so with all these settings done now let's go to sonar cube scanner application and we will host it locally so for a sonar cube uh application to work locally you will need to install the java uh jdk but uh currently i'm using open jdk so you can go to uh for the site and download it open jdk tool you're on your local system let me know if you need any help you can add it in you can ask me question in the comment section and i will i will help you with that as well so once that is done go to the folder where we extracted all this information so this is the extracted folder for sonar queue so in the bin folder if you go to this wind folder you will see there are four folders available so based on the operating system you will need to select the folder currently i am using windows so i will go to windows so in this folder you will see there are five to six bat files available so for starting the sonar sonar cube so you will need to execute this particular batch file but before executing in case if you are using open jdk you will need to do one setting so for that go to root folder go to config folder you can see this wrapper.config file so just edit this file and you will need to put the location of java folder in case if you are using opencdk so you can see i have modified this particular line so here i have put the location of all the files related to java currently on my system so as of now i'm using open jdk so i had to do this setting manually in case if you are not using open jdk you are using the normal uh java or jdk for jdk installation or you have that instruction on your system so then you won't need to do this so once this setting is done go to the pin folder yeah just open the command prompt from here type command start so now don't bet click enter so now it will launch the jvm okay so now the sonar cube is up you can see this message on the last line so now let's go to the browser i will refresh this page so on this port 9000 the sonar cube will be available yeah so now it's loading okay so this is the portal actually for sonarq on a real local system in case if you have one server the same kind of ui you will get there okay so for uh for performing this sonar scan we will need to execute couple of commands so in total there are four commands the first one is uh for adding this particular project to sonar cube reports then the second one is for uh for building this solution the third one is for running the unit test and uh and generating the code coverage and the fourth one will be finalizing the sonar so what are the analysis will be done so all that analysis related data will be published on our sony portal so let's go to this location of this particular project yeah open the command prompt as we have already installed the utility required uh for this uh for performing sonar cube uh for executing the solar cable analysis with a microsoft build so our builds will work so i have already written this command so let me just copy this command on this command prompt here so this is the first command so what it says the first keyword you can see is the dotnet then sooner scanner begin the parameter we are passing is the profile uh the key for this particular scan so key can be anything you can use uh for guiding as well but uh as of now i have given you the proper name the name of my project so profile info underscore can and this is the third scan actually i'm performing on this project so i will i will write down three because in case if i don't provide any name and this particular profile already exists uh there is any already existing profile with the same key so the report will go there but now i want a separate report for this particular session so i am naming the this particular key with a different name so now let's execute this command yeah yeah so it has started the build for sonar scanner so yes so these are the steps which are are performed so it will initialize everything whatever the scanners it will be using so it will initialize those so now what we need to do is we need to perform the dotnet build so let me execute this command as well dotnetwell so now it will actually build the project yes so build succeeded so now the next thing for us is to perform the code coverage run the unit test and collect the code coverage report so for that i have already written the command so i will just copy that command here yeah so this is the command so what this command say we are executing the vertex then we are passing two parameters these parameters are required for collecting the code coverage so the first parameter is collect coverage so we need to set it to two and the second parameter is cover let output format so what format of the report must be it is open cover because sonar cube scanner supports open cover format so that's why we are explicitly passing it the format of the report so i will just now execute this command this info actually you can get on solar cube documentation yeah so you can see the count of test currently we have only one unit test and the other one is commented out so the taste run was more successful and the test is passing and you can see this is the report actually and there will be one xml file generated with this code coverage i will show you that xml file so let's first go to the unit test project location so if i go to this unit test project yeah so if you see in this project there will be one coverage file generator so this is the file coverage file so in the first can actually this report won't be published in sonarqube report because currently we we don't have any config we have not done any configuration or setting to uh to make the sonar cube read this particular file so we will need to specify the file name as well as the path so we will do that once the scan is complete so let's just resume the work which we are doing so we will execute the last command and all these commands are available on the sonarqube documentation so let me just show you so these are the three commands actually we are currently executing the only extra command which we executed is related to dotnet test so which is not currently present here but that we need to do yeah so let me copy the last command so yes so this is dotnet sonar scanner end so what it does whatever the analysis we have performed so far so with this command it will take that analysis reports and it will publish to our sonar portal so let's execute this command so the work is in progress yes so it will check for code coverage and everything but the by default actually it won't find the code coverage file so for that we will need to do one setting i will let you know how to do that so yes we can see uh the scan is complete and if you see this analysis is successful and uh for this browsing this particular analysis we have the url as well so i will just copy this url go to the browser and just hit enter yes so this is the scan actually which is currently performed you can see there are eight co it could smells in our project and the taste coverage is currently zero so for this actually we will need to do one setting which we will just uh look now but there is one issue actually you might face on your system as well which i wanted to show you but like currently the code cover is a zero percent but if you click on it it will try to load one page with all the details related to code coverage and everything but you might face this issue if let me reload this page you will see there is an error the request cannot be processed try again later so this might happen on your system as well on my system it's happening because of my anti-virus so let me just go and disable the antivirus as of now yeah so i will just disable this antivirus this actually most of the people face and if i load the report so yes you can see the report is loaded this particular section is loaded but currently we don't have any good coverage information so for getting the code coverage as well we need to do one setting so for that you will need to login into this application so and for login by default the username will be admin and the password will be admin hit enter it will take you to the portal yes now go to project settings go to general settings here you will see one section for languages so go to languages select the language as currently we are working on dotnet project and we are using c sharp so let's go to the c sharp language and if you go down you will see there is one uh one setting called as open cover integration test reports path so you need to specify the reports path here code coverage report path so the format the proper format for it will be just the name of the report so let me go to the unit test and i will copy this name i will specify the path yeah so under uh all folders it will look for this particular xml file you can specify whatever the format you want but it's currently i'm using the default name now i will just save it we will go to the overview page currently this report is not available we will need to perform the scan again not the entire scan but the last step so if i now execute the last command again sooner scanner so now what it will do it will check the or check all the available analysis reports now and it will also find the code coverage information as well as we have specified the path yes okay so yeah it's finalizing the reports yes and you can see the scan is complete the url is again shown here but we already have it loaded so i will just reload the page so as we have not changed the key the the scan results will go under the same project yeah and now you can see we have the code coverage information so this is the extra setting actually you had to do and if i click on it now it will take me to the report yeah so it will give me all the details like what number of lines actually which are not covered and uh it will give me all the data related to code coverage you i can go to the details and check like with the office lines i have covered and what are the suggestions related to code smell and everything so all the issues will be reported here so this way the sonarqube scanner will publish the reports locally now let's see the sonarland extension actually which is available for uh for this one scanner so for that for downloading it you will need to go to extension so go to manage extension search for sonar sonarland it will give you that extension here and you will need to install it i have already installed it and i will just need to enable it and yeah it's disabled so i will just enable it yes it will ask me for starting the visual studio so i will just restart the visual studio and we'll come back so i have started the visual studio so with this extension what happens is if there are any code smells so if there are any existing code smells or issues so it will report you like in this particular page actually there is one suggestion uh from sonarland so what sonarlin does is you it scans your code whenever you are typing so that time only it will start scanning your code and will show you the suggestions available for it in case if there are any issues so this will happen for the entire project so now what we can do is uh do is uh in case if we have configured it on a build server so in that case in you might have some custom configuration for sonar cube scanner so in case if you want to sync that that configuration with your local visual studio so for to do that what you need to do is go to team explorer yeah go to home click on the sonar cube icon cube so it will give me one option to connect so in order to connect what we need we need the sonarqube server then we need username or password or we can also do this connection with the token so let's go to uh sonarqube and just copy this server address so in case if you want to generate the token what we what you can do is go to sonarqube go to your profile go to my account yes under security yeah i will need to log in again i mean yeah okay yeah so under security you see this option available here uh this is for generating the token so in case if you want to generate a new token just name the token so i will name it as a 2.2 click on generate so this is the token generated you will need to copy this token and this token won't be shown here again once you refresh this page so now i will go to the connection window just copy and paste the token and click on connect so what it will do is now it will connect you to the server profile so once that is done you you can refresh uh the screen click on the show all project yeah show all projects so what are the scan you want to connect to so the latest can we did was profile info underscore scan three so i will i will connect it uh connect to that particular profile so i will just need to connect on or click on bind so once that is done yeah it will it will show me all the results which were available on that report on my local visual studio instagram so this way actually you can connect your visual studio with your builds uh what are the reports generated on your build server so and those reports uh what are the course mails of those were found in that report those results will be available here so this with all the suggestions will be shown to you so this way the developer will have access to order the scans which were performed using uh on a build server yeah okay now let's perform the scan again this time what we will do we will we will uncomment this particular unit test yeah and we'll run the scanning again so we will need to go through the commands again so we will start from uh the first line that is sonos cannot begin so once this step is performed the second step we need to do is donate build yeah the third one is dotner taste yes and now the final one is sonar scanner so it's uploading the entire scan result on our sonarqube server so once this is done we will go to the report and we'll see if the coverage is updated currently the coverage was 12.2 so yes the scan is complete let's go to the our sonar keyporter yeah let's go to the project yes this is the project actually overall code scan so now you can see the code coverage is not 7 now 17.1 so initially it was 12.2 uh 12.8 i think now it is increased so this way you can add the for unit test cases and this code coverage information will be updated so that's it for today in case if this video helps you do subscribe to my channel and if you have any questions or queries uh just add it into comment section i will i will reply back to them and in case if you know need any more details on this let me know i will create uh for i can create one more session with the detailed information related to this yeah so best of luck

Info

Channel: The Software Developer

Views: 46,829

Rating: undefined out of 5

Keywords: sonarqube analysis, sonarlint, analysis using sonarqube, analyze project using sonarqube locally, code quality check, how to perform code quality check, how to perform code quality check using sonarqube, code quality check using sonarlint, sonarqube with visual studio, sonarqube integration with visual studio, sonar qube analysis, sonarqube quality check, code smells using sonarqube, code coverage, code coverage in visual studio, coverlet, coverlet code coverage, sonar lint, scan

Id: AzZSwuea4uc

Channel Id: undefined

Length: 23min 8sec (1388 seconds)

Published: Fri Oct 02 2020