SonarQube Configuration On Windows With SpringBoot | Code coverage | 2023

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

foreign [Music] Tech and programming so in today's session we are going to check what is sonar Cube and what is Java code coverage and how we can achieve Java code coverage into our spring boot micro Services how we can install sonar clip server on Windows and how we can configure macro service into sonar Cube server okay so in the agenda like we are going to check the benefits of sonar Cube code coverage also and why should we use sonar Cube uh like how we can use sunarco to improve the code quality parameters then mainly we are going to check how we can install solar keyboard Windows and how we can do my event configuration with this one or cube in Eclipse ID then what are the commands we can use in order to onboard the our macro service to sonar clip server okay how we can generate the token in order to connect with this one our Cube from our macro surface then we are going to check what is a code smell how we can check the security ratings and maintainability ratings into sonar Cube so to demonstrate this I'm using my blog so blog link is brought it into video description so basically what we are doing so we are using this one our clip server version 10.0 along with Java code coverage and spring boot application so we are going to write some unit test cases and build that through Maven and uh with the sonarq plugin and then we will do code analysis from sonar Cube UI so basically question coming into your mind so what is exactly so means so sonar cube is a code quality assurance tool that collect and analyze the source code and provides the report for the code quality for your project so it combines that static and dynamic analysis tools and enables the quality two to be measured continuously over time okay so what is mean by code coverage so Java code is performed with the actual executing programs like a source code will be checking score smells or different types of exceptions or core validations or Loop complexities cognitive complexities and some rule set in your organization for best practices for the code that we write into our day-to-day life so if you talk about the benefits of solar Cube then we get lots of like benefits like first is like it will help to improve our quality of code then it will grow the developer skills then continue continuous quality management and reduce risk scan complexity to your code then increases the productivity by writing your genu test cases so it will validate your methods and classes and it will suggest how you can improve and how you can write that method in a better way in order to reduce the risk and complexity of the code basically it is will have to write the claim code so basically also it will validate your code and detect error if possible if it is error prone then it will detect the errors also so mainly it will help to enhance developer skills okay so why should we use solar Cube so it reduces the risk of software development within the very short amount of time so it detects the bug and it detects the issues in your code automatically and alerts the developer to fix them as a code smells it will highlight the normal code mistakes or code validation before rolling out to the production so how how this works so like if you can say so this is our idea eclipse or DDJ so here is a code and uh with this Eclipse so you can use this plugin this is called in the sonar link plugin so that is residing into your Eclipse okay so it will act same as a sonar queue and it will suggest whatever your code smells or code validation it will when we fix all the code validation then we commit our code or push the changes into bitbucket or or you can say for building to through the Jenkins or deploy somewhere okay so in between that so if you have a cicd pipeline that is a continuous build and continuous integration so in between so we can configure Java code coverage via sonar Cube so that it will test the quality of your code and it will generate the percentage of your code coverage into like a sonar Cube Dash so that is called as a quality kit so we are going to check that so let's start so first like uh we are going to install solar Cube server so before that there are some prerequisites so we are looking into version 10.0 so here prerequisite is for to install some Orchid server so we need a Java version 17 or if you are using open jdk then also like we need a 17 version of java Okay so so go to your browser and type downloads on our queue okay so click on this first link so you will be landed into sonar Cube download page so here we are using this Community Edition for download so it is mentioned that for what purpose if we can use this updated bugs and fix vulnerabilities review the security dot spots aicd and code quality matrices okay let's say download for free so it is a 337 MB file so as per your internet speed it will take time okay so let's download it so go to folder copy to some other folder extract it here okay so it is completed so now go to bin folder you can see there are lots of options available like for Linux for Mac OS and for Windows so go to Windows and here you can see start sona.net so go to CMD type starts [Music] okay so this is started now so this is sonar cube is operational so process is a so it will run by default on 9000 ports so go to localhost [Music] so you can see it is like asking for sonar Cube so type password as admin okay so our username is admin and password is admin so change the password foreign [Music] so it is asking to import this project from disk sources what we have to do so now just only think with this sonar Cube so we have to generate one token so that can be used while configuring or while running the our micro service so before moving to microservice so let's edit this token so go to this My Account Details okay and here you can see this is a security tag go inside this and here it is saying that gender tokens okay so give any name for now I am doing test or I'm giving it name select token type as a user token and expiry no expiration and let's say generate so you can see this token is generated Okay so copy this handy okay so now like we will go to onboard our micro service so now like we can onboard microservice to sonar Cube so for this what we have to do we have to generate uh we have to create one micro service and uh we have to like configure into sonarity so for this I'm starting with this uh spring dot IO creating spring boot project so select as a maven then uh the spring version has a 272 and here type so sonar clips from good demo here also small clips from good demo package name com dot stack Java version let's keep as I hit and here add the dependency of spring web and generate okay so project is generated let's import this project so we have extracted project so so import this go to eclipse and go to this import projects mention the path here or go to maven existing my project next directory say browse you got the bomb.x1 Finish okay so we have to add form.xml so here we have to add this jacobo plugin for now copy this okay onward XML okay so in Bob dot XML so we have a spring starter web dependency along with starter test and we have to add this plugin so spring boot power and plugin and we have to add this plugin plugin that is a Java code coverage plugin so it will help to generate the code coverage from your local machine and here uh we name this my own compiler plugin and this is owner my one plugin so this is important so these plugins are required okay in order to onboard this project to Sonata okay so now moving further so we will create One controller class let's say product controller class okay so this code okay so let's say Ctrl shift o in order to input the packages okay so what we are doing here so we are annotating this as a spring boot application along with the rest controller this is the basic example where like uh we are getting the product so so IRS call so we are getting these products and uh what type of products we are getting so that details like we have implemented into into this one method so now like uh we have to write the test cases for this code that we have defined into this controller so go to SRC test Java let's say controller to input this packages let's say Ctrl shift 2 in order to import the packages so this chapter okay so what we are doing here so we need to add the test cases in order to test the methods into product controller okay so we are automating this with product controller into test and just we are writing this test test case in order to like invoke these net products and here we are writing an assertion statement and printing this JM okay so we are invoking this new product method of controller and we are setting the assertion statement okay so now let's run this Java code coverage it is showing some coverage okay so select this this product controller is covered by 100 so now let's check with the sonar Cube also so what we have to do so we have to right click and say run as well build here we need to Define this goal foreign [Music] coverage has run now we have to add this or we have to onboard this into sonar plugin so we have to Output this into sonar clip so what we have to do so there is another command so uh that I have mentioned and then we have to add this password so what is password so whatever this generated key earlier from the solar clip server from here like this is generated so copy this again and here you have to write it copy this whole command so in order to see this project here so we have to run this M1 command okay that's it so build a success so now you can see so just go to this solar Cube and refresh this go to projects so you can see like this one after spring boot demo project is there so this one's owner Cube Springwood demo so that came here so you can see there are bugs vulnerabilities rating is provided and coverage is let's say here it is showing as a 80 percent so here so you can see the there are options like issues security hotspot measure code and activity okay so it is giving complete analysis of your micro service so how you have written the code so for more information go here so here if you can see these two our classes are there so this product controller is covered by 100 but this solar Cube spring boot demo application so that is 33 so it is not covered okay so what we can do now so first we'll check if there are any code smells okay so here you can see the infrared controller so remove this duplicate import so these are like a code smiles so this one up to tell you to improve your code and uh let's see at least one assertion should be there there into test case remove this public modifier way to remove it so yeah remove this public modifier okay so like this uh it will mention this so you can write the protected so it will give suggestions also okay so let's do that let's do this protected and uh like we can add one test case here okay so in order to invoke this main method so I'm writing this test case the protected and in product controllers so I am reviewing this Imports Ctrl shift o in order to organize the input and here so I will do construction Pro in order to organize Imports I will remove the C Services also because it's highlighting switch outs also I think okay so it is saying replace this with system.logger okay so that's it so we have fixed code space Also and we try to increase the code coverage also we can go this so so we have to run these two steps for for now I have ran this clean and of preparation installed then again we will do this sonar password let's allow this Java access so this will be success now again build and this owner in order to onboard this coverage into sonar let's run it okay so our build is done so let's verify this so go to this uh let's say refresh now go to projects so as you can see we have a coverage of 100 now so over here go to oral code so you can see coverage on so over both of the classes are covered with hundred percent coverage okay so let's see the issues also so see the previous issues are gone now so remove and use this variable so yeah we can divide further so add at least one assertion so we cannot add assertion on uh like a spring boot main uh test case so like this like uh we can like minimize this uh security hotspots or code smells or if you can see there are these are like ratings so this is a reliability rating on your codes currently this is a means variable so security rating so it will check for vulnerabilities with the security and overall the maintainability of your code it will check okay so this always should have uh like between 80 to 100 okay so in order to summarize this so we have seen how we can download and install sonar Cube server and we have created spring boot micro Services written the JNL test cases while building through memory integrated sonar Cube using Sonar Cube and Maven plugins and we have done code analysis via soon I'll keep UI this is about sonar Cube so stay tuned for further sessions and thanks a lot for watching foreign [Music]

Info

Channel: Simplifying Tech

Views: 2,497

Rating: undefined out of 5

Keywords: sonar qube, sonar qube with coverage, jacoco coverage, coverage using jacoco, sonar with coverage, configure sonarqube, sonarqube with jacoco, sonar qube with maven project, sonar qube with javaproject, sonar maven plugin, jacoco maven plugin, jacoco with sonar in maven, jacoco with sonar qube, maven project with sonar, code quality using sonarqube, sonarqube tutorial, sonarqube installation, static code analysis, how to use sonarqube, sonarqube installation on windows

Id: hl9jsjIZTTk

Channel Id: undefined

Length: 19min 50sec (1190 seconds)

Published: Sat May 27 2023