What is Sonarqube?

Sonarqube is a continuous inspection of code quality to perform automatic reviews with static analysis of code.it will detect bugs, code smells (bad code), offer duplicated code, coding standard and security vulnerabilities in our source code.

It is open source platform which will be used more than 20+ programming languages.

Install Sonarqube:

1. Download sonarqube from the below URL. https://www.sonarqube.org/downloads/
2. After downloaded, you will get the zip file, unzip the sonarqube file and place in the respected directory where we want to have sonarqube installation.
3. Now Start the server by clicking StartSonar.bat under SONARINSTALLDIRECTORY/bin/windows-x86-64 Note: Sonarqube 8 require Java 11 version. So make sure you are using java 11 to run the sonaqube8 version.
4. Once the sonarqube get started in the console. You can check the below URL to verify in user interface. Default URL: http://localhost:9000/
5. Default username/password: admin/admin

Configure Sonarqube in maven project:

1. Go to the Eclipse Maven project and open the pom.xml for the project. In the pom.xml add the below profile into it. Note: Change sonar.host.url value to your server address or keep localhost
2. Now run the maven project using the below maven command. Command to execute: mvn clean verify sonar:sonar => In some situations you may want to run the sonar:sonar goal as a dedicated step. Be sure to use install as first step for multi-module projects Now command to execute as: mvn clean install mvn sonar:sonar
3. Once build successful we should be able to see the below output in console. Run the highlighted URL to verify the analysis for our code.

4.In the generated URL,report will be displayed in the below format.