Scribd Logo
Upload

Welcome to Scribd!

  • 74 views

    Experiment 5

    Uploaded by

    SK Endless Soul

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    Experiment 5

    Uploaded by

    SK Endless Soul
    74 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    74 views7 pages

    Experiment 5

    Uploaded by

    SK Endless Soul

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    You are on page 1of 7

    EXPERIMENT-5

    AIM: Static code analysis using SonarQube and Sonar Scanner

    SonarQube Features  

    • Supports languages: Java, C/C++, Objective-C, C#, PHP, GO, JavaScript, Python,


    PL/SQL, COBOL, etc. (note that some of them are commercial)
    • Offers reports on duplicated code, coding standards, unit tests, code coverage,
    code complexity, potential bugs, comments, design, and architecture.
    • Records metrics history and provides evolution graphs (“time machine”) and
    differential views.

    • Provides fully automated analyses: integrates with Maven, Ant, Gradle, and
    continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.).

    SonarQube Installation steps:

    Step 1:
    Download the SonarQube software from ”
    https://www.sonarqube.org/success- download-community-edition”
    Step 2:
    Extract the Zip file to the specific location
    Step 3:

    1
    Now open command prompt and change the directory to bin upto windows 64 bit
    installer

    Step 4:
    Now type the command “StartSonar.bat” and now the SonarQube server will be
    started
    Step 5:
    Now open sonarqube web server in browser by opening the following link
    “http://localhost:9000”
    Step 6:
    Initially login as admin and the password will also be admin.Later if you want you can
    change the password.
    Step 7:
    Now the SonarQbue dashboard will be opened .In dashboard click on create project
    mannually.Then one screen will appear ,it asks for project name and project key so
    Specify them.

    2
    Step 8:
    Then click on setup , select locally and generate the “secret key”
    Note: Keep the project name,project key and secret key at a specific palce for further use
    Step 9:
    Click on continue ,then one screen will appear and select the options as given below.

    3
    Sonar Scanner Installation:

    Step 1:
    Download the Sonar scanner from the following link
    “https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/ ”
    Step 2:
    Now Extract scanner to c drive and set path in system environment variabls upto bin

    Step 3:
    Now download a project folder from “https://github.com/SonarSource/sonar-scanning-
    examples”
    Step 4:
    Extract the downloaded file and from that only take sonarQube-scanner project folder
    and keep in c drive.
    Step 5:
    sonarQube-scanner project folder has “sonar-project.properties” file and append
    following content.

    4
    Procedure of Static Code Analysis:

    Now open the command prompt and change the directory to sonarQube-scanner project
    folder and execute the command “sonar-scanner.bat”

    5
    The project code is successfully analysed and the result is shared to the SonarQube
    dashboard

    Now open the static code analysis report in the SonarQube server dashboard.It will show
    the parameters like

     No of bugs
     Vulnerabilities
     Code smell
     Duplicate lines and so on….
    All these can be observed in the below figure

    6
    7

    You might also like

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy