SonarQube with Docker for Selenium Java Tests.
This is the extension of my previous article, https://medium.com/@Raghwendra.sonu/sonarqube-integration-with-web-automation-framework-developed-using-selenium-cucumber-java-91379fdeacc3
In this article, I am going to use Docker to setup SonarQube.
First of all, create a file — docker-compose.yml
version: "3"
services:
sonarqube:
image: sonarqube:6.7.1
container_name: sonarqube
restart: always
environment:
- SONARQUBE_JDBC_USERNAME=sonar
- SONARQUBE_JDBC_PASSWORD=password1
- SONARQUBE_JDBC_URL=jdbc:postgresql://db:5432/sonarqube
ports:
- "9000:9000"
- "9092:9092"
volumes:
- sonarqube_conf:/opt/sonarqube/conf
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_bundled-plugins:/opt/sonarqube/lib/bundled-plugins
db:
image: postgres:10.1
container_name: db
restart: always
environment:
- POSTGRES_USER=sonar
- POSTGRES_PASSWORD=password1
- POSTGRES_DB=sonarqube
volumes:
- sonarqube_db:/var/lib/postgresql
- postgresql_data:/var/lib/postgresql/data
volumes:
postgresql_data:
sonarqube_bundled-plugins:
sonarqube_conf:
sonarqube_data:
sonarqube_db:
sonarqube_extensions:Run, above file with docker-compose command, that will download all the necessary docker images and bring SonarQube server up and running at port 9000.
docker-compose up -d
Login to SonarQube with default user and password.
- username: admin
- password: admin
Create a new project,
and then create a token for your project,
here i am going to use, https://github.com/raghwendra-sonu/Selenium-Cucumber-TestNG-Maven project for SonarQube analysis. You can find the entire framework code here. You can clone my framework, modify the code, and start writing yours on top of it.
Now, Select the project language as Java and build tool as Maven.
Copy the command, and Modify this slightly as shown here.
mvn clean compile \
sonar:sonar \
-Dsonar.projectKey=SonarQube_With_Docker \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=59677c7eac254d4fe5163de6739f3f561aca8cbb
-Dsonar.test.inclusions=**/*test*/**SonarQube requires compiled code for Java. So we have added ‘clean compile‘ command. If SonarQube is running in a different machine, then update the command with the IP address of the SonarQube machine. We have also included our classes under test directory.
Run the command, It will compile, inspects the sources and push the results to SonarQube hosted at localhost.
You can further explore about metrics and find their definitions from below links:
https://docs.sonarqube.org/latest/user-guide/concepts/
https://docs.sonarqube.org/latest/user-guide/metric-definitions/
Analysis Report
Refresh the SonarQube page and you will see,
- We have 1 Bug, 7 Vulnerabilities and 42 code smells to fix which may take around 5 hours as per SonarQube.
- Click on the numbers to see them with details about the issues. In the project I have used, many Comments and System.out statements which caused these many issues. You may fix all these one by one.
- If you want SonarQube to exclude certain checks like System.out you can disable those checks. You can even write your custom rule.
- Once all the issues are fixed, run the same command again. Now SonarQube will reinspect your code & automatically close the issues.
- We can create a Jenkins job, to do this for us periodically for our code quality.
Summary:
I know that, our selenium test scripts are not going in production! But SonarQube integration will ensures that high quality code is built to verify the code created by developers. Also, It is important for our test scripts to meet industry quality standards. SonarQube helps us in doing that.
Closing Thoughts
Hope you found it useful! If you ever need my help, you can write in comments sections. Also, you can contact me through my personal website: www.QATechTesting.com or through my LinkedIn Profile.
