Tuesday, July 18, 2017

Sonar Analysis with Pull request Raise part 2

Hello Guys,
Part - 2
Follow the link https://www.digitalocean.com/community/tutorials/how-to-install-jenkins-on-ubuntu-16-04
This link will help you in the installation of Jenkins on the server.
Part -3
Also follow the below link This will help you in the installation of SonarQube.
http://rathinavneet.blogspot.in/2017/05/install-sonarqube-on-ubuntu-part-1.html

Install github plugin in the sonarqube and in the jenkins install Sonarqube scanner plugin.


Open jenkins go to manage Jenkins in configure sonar Qube server as shown in figure.



Once the sonar qube is configured now start configuring the github-server in jenkins as shown in figure.

Now lets configure github pull request builder in jenkins.


and Thats it we are done with the integration of github with jenkins now we can configure the job.
which will automatically triggered when you raise a PR(pull request).
Optionally you can also configured Email alert.
That I will cover in the next article.


Wednesday, July 12, 2017

Sonar Analysis with Pull request Raise part 1.

Hello Guys,

In recent days one of my friend had ask me is it possible that when ever some one raise a pull request in the github repo.
ex. Assume i have  github repo called newrepo. Now whenever some one push his code into my repo I need to validate that code against some bench mark of quality and i also need to make sure that the code is of good quality and If it has any defect then I should get those in github comment on the pull request.
Its has to be done in  steps

  1. Create  a Github webhooks
  2. Generate personal access token with appropriate permissions .
  3.  Create a jenkins Job
  4. setup of Sonarqube
  5. Step up Quality gate for the Project (Optional)  
1. Create Github webhook.

In My case go to URL https://github.com/navneet-rathi/newrepo

Open your repository in that click on settings and in settings click on Webhooks or  goto URL.

https://github.com/navneet-rathi/newrepo/settings/hooks.

Replace newrepo with the name of your project repository.


click on add a Webhook and fill the details of your Jenkins server as shown in the picture.




 This web-hook will send an information about the Pull request  and  to trigger a jenkins job we need to create one more web hook as shown in below screenshot



and Thats It We are done with part 1
.
In next part  I will setup jenkins and remaining configuration and sonar changes  

Sunday, June 4, 2017

Getting started with Sonar part 3

Hello Guys,

This is the 3rd and last part of sonar series in which I will explain about how you can detect the pull request which is raise on github it is safe to merge with your main or master branch or not and it will also comment what are the reasons why is it not safe and it will comment on github so lets getting started. with it.
 so first thing first.

1. You have git repository setup
2. Standard sonar setup.

Now How we can active it.

So for testing we have a testing repository
https://github.com/navneet-rathi/sample-code-java.git

and we have a pull request raise for the repository for me the pull request raise we need to know the pull request no. which we can find out through the
   
from This I come to know that the pull request no is 2

you need to provide access the sonar so that it can write on your github. which is possible using personal access token which you will get using github you need to provide proper


I have given the below access it will give me a access code please note it down.

now its start to work.

I will use maven to check go to the project repository and fire the below command

mvn -Dsonar.analysis.mode=preview \
              -Dsonar.github.pullRequest=2 \
              -Dsonar.github.repository=navneet-rathi/sample-code-java \
              -Dsonar.github.oauth=<This token which you have previously noted down> \
              -Dsonar.host.url=http://localhost:9000 \
              -Dsonar.login=admin \
              -Dsonar.password=<your sonar password>

and thats it after this you will where it is feasible to merge the request or not if we merge what will be the consequence.

In my case its failed and the below is the reason.
  
Ohh yes guys below is the genral command 

mvn -Dsonar.analysis.mode=preview \
              -Dsonar.github.pullRequest=$PULL_REQUEST_ID \
              -Dsonar.github.repository=myOrganisation/myProject \
              -Dsonar.github.oauth=$GITHUB_ACCESS_TOKEN \
              -Dsonar.host.url=https://server/sonarqube \
              -Dsonar.login=$SONARQUBE_ACCESS_TOKEN or sonar username \
              -Dsonar.passord=$ Sonar Password
 
So thats it guys let me know if you want to know any thing more on this.

Sunday, May 14, 2017

Getting started with Basic sonar Use Part -2

Hello,

lets start with the sonar analysis we will do the analysis of sonarqube code itself.

first we will download or clone the code on local using below command.I have fork from the sonar repo so I will work on this you can do the same with sonarqube repo as well.

$ git clone https://github.com/navneet-rathi/sonarqube.git

After downloading the code from the github you will see its a maven project we have to install the maven first which is pretty straight forward.

after installing maven we need to change the directory and open then sonarqube directory by command

$ cd sonarqube

Lets start with clean and do analysis of sonarqube

$mvn clean sonar:sonar -Dsonar.host.url=http://localhost:9000 -Dsonar.login=admin -Dsonar.password=<your sonar password>

you can even use -X option with maven for debugging info.

and done then just wait and watch  and rest of work is done by maven and sonar.
you will see some thing after its start its  sonar who is doing analysis.



you can also see some thing like this if you have build breaker plugin install in your sonar.This plugin is useful when you are working with sonar and jenkins together.


Once the analysis is complete on the command line you can go to browser and login in the sonarqube and check the sonarqube code quality check for the project.


  

You can see some thing like this after the analysis is completed.So this is about the basic use of sonar with maven.In the net article i will show you how you can analysis the pull request in github using sonar if it is ok to merge or not.