Installation of SonarQube for Mule Pre-defined rules

Setup and Installation of SonarQube:

Prerequisite

  1. Java version 11 or 17 is compatible with the SonarQube and Maven should be installed.
  2. Link to download Maven (download the binary zip archive): https://maven.apache.org/download.cgi
  3. Link to download JDK 17: https://www.oracle.com/in/java/technologies/downloads/#java17
  4. Link to download SonarQube (Download the community edition): https://www.sonarsource.com/products/sonarqube/downloads/

Steps to follow

  1. Add the environment variables for Java, maven (if not added earlier), and SonarQube as shown below.
  2. After installing and adding the environment variables, run the windows batch command to check if the SonarQube is starting on your local machine.Navigate to the folder where the SonarQube is installed, in my case it is “C:\sonarqube-9.8.0.63668\bin\windows-x86-64“, open the command prompt and enter StartSonar.bat as shown below.
  3. Once the process is up, navigate to http://localhost:9000/, you can see the login page. (This means the setup is a success).

  4. login with username and password as admin
  5. Download the zip code for mule-sonarqube-plugin from the link: https://github.com/mulesoft-catalyst/mule-sonarqube-plugin and unzip the downloaded file to a directory of your choice.
  6. If you are on Mule4 runtime then you need to perform the following code modifications on the downloaded project code before building the plugin. This is to remove Mule3 references from the codebase.-open the MuleRulesDefinition.java under mule-sonarqube-plugin-master\src\main\java\com\mulesoft\services\tools\sonarqube\rule and comment out the following code.(In my case it is C:\Users\Kishore\Downloads\mule-sonarqube-plugin-master\mule-sonarqube-plugin-master\src\main\java\com\mulesoft\services\tools\sonarqube\rule)

    open the MuleQualityProfile.java under mule-sonarqube-plugin-master\src\main\java\com\mulesoft\services\tools\sonarqube\profile and comment out the following code.

    (In my case it is C:\Users\Kishore\Downloads\mule-sonarqube-plugin-master\mule-sonarqube-plugin-master\src\main\java\com\mulesoft\services\tools\sonarqube\profile)

  7. Save your changes and build the plugin with the below command in the command prompt of the downloaded project folder location.mvn clean package sonar-packaging:sonar-plugin -Dlanguage=mule

  8. Copy the generated jar file mule-validation-sonarqube-plugin-{version}-mule.jar (generated in the target folder of the downloaded project, in my case it is C:\Users\Kishore\Downloads\mule-sonarqube-plugin-master\mule-sonarqube-plugin-master\target) to sonar-home/extensions/plugins (in my case it is C:\sonarqube-9.8.0.63668\extensions\plugins)
  9. Copy the rules-4.xml from the src/test/resources of the download project (in my case it is C:\Users\Kishore\Downloads\mule-sonarqube-plugin-master\mule-sonarqube-plugin-master\src\test\resources) and place it in the sonar-home/extensions/plugins.
  10. Now start the SonarQube server (restart if already started i.e., close the earlier command prompt and start again) and wait for it to start (as in steps 6 and 7). If it fails, restart the system.
  11. Login and navigate to Administration->Configuration->General Settings->Languages->Select XML and delete the .xml extension from it and save it.
  12. navigate to Administration->Security ->Global Permissions and enable the Execute Analysis and Create for the Administrator.
  13. Open the settings.xml file in the maven->conf folder (in my case it is C:\apache-maven-3.8.6\conf) and add the following.– Under Profiles, add the following profile with your login and password<profile><id>sonar</id>

    <activation>

    <activeByDefault>true</activeByDefault>

    </activation>

    <properties>

    <!– Optional URL to server. Default value is

    http://localhost:9000 –>

    <sonar.host.url>http://localhost:9000</sonar.host.url>

    <sonar.login>yourusername</sonar.login>

    <sonar.password>yourpassword</sonar.password>

    </properties>

    </profile>

     

    -Under the pluginGroups, add the following pluginGroup

    <pluginGroup>org.sonarsource.scanner.maven</pluginGroup>

    Save the file

  14. To enable the SonarQube with any of your developed projects, add the <sonar.sources>src/</sonar.sources> (the directory from where to scan the files) in the <properties> of your pom.xml
  15. Open command prompt in the developed project location (in my case it is C:\Users\Kishore\AnypointStudio\studio-workspace\sample) and run the command belowmvn sonar:sonar

  16. After the build is successful, navigate to localhost:9000 and to projects on the top left side to see the results of your code.

Author: Madirgav Kishore Kumar

Software Engineer, ProwessSoft Software Services