Be-Bound Code Review with SonarQube

Android Developers: Code Review with SonarQube

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn

When developing mobile apps, complexity increases as soon as you want to create something “out-of-the-box”.  On large projects, quality analysis tools are life savers. SonarQube is an open source platform for continuous inspection of code quality. Today, it supports more than 25 languages, but initially, SonarQube was developed to only analyze Java code. It has been extended since, and we are lucky it has the ability to analyze Android applications, especially through a plugin : Android Lint

SonarQube is a really great platform to start a continuous quality analysis. In projects, you will be able to monitor :

-Duplicated code
-Coding standards
-Unit tests
-Code coverage
-Code complexity
-Potential bugs
-Custom metrics

Monitoring can be done across languages, platforms, project and time, all while it’s running as a web server. Moreover it can be extended by plugins and integrated to your continuous integration flow, with Jenkins, etc.

This tutorial aims to introduce an easy way to test SonarQube locally, on your Android’s project.

Setup

In this tutorial, I introduce you to the latest version of SonarQube (5.1 at 17 June 2015) using a Linux machine. Please, be careful: with this configuration, your database will be embedded and it should be used for evaluation purposes only. According to SonarSource’s team, “The embedded database will not scale, it will not support upgrading to newer versions of SonarQube, and there is no support for migrating your data out of it into a different database engine.”

In your destination folder:

 

Ok, now we got Sonarqube on our local machine. Next, step, we launch SonarQube :

 

So, for me, it will be :

Wait for the “Process[web] is up” Don’t close your terminal during the session 😉

Now, open your browser and go to: http://localhost:9000/
And now you have the first page of SonarQube ! Yes, it’s… empty

Be-Bound Code Review with SonarQube

The login/password are by default :

admin
admin

We are finished with SonarQube setup. Easy, no? The next step will be to setup your build.gradle file to be able to launch the analysis.

1- Java Testing 

We begin with Java testing: by default, SonarQube is set to analyze Java project.

Open your Android project and add this to your build.gradle  :

I think it’s pretty clear, isn’t it?

Last step, in Android Studio, launch the following command  from your terminal window:

Until you get this kind of message :

Open your browser to:
http://localhost:9000/

And…

Code Review with SonarQubeCode Review with SonarQube

It’s really user friendly. You have major metrics on your project’s page, like duplications proportion or issues by criticality (Blocker, Critical, Major, Minor, Info). If you click these items, you can check the issues and you have clear explanations (how, where, why) along with examples of noncompliant code and suggestions for compliant solutions. It’s very useful during a stabilization phase. If your application can be built and if you have no issues -Blocker, Critical, Major, you are headed in the right direction! The next step should be unit testing, but I’ll save that for another tutorial.

2- Android Lint Testing

Now, we will set up SonarQube to be able to analyze Android’s project. Go to :

– Settings
– Update Center
– Available Plugins
– Android

Add this plugin. When it’s done, go to your terminal where SonarQube was started, and shut down the process [ctrl +c]. Restart with the same command that you used earlier :

Open your Android project and add this at your build.gradle:

 

Code Review with SonarQube

In Android Studio, launch the following command from your terminal window:

Until you have this message :

 

Now your project has been analyzed by SonarQube and Android Lint. Open your http://localhost:9000/ and check the results !

You can see the profile: Android Lint.

If you proceed to analyze day by day, you will be able to follow the progression of your code, with useful metrics like complexity ratio, etc, over time.

Enjoy discovering this new tool!


Leave a Reply