This plugin enables publishing static and dynamic analysis reports of Ruby projects onto SonarQube 6.7+
The plugin currently supports the following services:
- Lines of code, Number of classes, Comment precentage
- Code Complexity (file complexity)
- Code Smells
- Code Coverage (line coverage)
- Coding Style Violations
It relies on standardized external tools: SimpleCov, SimpleCov-RCov, Metric_Fu and Rubocop in order to make the analysis and report the metrics which are then in turn published to SonarQube.
- Run
mvn installto produce thetarget/sonar-ruby-plugin-VERSION.jarplugin file - Place the plugin file into the
SONARQUBE_HOME/extensions/pluginsdirectory
Make sure the property sonar.language is set to ruby: sonar.language=ruby in the sonar-project.properties file as well as the sonar.exclusions and sonar.inclusions patterns
In order for the plugin to report on code coverage, the ruby project needs to be using simplecov-rcov
to generate a coverage report when you run your tests/specs, please see the gem's homepage here for installation
and usage instructions.
Generally, you will need to add to your test suite a snippet similiar to:
# Run simplecov code coverage for sonar integration
if( ENV['COVERAGE'] == 'on' )
# Include requirements
require 'simplecov'
require 'simplecov-rcov'
# Set formatter as rcov to support third-party plugin
SimpleCov.formatters = SimpleCov::Formatter::RcovFormatter
SimpleCov.start 'rails' do
add_group 'API', 'app/controllers/api'
end
endImportant: Do not change the output directory for the simplecov-rcov report, leave it as default, or code coverage will not be reported.
In order for the plugin to report on code complexity, metric_fu needs to be ran against the ruby project, which will generate a metric report. Please see the gem's homepage for installation and usage instructions.
Important: We recommend using metric_fu by running metric_fu -r --no-flog --no-flay --no-roodi --no-open which would analyze and report all of the metrics supported by the plugin. Such as Saikuro/Cane coverage, Cane issues, Hostpots, Code smells and more..
If you are using multiple testing frameworks or maintaining different testing
logical suits using the
command_name functionality in SimpleCov such as:
{
"Unit Tests": {
"coverage": {
"a.rb": [
1,
1,
null
]
},
"timestamp": 1489921705
},
"test:special_name": {
"coverage": {
"b.rb": [
1,
1,
null
]
},
"timestamp": 1489921744
}
}Use the sonar.ruby.coverage.testSuites property to set the correct tests aggregation method:
- null or "all": all suites will be published
- comma delimited test suite names: selected suits will be published
Rubocop is a Ruby community-driven static code analyzing tool, which is used ruby-style-guide for rules definition. So its very valuable to have those rules inside SonarQube.
Important: We recommend run rubocop as such rubocop -f json -o tmp/rubocop/report.json.
- Code Duplication
- Structural Analysis
- Code Debt
The github project pica/ruby-sonar-plugin, is where the ruby-sonar-plugin started, bringing basic project statistics.
It was then carried forward by GoDaddy-Hosting/ruby-sonar-plugin, bringing code coverage and code complexity as well as updating it to SonarQube 4.5.5 LTS.
We took this project as a reference point, updated to the latest SonarQube LTS v5.6.3, fixed broken sensor bugs, added code smells, added unit tests and refactored a large portion of the code base. Basically adding new functionality and cleaning the house.
We referenced the Java Sonar Plugin and the Python Sonar Plugin for the code coverage sensor and the static analysis reporting methodology.
This plugin has been tested with the following dependency versions:
- SonarQube 6.7
- SonarQube Runner 2.7 (or newer)
- metric_fu gem version 4.12.0 (latest at time of edit)
- simplecov 0.12.0
- simplecov-rcov 0.2.3
- rubocop 0.47.1