Skip to content

Latest commit

 

History

History
153 lines (91 loc) · 6.28 KB

README.md

File metadata and controls

153 lines (91 loc) · 6.28 KB

Sonar Intellij Plugin

English | 简体中文

Sonar Intellij Plugin is an Intellij IDEA plugin, you can use Sonar Intellij Plugin in Intellij IDEA to perform Sonar code analysis on Java projects, view code analysis reports, and prompt problem codes. All you have to do is to bind SonarQube, and you can use all functions without leaving the IDE.

Support code analysis by scope, such as project files, module files, package files, changelist files, open files, and selected files. The report shows support for filtering and marking resolved issues.

SonarAnalyzer

Install

Sonar Intellij Plugin has been released to the JetBrains plugin marketplace, the latest version is v0.2.2.

Go to Settings / Plugins / Marketplace (under macOS isPreferences / Plugins / Marketplace), search plugin by keyword SonarAnalyzer then install SonarAnalyzer plugin:

sonar-intellij-plugin-install

After the plugin is installed successfully, restart the IDE to take effect.

Usage

Sonar Intellij Plugin uses SonarScanner to perform code analysis. SonarScanner needs to connect to the SonarQube server. Therefore, you need to make some necessary settings before using Sonar Intellij Plugin, and then perform code analysis on the project.

Settings

The plugin can be set at the IDE level and the Project level. Go to Settings / Tools / SonarAnalyzer (under macOS is Preferences / Tools / SonarAnalyzer) to set the plugin.

IDE level settings include:

  • Plugin language switch (currently supports Chinese and English)
  • Manage SonarQube connections (add, update, delete)
  • Manage global SonarScanner properties (add, update, delete)

Project level settings include:

  • Bind SonarQube connection for Project
  • Manage the SonarScanner properties used by the current Project (add, update, delete, and control whether to inherit the global SonarScanner properties)

SonarQube Connection

All SonarQube connections can be managed at the IDE level, and SonarQube connections can be added, deleted and updated.

Each SonarQube connection must provide a name, URL, and Token. Add SonarQube connection:

sonar-intellij-plugin-english-add-connection

In the Project level settings, you can specify the SonarQube connection to be bound for the Project:

sonar-intellij-plugin-english-project-settings

If the Project does not specify a SonarQube connection, the first SonarQube connection that has been added is used by default.

SonarScanner Property

When using SonarScanner inside the plugin, reasonable and complete properties have been used as much as possible, but you may still need to set some properties independently, but please note that the following properties do not support settings:

  • sonar.host.url
  • sonar.login
  • sonar.password
  • sonar.projectBaseDir
  • sonar.working.directory
  • sonar.java.source
  • sonar.tests
  • sonar.sources
  • sonar.java.libraries
  • sonar.java.binaries
  • sonar.sourceEncoding

The properties sonar.projectKey and sonar.projectName can use the placeholder <projectName> to represent the project name. The default sonar.projectKey and sonar.projectName values are SonarAnalyzer:<projectName>.

Add property:

sonar-intellij-plugin-english-add-property

You can manage properties at the IDE level and the Project level, add the properties required by all projects at the IDE level, and then you can set whether to inherit the properties added at the IDE level in the Project settings, and manage the special properties of the current Project:

sonar-intellij-plugin-english-project-settings

Analysis

Start Analysis

After setting the plugin, you can trigger the project code analysis in the following places:

  • The SonarAnalyzer menu in the context menu of the content in the Project Tool Window
  • The SonarAnalyzer menu in the context menu of the code editor
  • The start action button in the SonarAnalyzer Tool Window

Supported analyze scopes:

  • Project files
  • Module files
  • Package files
  • Changelist files
  • Open files
  • Selected files

After starting the code analysis, the plugin will start the code compilation, and then use SonarScanner to complete the code analysis after the compilation is successful. The entire operation log will be output in the Log of the SonarAnalyzer Tool Window:

sonar-intellij-plugin-english-log

Analysis Result

When the code analysis is completed, the complete analysis report will be displayed in the Report of the SonarAnalyzer Tool Window, and the problem code line will also be prompted in the editor:

sonar-intellij-plugin-tool-window

You can filter the issues by the following categories:

  • Type
    • Bug
    • Code Smell
    • Vulnerability
    • Security Hotspot
    • Duplication
  • Scope
    • Updated files
    • Not updated files
  • Resolution
    • Resolved
    • Unresolved

Contributing

Feel free to dive in! Open an issue or submit PRs.

License

GPL-3.0 © Yu Junyang