May 27, 2016

SonarQube, Jenkins & Swift Integration

SonarQube, Jenkins & Swift Integration

Continuous Integration (CI) systems really come into their own when working on larger projects with a team of developers. As each developer checks in their code, the app is built, unit tested and you even have the option of letting the business stakeholder get a copy of the app.

Experience will tell you that someone needs to be looking at the quality of the code to make sure your technical debt isn’t getting out of control. Software projects all suffer from the Second Law of Thermodynamics which states “that in every real process the sum of the entropies of all participating bodies is increased”. We can restate it for software engineering terms as something like “in every software project the technical debt is always increasing”.

There are ways to pay back the technical debt and decrease the entropy of your codebase or in other words increase its quality. Code reviews is one such option, but by there very nature reviews tend to be confrontational as people quite rightly get very defensive of their work. But there are other less confrontational ways of getting the same result. Tools such as Lint or better still SonarQube can reduce the emotions in a code review and make the process much more objective and get the team to focus on doing their job and delivering code. And thankfully we can automate these tools using our CI server.

SonarQube can grade your code and calculate metrics for the complexity, security of the code as well as a amount of time you’re going to need to pay back the technical debt on your code, see Figure 1. Note that unlike the Java version the Swift static code analyzer on SonarQube isn’t free.

Sonarqube dashboard calculator

Figure 1: SonarQube Dashboard

Installing SonarQube

  1. Download SonarQube and unzip the SonarQube distribution into /etc/sonarqube

  2. Download SonarQube scanner and install in /etc/sonar-runner

  3. Login to SonarQube on http://localhost:9090 (assuming you’re on the CI server) with the default System adminstrator credentials which are admin/admin

  4. Go to Setting->Update Center->Available Plugins->Languages->Swift, see Figure 2 and install the swift plugin

  5. Once the plugin is installed go to click on Installed Plugins in the Update Center.

  6. Go to Settings -> General Settings -> Licenses

  7. Enter the License Key in the Swift field and click “Save Licenses Settings”

  8. Download the SonarQube examples and unzip in /etc/sonar-examples

  9. In one terminal on the CI server start the console sudo /etc/sonarqube/bin/macosx-universal-64/sonar.sh console

  10. In another terminal cd to /etc/sonar-examples/project/languages/swift/swift-sonar-runner and run the sonar-runner as follows /etc/sonar-runner/bin/sonar-runner

Install Swift plugin for Sonarqube

Figure 2: Install Swift Plugin

The sample swift code is shown in Listing 1. It’s very simple but at least it will tell us if the Swift plugin is working.

let names = ["Chris", "Alex", "Ewa", "Barry", "Daniella"]

func backwards(s1: String, s2: String) -> Bool {
    return s1 > s2
}

var reversed = sorted(names, backwards);

if (true) { print(reversed) }

Listing 1: SonarQube example.swift code

Go back to the Dashboard, http://localhost:9090 and click on the Swift project. You should see a new dashboard for your project – see Figure 1 again. We’re doing great, our project is getting an A in the Software Quality Assessment based on Lifecycle Expectations metric or SQALE. We also only have a couple of issues. Click on the number under issues to see more information on what we need to fix.

Click on the example.swift file to drill down into the issues at a code level. SonarQube’s major issue is we should not put more than one statement on a line, see Figure 3.

SonarQube code issues with Swift

Figure 3: Code Issues reported by SonarQube with Swift

Now we’re ready to try it on our Calculator Project.

Adding SonarQube To Jenkins

Jenkins is our first choice Continuous Integration server here at RIIS. First time you set it up on a Mac can be a very frustrating afternoon or two. Thankfully there are some great tutorials out there that explain exactly how to do it so that you shouldn’t get too frustrated.

SonarQube can also be run as part of your Jenkins build. From the Jenkins Dashboard click on Manage Jenkins->Manage Plugins->Available. Search for and install the SonarQube plugin. Restart the server.

To configure your existing SonarQube server so Jenkins can see it, click on Manage Jenkins->Configure System. Scroll down to SonarQube servers, choose a name for your SonarQube install and enter a server URL – ideally a fully qualified domain name, see Figure 4.

SonarQube server configuration on Jenkins

Figure 4: SonarQube server configuration on Jenkins

Scroll down to SonarQube Scanner and add a name for your SonarQube instance, unclick the Install Automatically checkbox, add the SONAR_RUNNER_HOME and click Save, see figure 5.

SonarQube scanner configuration on Jenkins

Figure 5: SonarQube scanner configuration on Jenkins

Adding SonarQube To Project

Where SonarQube and Jenkins really shine is that they provide the ability for anyone with access to the Jenkins server to check in from time to time and see if the project quality is still on track. To set this up in Jenkins click on the project name in the Dashboard, click on configure and scroll down to Add Build step. Add Execute SonarQube scanner, see Figure 6.

Add SonarQube build step in Jenkins

Figure 6: Add SonarQube build step in Jenkins

Scroll down to Execute SonarQube Scanner and add the path to your SonarQube project properties file, see Figure 7.

Add path to SonarQube project properties file in Jenkins

Figure 7: Add path to SonarQube project properties file in Jenkins

The sonar-project.properties file has the following format, see Listing 2. Chose your own project key and name. In the example below the source is in the Calculator subfolder.

sonar.projectKey=riis.com:swift-calculator
sonar.projectName=Swift :: Calculator Project
sonar.projectVersion=1.0
sonar.sources=Calculator

Listing 2: sonar-project.properties file

Click on Build Now to build the project. If everything works you should be able to see your project’s SonarQube results by clicking on the SonarQube link which now appears on your Project Dashboard, see Figure 8.

Project calculator SonarQube quality gate

Figure 8: Link to SonarQube

The Dashboard for the Calculator project is shown in Figure 9. Thankfully we’re still getting an A and while there are a number of Major issues they turn out to be more formatting issues similar to the sample project. There are no Blocker or Critical issues.

Sonarqube dashboard calculator

This is Part 3 of a series, the other blogs can be found below.

Part 1 – Swift Unit Testing on Ubuntu
Part 2 – Swift Unit Testing in Xcode
Part 3 – SonarQube, Jenkins and Swift
Part 4 – Swift GUI Testing with XCUI
Part 5 – Mocking in Swift with Cuckoo