SonarQube for iOS project (Swift)

readme.MD

Docker

• Download Docker Desktop from the offcial docker website

docker-compose up -d

Swift extension for SonarQube

SSH into the docker container using Docker Desktop

cd extensions/plugin

wget https://github.com/nishabe/sonar-swift/releases/download/0.4.4/backelite-sonar-swift-plugin-0.4.4.jar

Restart the SonarQube container

Sonar Scanner

Download Sonar scanner from the offical website and export it in the PATH OR brew install sonar-scanner

SonarLint

Install swiftlint using brew install swiftlint OR Download from the release from here: https://github.com/realm/SwiftLint/releases

Install slather

When the Fastlane script runs, it reads the coverage information using Slather, which will create an XML in Cobertura format.

sudo gem install slather

FastLane

Install fastlane if not installed using brew install fastlane OR sudo gem install fastlane

Init fastlane fastlane init

copy sonar-project.properties file in your project and change credentials

Usage

run sonar-scanner in the project folder

docker-compose.yml

version: "3"

services:
  sonarqube:
    image: sonarqube:lts-community
    depends_on:
      - db
    environment:
      SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
      SONAR_JDBC_USERNAME: sonar
      SONAR_JDBC_PASSWORD: sonar
    volumes:
      - sonarqube_data:/opt/sonarqube/data
      - sonarqube_extensions:/opt/sonarqube/extensions
      - sonarqube_logs:/opt/sonarqube/logs
    ports:
      - "9000:9000"
  db:
    image: postgres:12
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
    volumes:
      - postgresql:/var/lib/postgresql
      - postgresql_data:/var/lib/postgresql/data

volumes:
  sonarqube_data:
  sonarqube_extensions:
  sonarqube_logs:
  postgresql:
  postgresql_data:

Fastfile

# This file contains the fastlane.tools configuration
# You can find the documentation at https://docs.fastlane.tools

default_platform(:ios)

platform :ios do
    desc "Description for the lane"
    lane :metrics do
        scan(scheme: "Yummy", 
            code_coverage: true, 
            derived_data_path: "./DerivedData", 
            output_directory: "./sonar-reports",
            devices: "iPhone 13")
        
        slather(cobertura_xml: true, 
            jenkins: false, 
            scheme: "Yummy", 
            build_directory: "./DerivedData", 
            output_directory: "./sonar-reports", 
            proj: "./Yummy.xcodeproj")

        swiftlint(output_file: "./sonar-reports/swiftlint.txt", 
            ignore_exit_status: false)

        sonar
    end
end

sonar-project.properties

#
# Swift SonarQube Plugin - Enables analysis of Swift and Objective-C projects into SonarQube.
# Copyright © 2015 Backelite (${email})
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

sonar.host.url=http://localhost:9000
sonar.login=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

sonar.projectKey=Yummy-iOS
sonar.projectName=Yummy iOS

# Number version (can be found automatically in plist, just comment this line)
sonar.projectVersion=1.0
# Comment if you have a project with mixed ObjC / Swift
sonar.language=swift
# Project description
sonar.projectDescription=Project Description
# Path to source directories
sonar.sources=.
# Path to test directories (comment if no test)
# sonar.tests=testSonarTests,testSonarUITests
sonar.test.inclusions=**/*Test*/**
sonar.test.inclusions=*.swift
sonar.exclusions=**/*.xml,Pods/**/*,Reports/**/*

# Destination Simulator to run surefire
# As string expected in destination argument of xcodebuild command
# Example = sonar.swift.simulator=platform=iOS Simulator,name=iPhone 6,OS=9.2
sonar.swift.simulator=platform=iOS Simulator,name=iPhone 6,OS=12.2
# Xcode project configuration (.xcodeproj)
# and use the later to specify which project(s) to include in the analysis (comma separated list)
# Specify either xcodeproj or xcodeproj + xcworkspace
sonar.swift.project=Yummy.xcodeproj
#sonar.swift.workspace=testSonar.xcworkspace
# Specify your appname.
# This will be something like "myApp"
# Use when basename is different from targeted scheme. 
# Or when slather fails with 'No product binary found'
sonar.swift.appName=Yummy
# Scheme to build your application
sonar.swift.appScheme=Yummy
# Configuration to use for your scheme. if you do not specify that the default will be Debug
sonar.swift.appConfiguration=Debug
##########################
# Optional configuration #
##########################
# Encoding of the source code
sonar.sourceEncoding=UTF-8
# SCM
# sonar.scm.enabled=true
# sonar.scm.url=scm:git:http://xxx
# JUnit report generated by run-sonar.sh is stored in sonar-reports/TEST-report.xml
# Change it only if you generate the file on your own
# The XML files have to be prefixed by TEST- otherwise they are not processed
sonar.junit.reportsPath=sonar-reports/
# Lizard report generated by run-sonar.sh is stored in sonar-reports/lizard-report.xml
# Change it only if you generate the file on your own
sonar.swift.lizard.report=sonar-reports/lizard-report.xml
# Cobertura report generated by run-sonar.sh is stored in sonar-reports/coverage-swift.xml
# Change it only if you generate the file on your own
sonar.swift.coverage.reportPattern=sonar-reports/cobertura.xml
# OCLint report generated by run-sonar.sh is stored in sonar-reports/oclint.xml
# Change it only if you generate the file on your own
sonar.swift.swiftlint.report=sonar-reports/swiftlint.txt
# Change it only if you generate the file on your own
#sonar.swift.tailor.report=sonar-reports/*tailor.txt
# Paths to exclude from coverage report (surefire, 3rd party libraries etc.)
sonar.swift.excludedPathsFromCoverage=build,DerivedData,fastlane,Pods,reports,testSonarTests,testSonarUITests,xcov_output
sonar.swift.excludedPathsFromCoverage=.*Tests.*
##########################
# Tailor configuration #
##########################
# Tailor configuration
# -l,--max-line-length=<0-999>                  maximum Line length (in characters)
#    --list-files                               display Swift source files to be analyzed
#    --max-class-length=<0-999>                 maximum Class length (in lines)
#    --max-closure-length=<0-999>               maximum Closure length (in lines)
#    --max-file-length=<0-999>                  maximum File length (in lines)
#    --max-function-length=<0-999>              maximum Function length (in lines)
#    --max-name-length=<0-999>                  maximum Identifier name length (in characters)
#    --max-severity=<error|warning (default)>   maximum severity
#    --max-struct-length=<0-999>                maximum Struct length (in lines)
#    --min-name-length=<1-999>                  minimum Identifier name length (in characters)
sonar.swift.tailor.config=--no-color --max-line-length=100 --max-file-length=500 --max-name-length=40 --max-name-length=40 --min-name-length=4