Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/insideapp-oss/sonar-flutter

SonarQube plugin for Flutter / Dart
https://github.com/insideapp-oss/sonar-flutter

code-analysis coverage dart dartanalyzer flutter sonarqube sonarqube-plugin technical-debt tests

Last synced: 3 months ago
JSON representation

SonarQube plugin for Flutter / Dart

Host: GitHub
URL: https://github.com/insideapp-oss/sonar-flutter
Owner: insideapp-oss
License: other
Created: 2020-01-23T20:25:47.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2024-09-07T23:39:32.000Z (5 months ago)
Last Synced: 2024-09-08T20:32:44.004Z (4 months ago)
Topics: code-analysis, coverage, dart, dartanalyzer, flutter, sonarqube, sonarqube-plugin, technical-debt, tests
Language: Java
Homepage:
Size: 1.35 MB
Stars: 437
Watchers: 15
Forks: 80
Open Issues: 2
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE.md

Awesome Lists containing this project

awesome-list - insideapp-oss/sonar-flutter - SonarQube plugin for Flutter / Dart (Java)

README

![CI](https://github.com/insideapp-oss/sonar-flutter/workflows/CI/badge.svg)

[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=insideapp-oss_sonar-flutter&metric=sqale_index)](https://sonarcloud.io/summary/new_code?id=insideapp-oss_sonar-flutter)
[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=insideapp-oss_sonar-flutter&metric=coverage)](https://sonarcloud.io/summary/new_code?id=insideapp-oss_sonar-flutter)
[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=insideapp-oss_sonar-flutter&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=insideapp-oss_sonar-flutter)
[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=insideapp-oss_sonar-flutter&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=insideapp-oss_sonar-flutter)
[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=insideapp-oss_sonar-flutter&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=insideapp-oss_sonar-flutter)

# SonarQube plugin for Flutter / Dart

A plugin to enable analysis of Dart and Flutter projects into SonarQube.

## Features

| Feature | Supported |
|------------|-----------------------------------------------------------------|
| Size | YES |
| Issues | YES ([dartanalyzer](https://dart.dev/tools/dartanalyzer) rules) |
| Tests | YES |
| Coverage | YES |
| Complexity | YES |
| Syntax | YES |

The plugin is compatible with sonarQube 7.9+.

## Download

Checkout the [Releases](https://github.com/insideapp-oss/sonar-flutter/releases) page.

Changelog is available [here](https://github.com/insideapp-oss/sonar-flutter/blob/develop/CHANGELOG.md).

## Prerequisites

### Flutter SDK (when analyzing a Flutter project)

Install Flutter as explained on the official documentation page.

[Flutter Installation instructions](https://flutter.dev/docs/get-started/install)

### Dart

Dart is downloaded by the Flutter SDK in **$FLUTTER_HOME/bin/cache/dart-sdk**, however command lines are not on the path by default (dart must be on the path).

It is recommended to install Dart SDK separately as explained here : [Install the Dart SDK](https://dart.dev/get-dart) for more reliability in a CI/CD environment.

### sonar-scanner (requires Java)

Install sonar-scanner as explained in the official documentation.

[Installation instructions](https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/)

## Installation (on the server)

- Download the plugin binary into the **$SONARQUBE_HOME/extensions/plugins** directory.
- Restart the server.

## Project configuration

Create a **sonar-project.properties** file at the root with this content :

```properties
# Project identification
sonar.projectKey=flutter_rocks
sonar.projectName=Flutter Rocks
sonar.projectVersion=1.0

# Source code location.
# Path is relative to the sonar-project.properties file. Defaults to .
# Use commas to specify more than one file/folder.
# It is good practice to add pubspec.yaml to the sources as the analyzer
# may produce warnings for this file as well.
sonar.sources=lib,pubspec.yaml
sonar.tests=test

# Encoding of the source code. Default is default system encoding.
sonar.sourceEncoding=UTF-8

# Analyzer mode
# Can be:
# - DETECT (attempt to detect automatically) - default
# - MANUAL (an existing report needs to be provided)
# - FLUTTER (flutter analyze)
# - DART (dart analyze)
# - DARTANALYZER (dartanalyzer)
# sonar.dart.analyzer.mode=

# Allows reuse of an existing analyzer report when mode is MANUAL
# sonar.dart.analyzer.report.path=

# Analyzer report output mode
# Can be:
# - DETECT (attempt to detect automatically, requires Dart SDK on the PATH) - default
# - MACHINE (a new machine readable output that is available for Dart 2.12+)
# - LEGACY (attempts to parse human readable output from dart/flutter) - default
# sonar.dart.analyzer.report.mode=
```

*For a complete list of available options, please refer to the [SonarQube documentation](https://docs.sonarqube.org/latest/analysis/analysis-parameters/).*

### Use existing analysis options

The plugin uses its own analysis options file.
If `analysis_options.yaml` file already exists under the project root, it will be saved during the analysis and then restored to its initial state.

To disable this behavior and use the existing`analysis_options.yaml` file instead, add the following line to `sonar-project.properties` file :

```
# Use existing options to perform dartanalyzer analysis
sonar.dart.analyzer.options.override=true
```

### Multi-module sample

It is possible to analyze a project with multiple modules. For example a Dart generator library with an example.

```properties
sonar.projectKey=mylib
sonar.sourceEncoding=UTF-8

sonar.modules=mylib,mylib_generator,example

# mylib
mylib.sonar.sources=lib,pubspec.yaml
mylib.sonar.dart.analyzer.mode=MANUAL
mylib.sonar.dart.analyzer.report.mode=LEGACY
mylib.sonar.dart.analyzer.report.path=build/reports/analysis-results.txt

# mylib_generator
mylib_generator.sonar.sources=lib,pubspec.yaml
mylib_generator.sonar.dart.analyzer.options.override=false
mylib_generator.sonar.dart.analyzer.mode=MANUAL
mylib_generator.sonar.dart.analyzer.report.mode=MACHINE
mylib_generator.sonar.dart.analyzer.report.path=build/reports/analysis-results.txt

# example
example.sonar.sources=lib,pubspec.yaml
example.sonar.tests=test
example.sonar.exclusions=**/*/*.g.dart
example.sonar.dart.analyzer.options.override=false
example.sonar.dart.analyzer.mode=MANUAL
example.sonar.dart.analyzer.report.mode=LEGACY
example.sonar.dart.analyzer.report.path=build/reports/analysis-results.txt
```

## Run analysis

Use the following commands from the root folder to start an analysis:

```console
# Download dependencies
flutter pub get
# Run tests with User feedback (in case some test are failing)
flutter test
# Run tests without user feedback regeneration tests.output and coverage/lcov.info
flutter test --machine --coverage > tests.output

# Run the analysis and publish to the SonarQube server
sonar-scanner
```

## Using `dart_test.yaml`

Dart/Flutter support the use of a `dart_test.yaml` file to configure test behavior.
This file can be used to configure the test output format and location. More information can be found [here](https://github.com/dart-lang/test/blob/master/pkgs/test/doc/configuration.md).

```yaml
file_reporters:
json: build/reports/test-results.json
```

With this, it is no longer use the `--machine` switch or redirect the output.
It is currently not possible to configure the coverage out in this file.
You may follow and upvote these related issue if interested:
* Configuration option - https://github.com/dart-lang/test/issues/1361
* Dart coverage support - https://github.com/dart-lang/test/issues/1265

## Available options

All options are configurable in the SonarQube UI, via `sonar-project.properties` or `-D` parameters.

| Name | Options | Default | Description |
|----------------------------------------|--------------------------------------------------------------------------|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `sonar.dart.analyzer.mode` | DETECT|DART|FLUTTER|MANUAL|DARTANALYZER | `DETECT` | By default the plugin attempts to detect a fitting analyzer (`flutter analyze` or `dart analyze`) by parsing the `environment` from `pubspec.yaml`. This can be set to `MANUAL` to provide and existing report file. For compatibility with older Dart versions, this can be set to `DARTANALYZER`. |
| `sonar.dart.analyzer.options.override` | true|false | `true` | By default any local `analysis_options.yaml` will be replaced for the analysis. This can be prevented by setting this to `false`. |
| `sonar.dart.analyzer.report.mode` | DETECT|MACHINE|LEGACY | `DETECT` | The new machine readable output can be automatically detected if Dart SDK is available on the $PATH. |
| `sonar.dart.analyzer.report.path` | A file path | - | This is required if the analyzer mode is set to `MANUAL`. |
| `sonar.flutter.tests.reportPath` | Comma separated list of file paths (wildcard not supported) | `tests.output` | The path to the test report JSON file. |
| `sonar.flutter.coverage.reportPath` | A file path | `coverage/lcov.info` | The path to the test coverage file in LCOV format. |

## Contributing

Any help is welcome, and PRs will be greatly appreciated!

Please read [CONTRIBUTING](https://github.com/insideapp-oss/sonar-flutter/blob/develop/CONTRIBUTING.md) for more information.

## License

SonarQube Plugin for Flutter / Dart is released under the GNU LGPL v3 license. See the [LICENSE](https://github.com/insideapp-oss/sonar-flutter/blob/develop/LICENSE) file for more information.