Code Coverage with SonarQube and JaCoCo – 用SonarQube和JaCoCo进行代码覆盖

最后修改: 2021年 5月 17日

中文/混合/英文(键盘快捷键:t)

1. Overview

1.概述

SonarQube is an open-source and standalone service that gives an overview of the overall health of our source code by measuring code quality and code coverage.

SonarQube是一项开源和独立的服务,通过测量代码质量和代码覆盖率,对我们的源代码的整体健康状况进行概述。

In this tutorial, we’ll cover the process of measuring code coverage using SonarQube and JaCoCo.

在本教程中,我们将介绍使用SonarQube和JaCoCo测量代码覆盖率的过程。

2. Description

2.描述

2.1. Code Coverage

2.1.代码覆盖率

Code coverage, also called test coverage, is a measure of how much of the application’s code has been run in testing. Essentially, it’s a metric that many teams use to check the quality of their tests because it represents the percentage of the production code that has been tested and run.

代码覆盖率,也称为测试覆盖率,是衡量应用程序的代码在测试中被运行的程度。从本质上讲,它是许多团队用来检查其测试质量的指标,因为它代表了经过测试和运行的生产代码的百分比。

This gives development teams reassurance that their programs have been broadly tested for bugs and should be relatively error-free.

这让开发团队感到放心,他们的程序已经过广泛的错误测试,应该是相对无错误的。

2.2. SonarQube and JaCoCo

2.2.SonarQube和JaCoCo

SonarQube inspects and evaluates everything that affects our codebase, from minor styling details to critical design errors. This enables developers to access and track code analysis data ranging from styling errors, potential bugs and code defects, to design inefficiencies, code duplication, lack of test coverage and excess complexity.

SonarQube检查和评估影响我们代码库的一切,从微小的造型细节到关键的设计错误。这使开发人员能够访问和跟踪代码分析数据,范围包括造型错误、潜在的错误和代码缺陷,以及设计效率低下、代码重复、缺乏测试覆盖率和过度的复杂性。

It also defines a quality gate, which is a set of measure-based boolean conditions. Additionally, SonarQube helps us to know whether our code is production-ready or not.

它还定义了一个质量门,它是一组基于测量的布尔条件。此外,SonarQube帮助我们了解我们的代码是否可以生产。

SonarQube is used in integration with JaCoCo, a free code coverage library for Java.

SonarQube与JaCoCo集成使用,后者是一个免费的Java代码覆盖库。

3. Maven Configuration

3.Maven配置

3.1. Download SonarQube

3.1.下载SonarQube

We can download SonarQube from its official website.

我们可以从其官方网站下载SonarQube。

To start SonarQube, run the file named StartSonar.bat for a Windows machine or the file sonar.sh for Linux or macOS. The file is in the bin directory of the extracted download.

要启动SonarQube,在Windows机器上运行名为StartSonar.bat的文件,或在Linux或macOS上运行sonar.sh文件。该文件在解压下载的bin目录中。

3.2. Set Properties for SonarQube and JaCoCo

3.2.为SonarQube和JaCoCo设置属性

Let’s first add the necessary properties that define the JaCoCo version, plugin name, report path and sonar language:

让我们首先添加必要的属性,定义JaCoCo版本、插件名称、报告路径和声纳语言。

<properties>
    <!-- JaCoCo Properties -->
    <jacoco.version>0.8.6</jacoco.version>
    <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
    <sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
    <sonar.jacoco.reportPath>${project.basedir}/../target/jacoco.exec</sonar.jacoco.reportPath>
    <sonar.language>java</sonar.language>
</properties>

The property sonar.jacoco.reportPath specifies the location where the JaCoCo report will be generated.

属性 sonar.jacoco.reportPath指定生成JaCoCo报告的位置。

3.3. Dependencies and Plugins for JaCoCo

3.3.JaCoCo的依赖性和插件

The JaCoCo Maven plugin provides access to the JaCoCo runtime agent, which records execution coverage data and creates a code coverage report.

JaCoCo Maven插件提供了对JaCoCo运行时代理的访问,该代理记录执行覆盖数据并创建代码覆盖报告。

Now let’s have a look at the dependency we’ll add to our pom.xml file:

现在让我们看看我们将添加到pom.xml文件中的依赖性。

<dependency>
    <groupId>org.jacoco</groupId> 
    <artifactId>jacoco-maven-plugin</artifactId>
    <version>0.8.6</version>
</dependency>

Next, let’s configure the plugin that integrates our Maven project with JaCoCo:

接下来,让我们配置一下将我们的Maven项目与JaCoCo集成的插件。

<plugin>
    <groupId>org.jacoco</groupId>
    <artifactId>jacoco-maven-plugin</artifactId>
    <version>${jacoco.version}</version>
    <executions>
        <execution>
            <id>jacoco-initialize</id>
            <goals>
                <goal>prepare-agent</goal>
            </goals>
        </execution>
        <execution>
            <id>jacoco-site</id>
            <phase>package</phase>
            <goals>
                <goal>report</goal>
            </goals>
        </execution>
    </executions>
</plugin>

4. SonarQube in Action

4.行动中的SonarQube

Now that we’ve defined the required dependency and plugin in our pom.xml file, we’ll run mvn clean install to build our project.

现在我们已经在pom.xml文件中定义了所需的依赖和插件,我们将运行mvn clean install来构建我们的项目。

Then we’ll start the SonarQube server before running the command mvn sonar:sonar.

然后,我们将在运行mvn sonar:sonar命令之前,启动SonarQube服务器。

Once this command runs successfully, it will give us a link to the dashboard of our project’s code coverage report:

一旦这个命令运行成功,它将给我们一个链接,让我们看到项目的代码覆盖率报告的仪表板。

 

Notice that it creates a file named jacoco.exec in the target folder of the project.

注意,它在项目的目标文件夹中创建了一个名为jacoco.exec的文件。

This file is the result of the code coverage that will be further used by SonarQube:

这个文件是代码覆盖的结果,将被SonarQube进一步使用。

It also creates a dashboard in the SonarQube portal.

它还在SonarQube门户中创建了一个仪表板。

This dashboard shows the coverage report with all the issues, security vulnerabilities, maintainability metrics and code duplication blocks found in our code:

这个仪表板显示了覆盖率报告,包括所有问题、安全漏洞、可维护性指标和在我们的代码中发现的代码重复块。

5. Conclusion

5.总结

SonarQube and JaCoCo are two tools that we can use together to make it easy to measure code coverage.

SonarQube和JaCoCo是两个工具,我们可以一起使用,以方便测量代码覆盖率。

They also provide an overview of the overall health of the source code by finding code duplications, bugs and other issues in the code. This helps us to know whether our code is production-ready or not.

他们还通过发现代码中的代码重复、错误和其他问题来提供源代码整体健康状况的概览。这有助于我们了解我们的代码是否可以生产。

The complete source code for the article is available over on GitHub.

该文章的完整源代码可在GitHub上获得