I am a test automation engineer (java selenium), I want to use sonarqube community free edition for my test scripts review (Static code analysis to improve the code quality). Please guide me which version I need to install and also do let me know how can I create custom rules as per my test automation requirement for Java & XML languages.
Thanks for the info G Ann Campbell, As per your guidance I need to install Community Build (Free and open source for productivity & code quality) Release 25.4.0.105899 so that I can create the custom rules using below option,
Option 1. Adding XPath rules directly through the SonarQube Server web interface
Option 2. Writing a SonarQube Server plugin in Java that uses SonarQube Server APIs to add new rules.
I would like to proceed with adding custom rules via SonarQube Server web interface (Option 1), can you please provide me reference document/video links so that I can refer them.
Tried creating the custom rule (developing a plugin) but sonarqube is getting stopped once I put the generated jar file into plugins folder (C:SonarQube\sonarqube-25.3.0.104237\extensions\plugins). When we remove the jar file from the plugins folder, sonarqube will start normally.
Below are the configuration details: java 17.0.12 2024-07-16 LTS sonarqube-25.3.0.104237 - free community edition
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.example.sonar</groupId>
<artifactId>custom-java-rules-plugin</artifactId>
<version>1.0</version>
<packaging>jar</packaging>
<properties>
<java.version>17</java.version>
</properties>
<dependencies>
<!-- DO NOT use sonar-plugin-api directly in recent versions -->
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>java-custom-rules-example</artifactId>
<version>8.13.0.38826</version>
</dependency>
<dependency>
<groupId>org.sonarsource.api.plugin</groupId>
<artifactId>sonar-plugin-api</artifactId>
<version>11.1.0.2693</version>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- SonarQube Java Plugin API (for Java rules, AST and tree) -->
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>java-checks</artifactId>
<version>8.13.0.38826</version> <!-- Adjust to your exact version -->
</dependency>
<!-- SonarQube Java Plugin (for Java-specific custom rules) -->
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>sonar-java-plugin</artifactId>
<version>8.13.0.38826</version>
<scope>provided</scope> <!-- Match this version with your
SonarQube instance -->
</dependency>
<!-- Optional: Apache Commons Logging (if required by your custom
plugin) -->
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
<!-- Optional: SLF4J Logging (if required by your custom plugin) -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>2.0.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.10.1</version>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
Logs:
C:\SonarQube\sonarqube-25.3.0.104237\bin\windows-x86-64>StartSonar.bat
Starting SonarQube...
2025.05.07 14:20:21 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory C:\SonarQube\sonarqube-25.3.0.104237\temp
2025.05.07 14:20:21 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on [HTTP: 127.0.0.1:9001, TCP: 127.0.0.1:{}]
2025.05.07 14:20:21 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[ELASTICSEARCH] from [C:\SonarQube\sonarqube-25.3.0.104237\elasticsearch]: C:\Jdk17\jdk-17.0.12\bin\java -Xms4m -Xmx64m -XX:+UseSerialGC -Dcli.name=server -Dcli.script=./bin/elasticsearch -Dcli.libs=lib/tools/server-cli -Des.path.home=C:\SonarQube\sonarqube-25.3.0.104237\elasticsearch -Des.path.conf=C:\SonarQube\sonarqube-25.3.0.104237\temp\conf\es -Des.distribution.type=tar -cp C:\SonarQube\sonarqube-25.3.0.104237\elasticsearch\lib\*;C:\SonarQube\sonarqube-25.3.0.104237\elasticsearch\lib\cli-launcher\* org.elasticsearch.launcher.CliToolLauncher
2025.05.07 14:20:21 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
2025.05.07 14:20:38 INFO app[][o.s.a.SchedulerImpl] Process[es] is up
2025.05.07 14:20:38 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[WEB_SERVER] from [C:\SonarQube\sonarqube-25.3.0.104237]: C:\Jdk17\jdk-17.0.12\bin\java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=C:\SonarQube\sonarqube-25.3.0.104237\temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/sonar-application-25.3.0.104237.jar;C:\SonarQube\sonarqube-25.3.0.104237\lib\jdbc\h2\h2-2.3.232.jar org.sonar.server.app.WebServer C:\SonarQube\sonarqube-25.3.0.104237\temp\sq-process11890048630284081182properties
Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
2025.05.07 14:20:42 INFO app[][o.s.a.SchedulerImpl] Process[Web Server] is stopped
2025.05.07 14:20:42 INFO app[][o.s.a.SchedulerImpl] Process[ElasticSearch] is stopped
2025.05.07 14:20:42 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped