The prototype has support for a subset of Apex language grammar, that means there might be errors during analysis of Apex classes. The support for the whole grammar (Apex classes, triggers and SOQL support) is in progress, and hopefully be ready (grammars and rules ) by end of June 2016.
The plug-in enables analysis of Apex source code with SonarQube.
Note: It's recommended to compile apex plug-in from a stable release or the develop branch
-
Install SonarQube Server (see Setup and Upgrade for more details).
-
Install SonarQube Scanner and be sure your can call sonar-runner from the directory where you have your source code.
-
Install Apex Plug-in (see Installing a Plugin for more details).
-
Create a sonar-project.properties file at the root of your project (a sample project, available on GitHub).
-
Run sonar-runner command from the project root dir.
-
Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI (see: Browsing SonarQube).
To build a SonarQube plug-in, you need Java 8 (or greater) and Maven 3.1 (or greater).
Enforce plug-in divides its structure in the following modules:
enforce-sonarqube-plugin
| - apex-checks
| - apex-squid
| - sonar-apex-plugin
/
apex-checks: Represents all sonarqube rules for analyze Apex language.
apex-squid: Represents to static source analyzer, which provides an AST.
sonar-apex-plugin: Represents to implementation of sonarqube plugin for Apex language.