How to enable static code analysis in CircleCI?

Kumar · July 24, 2018, 8:59am

Can any help me how to enable Static code analysis in CircleCI.

Thanks in advance.

halfer · July 24, 2018, 9:02am

Not with that level of detail, no. What language are you using? What static code analysis tools have you found that would do the job locally? Have you got the analysis working locally?

Kumar · July 24, 2018, 9:17am

Code analysis means it display the result of code quality like in jenkins we have static code plugin is there once we enable the plug in it will display below details.
1.The total number of warnings in a job
2.A showing of the new and fixed warnings of a build
3.Trend Reports showing the number of warnings per build
4.Overview of the found warnings per module, package, category, or type
5.Detailed reports of the found warnings optionally filtered by severity (or new and fixed)

Same way is it possible to enable static code analysis in CircleCi?

Kumar · July 24, 2018, 9:39am

Hi Halfer,

Static code analysis means it will display the result of code quality like
1.The total number of warnings in a job
2.A showing of the new and fixed warnings of a build
3.Trend Reports showing the number of warnings per build
4.Overview of the found warnings per module, package, category, or type
5.Detailed reports of the found warnings optionally filtered by severity (or new and fixed)

In Jenkins we have Static code analysis plug is there once we enable the option it will display complete code quality result same way is there any option in CircleCI?

halfer · July 24, 2018, 6:37pm

Yes, I am familiar with what static code analysis is - I think perhaps you misunderstood my reply. My point was that your first post did not set out enough context for anyone to give a useful answer.

There is not a plugins system for CircleCI as far as I know. You can install and run anything you like that would run on Linux (or Mac OS X), using the run command detailed in the documentation. So, what tool do you wish to install, and what command would you run locally in order to get it to do an analysis? You will need to try something here (you will need an understanding of how to install things in your build OS - if you do not have that, consider getting a colleague to walk you through it).

There is an artefacts system for you to declare output files, so they are visible in the CircleUI list of builds.

Kumar · July 25, 2018, 4:43am

I need to configure sonarqube in my web application in CircleCI Can you please provide documentation link.and is there any sample application please provide that link as well.

halfer · July 25, 2018, 12:15pm

What console command would you run for Sonarqube to do a static analysis locally?

(Aside: I am fond of reminding people that doing continuous integration is hard, even with great tools like CircleCI. It is not copy-and-paste programming and there is not a tutorial or example for everything. Sometimes one has to just roll up one’s sleeves and write code from scratch).

Kumar · July 25, 2018, 7:43am

I have configured sonar qube in CircleCI when i ran build am getting below error

07:14:37.653 DEBUG: Create : /root/.sonar/cache/_tmp
07:14:37.653 DEBUG: Extract sonar-scanner-api-batch in temp...
07:14:37.659 DEBUG: Get bootstrap index...
07:14:37.659 DEBUG: Download: http://localhost:9000/batch/index
07:14:37.692 ERROR: SonarQube server [http://localhost:9000] can not be reached
07:14:37.692 INFO: ------------------------------------------------------------------------
07:14:37.692 INFO: EXECUTION FAILURE
07:14:37.692 INFO: ------------------------------------------------------------------------
07:14:37.693 INFO: Total time: 0.349s
07:14:37.716 INFO: Final Memory: 8M/905M
07:14:37.716 INFO: ------------------------------------------------------------------------
07:14:37.716 ERROR: Error during SonarQube Scanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:84)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:71)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:71)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:67)
	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:218)
	at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:156)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
	at org.sonarsource.scanner.api.internal.Jars.getBootstrapIndex(Jars.java:100)
	at org.sonarsource.scanner.api.internal.Jars.getScannerEngineFiles(Jars.java:76)
	at org.sonarsource.scanner.api.internal.Jars.download(Jars.java:70)
	at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:39)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:75)
	... 8 more
Caused by: java.net.ConnectException: Failed to connect to localhost/127.0.0.1:9000
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectSocket(RealConnection.java:222)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:146)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:186)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:121)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.newStream(StreamAllocation.java:100)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:179)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:63)
	at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:113)
	at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:98)
	at org.sonarsource.scanner.api.internal.Jars.getBootstrapIndex(Jars.java:96)
	... 12 more
Caused by: java.net.ConnectException: Connection refused (Connection refused)
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
	at java.net.Socket.connect(Socket.java:589)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.platform.Platform.connectSocket(Platform.java:124)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectSocket(RealConnection.java:220)
	... 32 more
Exited with code 1

halfer · July 25, 2018, 12:25pm

It is trying to contact localhost on port 9000, which is probably not the address of your central SonarQube installation. Do you have such a thing, and is the idea that this tool on CircleCI reports the results of the tests back to your server?

If so, you’d need to configure this URL in CircleCI so that it points to the correct server.

system · October 23, 2018, 12:26pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.