Skip to main content

SonarQube Configuration For .NET Core Web API

When multiple developers are working on the same project, it's good to have a code review. SonarQube is a tool through which we can evaluate our code. Here, for demo purposes, we are going to evaluate the web API which is built on .NET Core.
Let's see step by step implementation.
In order to run SonarQube, we need to install JAVA in our local system.
 
Refer to the below link to download JAVA installer and install JAVA.
https://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html

Configure the 'PATH' system variable under environment variables

Go to Control Panel > System > Advanced System Settings, it will open the System Properties window.
Click on the "Environment Variables" button.
Click on the "View" button under User Variables.
Give the variable name as 'JAVA_HOME'.
The variable value will be your JDK path where you installed JAVA.
SonarQube Configuration For .NET Core Web API
Select path variable under system variable and click on the "Edit" button.
SonarQube Configuration For .NET Core Web API 
Add a new path as mentioned below and click the "OK" button.
SonarQube Configuration For .NET Core Web API
 

SonarQube Server Installation

    Download SonarQube from https://www.sonarqube.org/downloads/
    Extract it in one of your local drives like D:\sonarqube-7.6.
    Run the Command Prompt as Administrator. Go to the extracted path and run StartSonar.bat.
    SonarQube Configuration For .NET Core Web API 
    SonarQube server is started locally.
    In order to verify the same, browse http://localhost:9000 in the browser and you will be able to see the landing page of SonarQube.
    Default UserName and Password is admin,
    SonarQube Configuration For .NET Core Web API
     

    Creating a Project

      Click on the project in the main menu. Click on + button mentioned on the right side of the page and click on "Create New Project".
      SonarQube Configuration For .NET Core Web API 
      Provide the project key and display name.
      Click on the "Set Up" button.
      SonarQube Configuration For .NET Core Web API 
      Click on the "Generate" button to generate the token.
      SonarQube Configuration For .NET Core Web API 
      A token is generated and you can make a note of that for future use.
      SonarQube Configuration For .NET Core Web API 
      Click on the recently created project and click on "Overview".
      Provide the recently created token.
      In the next step, select your project language and click on "Download" to download the Scanner for MSBuild.
      SonarQube Configuration For .NET Core Web API
       

      Evaluate an Application by SonarQube

        Extract it in one of your local drives like D:\sonar-scanner.
        Run the Command Prompt as Administrator.
        Now, here, I am assuming that you have your application, i.e., Web API in .NET Core is ready. If you don't have and you want to test with SonarQube, then you can download any .NET Core Web API project from https://github.com/akshayblevel?tab=repositories
        Execute the below command sequentially.
        dotnet E:\sonar-scanner\SonarScanner.MSBuild.dll begin /k:"{token-created while creating project}"
        dotnet build D:\Akki\POC\DemoWebAPI\DemoWebAPI.sln
        dotnet E:\sonar-scanner\SonarScanner.MSBuild.dll end

        Check the evaluation result

        Run the SonarQube page http://localhost:9000 
        Click on your project and you will be able to see the code analysis result on the page like the number of bugs, vulnerabilities, code smells, code duplication etc.
        SonarQube Configuration For .NET Core Web API 
        Click on each link and you will get all the details with file and line numbers, it will also suggest the solution to resolve that. 

        Comments

        Post a Comment

        Popular posts from this blog

        PNR Status by web Scraping Method (ASP.NET) C#

        To Get the PNR Status by web Scraping Method Steps to Execute the Function Step 1 : Add the below method in your Form and Pass the PNR Number arguement public string GetPNRStatus( string sPNR) { string URI = "http://www.indianrail.gov.in/cgi_bin/inet_pnrstat_cgi.cgi" ; string Parameters = Uri .EscapeUriString( "lccp_pnrno1=" +sPNR+ "&submitpnr=Get Status" ); System.Net. HttpWebRequest req = ( HttpWebRequest )System.Net. WebRequest .Create(URI); //HTTP POST Headers req.ContentType = "application/x-www-form-urlencoded" ; req.Host = "www.indianrail.gov.in" ; //You can use your own user-agent. req.UserAgent = "Mozilla/5.0 (compatible; MSIE 7.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0) DELL;Venue Pro" ; req.Headers.Add( HttpRequestHeader .AcceptLanguage, "en-us,en;q=0.5" ); req.Headers.Add( HttpRequestHeader .AcceptCharset, "ISO-8859-1,utf-8;q=...
        20 comments
        Read more

        Authentication ASP.NET_SessionId (Session) along with AuthToken (GUID) cookie

        Authentication ASP.NET_SessionID (Session) along with AuthToken (GUID) cookie Introduction ASP.NET Session keeps track of the user by creating a cookie called  ASP.NET_SessionId  in the user browser. This cookie value is checked for every request to ensure that the data being served is specific to that user. In many applications, a Session variable is used to track the logged in user, i.e., if a session variable exists for that user, then the user is logged in, otherwise not. Background Whenever any data is saved into the Session, the  ASP.NET_SessionId  cookie is created in the user’s browser. Even if the user has logged out (means the Session data has been removed by calling the  Session.Abandon() or  Session.RemoveAll()  or  Session.Clear()  method), this  ASP.NET_SessionId  cookie and its value is not deleted from the user browser. This legitimate cookie value can be used by the hijacker to hijack the user session by g...
        Post a Comment
        Read more