Sonarqube and detekt

.env

@@ -5,6 +5,7 @@ DATABASE_URL=jdbc:postgresql:dc-project
 APP_PORT=8080
 OPENAPI_PORT=8181
 SONARQUBE_PORT=9002
+SONARQUBE_DB_PORT=5433
 
 ELASTIC_REST=9200
 ELASTIC_NODES=9300

.idea/dataSources.xml

@@ -13,5 +13,12 @@
       <jdbc-driver>org.postgresql.Driver</jdbc-driver>
       <jdbc-url>jdbc:postgresql://localhost:5432/test</jdbc-url>
     </data-source>
+    <data-source source="LOCAL" name="sonar@localhost" uuid="ee78beab-120d-4740-ad21-d4d9e2121d25">
+      <driver-ref>postgresql</driver-ref>
+      <synchronize>true</synchronize>
+      <jdbc-driver>org.postgresql.Driver</jdbc-driver>
+      <jdbc-url>jdbc:postgresql://localhost:5433/sonar</jdbc-url>
+      <working-dir>$ProjectFileDir$</working-dir>
+    </data-source>
   </component>
 </project>

.idea/runConfigurations/Sonarqube.xml

@@ -4,7 +4,7 @@
       <option name="executionName" />
       <option name="externalProjectPath" value="$PROJECT_DIR$" />
       <option name="externalSystemIdString" value="GRADLE" />
-      <option name="scriptParameters" value="-x test" />
+      <option name="scriptParameters" value="" />
       <option name="taskDescriptions">
         <list />
       </option>
@@ -15,7 +15,9 @@
       </option>
       <option name="vmOptions" value="" />
     </ExternalSystemSettings>
-    <GradleScriptDebugEnabled>true</GradleScriptDebugEnabled>
+    <ExternalSystemDebugServerProcess>true</ExternalSystemDebugServerProcess>
+    <ExternalSystemReattachDebugProcess>true</ExternalSystemReattachDebugProcess>
+    <DebugAllEnabled>false</DebugAllEnabled>
     <method v="2" />
   </configuration>
 </component>

Makefile

@@ -34,7 +34,7 @@ run-docker: ## Build and Run all docker services (alias: rd)
 rdd: run-docker-dependencies
 
 run-docker-dependencies: ## Build and Run dependencies docker services (alias: rdd)
-	docker-compose up -d --build openapi rabbitmq redis elasticsearch db
+	docker-compose up -d --build openapi rabbitmq redis elasticsearch db sonarqube_db sonarqube
 
 pm: publish-maven
 

build.gradle.kts

@@ -1,4 +1,5 @@
 import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar
+import io.gitlab.arturbosch.detekt.Detekt
 import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
 import org.owasp.dependencycheck.reporting.ReportGenerator
 import org.slf4j.LoggerFactory
@@ -32,8 +33,9 @@ plugins {
     id("com.github.johnrengelman.shadow") version "5.2.0"
     id("org.jlleitschuh.gradle.ktlint") version "9.4.1"
     id("org.owasp.dependencycheck") version "6.0.5"
-    id("org.sonarqube") version "2.7"
-    id("net.nemerosa.versioning") version "2.13.1"
+    id("org.sonarqube") version "3.1.1"
+    id("net.nemerosa.versioning") version "2.14.0"
+    id("io.gitlab.arturbosch.detekt") version "1.16.0-RC1"
 }
 
 application {
@@ -70,6 +72,7 @@ tasks.test {
     useJUnit()
     useJUnitPlatform()
     systemProperty("junit.jupiter.execution.parallel.enabled", true)
+    finalizedBy(tasks.jacocoTestReport) // report is always generated after tests run
 //    maxHeapSize = "1G"
 }
 
@@ -100,12 +103,38 @@ publishing {
 }
 
 jacoco {
-    toolVersion = "0.8.3"
+    toolVersion = "0.8.6"
+    applyTo(tasks.run.get())
+}
+tasks.register<JacocoReport>("applicationCodeCoverageReport") {
+    executionData(tasks.run.get())
+    sourceSets(sourceSets.main.get())
 }
-
 tasks.jacocoTestReport {
+    dependsOn(tasks.test)
     reports {
         xml.isEnabled = true
+        html.isEnabled = true
+    }
+}
+
+detekt {
+    buildUponDefaultConfig = true // preconfigure defaults
+//    config = files("$projectDir/config/detekt.yml") // point to your custom config defining rules to run, overwriting default behavior
+//    baseline = file("$projectDir/config/baseline.xml") // a way of suppressing issues before introducing detekt
+
+    reports {
+        html.enabled = true // observe findings in your browser with structure and code snippets
+        xml.enabled = true // checkstyle like format mainly for integrations like Jenkins
+        txt.enabled = true // similar to the console output, contains issue signature to manually edit baseline files
+        sarif.enabled = true // standardized SARIF format (https://sarifweb.azurewebsites.net/) to support integrations with Github Code Scanning
+    }
+}
+
+tasks {
+    withType<Detekt> {
+        // Target version of the generated JVM bytecode. It is used for type resolution.
+        this.jvmTarget = "11"
     }
 }
 

docker-compose.yml

@@ -4,9 +4,36 @@ version: '3.7'
 services:
   sonarqube:
     container_name: ${APP_NAME}_sonarqube
-    image: sonarqube
+    image: sonarqube:community
+    depends_on:
+      - sonarqube_db
     ports:
       - ${SONARQUBE_PORT}:9000
+    networks:
+      - sonarnet
+    environment:
+      SONAR_JDBC_URL: jdbc:postgresql://sonarqube_db:5432/sonar
+      SONAR_JDBC_USERNAME: sonar
+      SONAR_JDBC_PASSWORD: sonar
+    volumes:
+      - sonarqube_data:/opt/sonarqube/data
+      - sonarqube_extensions:/opt/sonarqube/extensions
+      - sonarqube_logs:/opt/sonarqube/logs
+      - sonarqube_temp:/opt/sonarqube/temp
+  sonarqube_db:
+    container_name: ${APP_NAME}_sonarqube_db
+    image: postgres:alpine
+    networks:
+      - sonarnet
+    environment:
+      POSTGRES_USER: sonar
+      POSTGRES_PASSWORD: sonar
+    ports:
+      - ${SONARQUBE_DB_PORT}:5432
+    volumes:
+      - sonarqube_postgresql:/var/lib/postgresql
+      # This needs explicit mapping due to https://github.com/docker-library/postgres/blob/4e48e3228a30763913ece952c611e5e9b95c8759/Dockerfile.template#L52
+      - sonarqube_postgresql_data:/var/lib/postgresql/data
 
   openapi:
     container_name: ${APP_NAME}_openapi
@@ -83,6 +110,16 @@ services:
       timeout: 2s
       retries: 20
 
+networks:
+  sonarnet:
+    driver: bridge
+
 volumes:
   db-data:
-  redis-data:
+  redis-data:
+  sonarqube_data:
+  sonarqube_extensions:
+  sonarqube_logs:
+  sonarqube_temp:
+  sonarqube_postgresql:
+  sonarqube_postgresql_data:

gradle.properties

@@ -6,5 +6,11 @@ logback_version=1.2.3
 koinVersion=2.0.1
 jackson_version=2.12.1
 cucumber_version=6.9.1
-systemProp.sonar.host.url=http://localhost:9000
-systemProp.sonar.login=1196e8015c20035f1aa91e881b95ce9d6e879c8a
+systemProp.sonar.host.url=http://localhost:9002
+systemProp.sonar.login=admin
+systemProp.sonar.password=sonar
+systemProp.sonar.projectKey=dc-project
+systemProp.sonar.projectName=DC Project
+systemProp.sonar.java.coveragePlugin=jacoco
+systemProp.sonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml
+systemProp.sonar.kotlin.detekt.reportPaths=build/reports/detekt/detekt.xml