Evil geniuses and world domination are 2 of our goals... we also like Dr Who

How good is your code

no comment

In the last post about making the magic work I discussed how to get continuous integration working with the selfietorium project, and getting it building and deploying a deb file.

This time I’m talking about measuring code quality through SonarQube and Codacy.

At (real) work, we’re planning on using SonarQube to measure code statistics – its a tool that will tell you whether your variable names match coding standards, or whether your code is duplicated, or has unused references etc.  But I found out that SonarSource host an instance of SonarQube that can be used to analyse open source projects.  As selfietorium is an open source project, I signed up.

For those looking to a more private solution, then it is possible to run your own sonarqube server, and that might be a topic for a future post – but for now I’m going to set up SonarQube.com to analyse selfietorium.

Logging on to SonarQube :

SonarQube uses github authentication, so connecting is easy. Once you are logged in you’ll need to create a security token.  SonarQube works by having code pushed to it – so in the previous blogpost we used Travis CI to push the code to SonarQube.  To make this happen we need a security token.

To create a security token :

Once you have authenticated with SonarQube and logged on, click your name in the top right of the page, and select “My Account”.

  • From here click “Security”
  • Click Generate to generate a token – give your token a suitable name.  Once your token is generated make a note of it – you are going to need it later.

Back in Travis CI, the sonar-scanner line instructs a plug in to push the code to sonarqube using the configuration section and a new file that needs to be added to the project root:


Selfietorium’s configuration file can be found here.  SonarQube does have documentation about setting up the properties file, and it isn’t hard to set up.

We can now use the token we got from SonarQube to tell Travis-CI what to authenticate itself as.  This is stored in the environment variables section, using the techniques I touched on in previous post, in particular the section on “Keeping Secrets”

Next time you build your project, it will be pushed to SonaqQube (along with the sonar-project.properties), and analysis performed against the code.

SonarQube is a great tool, but it doesn’t give us what we really want – a nice graphic we can add to our project read me – after all, that’s what’s important right?

Using Codacy

Ggenerating the markup for the all important badge.

Like SonarQube, Codacy uses github for authentication.  To set up a project for analysis, it’ just a case of clicking your project and clicking go.  It’s a much simpler setup that SonarQube.  Getting that all important badge is also a breeze.  Click on the Settings button from the dashboard.
From here you can generate markup for different documentation systems including html, rst, and markdown.  Just copy the Markdown and paste it into the appropriate document on your github repository and now you’ll get a badge rewarding you for making the code better.


Comments are closed.