SoHist adds the following features to the SonarQube Community Edition:
- Better Comparability: SonarQube and possible plugins update over time so that the quality measurement approaches could change. That means, for your analysis, if you update SonarQube or plugins, the comparability of your code artifacts suffers.
- Historical Analysis at any time: Just consider whether you take over a system or have a long-term project that expects a SonarQube integration. How can you analyze the history of the related project? SonarQube focuses on the integration of "current" commits
- Flexibility: Maybe you only want to regard a specific time range of commits, analysis commits of (a) specific person(s) or a particular branch.
Warning: In its current state the Sohist is a prototype tool, that may lake in some functionalities and the setup will be improved in the ongoing months.
The Docker-Compose file defines 4 services: frontend, backend, sonarqube, and db. Frontend and backend are built from local Dockerfiles, while sonarqube and db are pulled from Docker-Hub. The frontend runs the web application, while the backend acts as the center layer between SonarQube, React and GitLab.
- Make sure that all related volumes, containers and images in Docker are deleted (starting with sohist_)
- Execute the docker-compose.yml with
docker compose up - Now you can access the following:
- The WebApp (Frontend) can be accessed via http://localhost:3000/.
- SonarQube is running on port http://localhost:9000/. It can be accessed (! after
initialization via WebApp) with
- Username:
admin - Password:
sohist
- Username:
- The Backend API is accessible via http://localhost:4040/.
The WebApp can be accessed via http://localhost:3000/.
To use the WebApp, follow these steps:
-
Fill out the
Inputform using the example provided. If the format is incorrect, an error message will appear. If all credentials are correct, the WebApp will load the necessary information from your GIT repository.- GIT-Url: Use
http://orhttps://. For example,https://git.uibk.ac.at. - Repository name: Include the repository name, without its path. For example,
my-sample-project. - Username: Use your username of the git repository. For example,
user1. - USER-Access-Token: The project access token alone is not sufficient, as the repository must be cloned. Use
the user access token for cloning. For example,
5w343fPXt1491P-lHrf.
- GIT-Url: Use
-
Before executing the historical code analysis, add properties that are necessary for your analysis for specific languages in the
backend/extra-sonarqube-properties.txt(see details Docs Sonarqube). -
Fill out the
Filter optionssection to specify the time range of commits to include, the committers whose commits should be included, and the specific branch to analyze. Run the analysis.
Once all included commits have been loaded, the analysis will be triggered in the backend. To view the results, switch to the Results inside view (located in the Header). From there, you can load the charts and view information about the significance of each commit.
Simply press the buttons provided to update and load the latest results in the charts of the analysis.
In addition, the Sonarqube instance can be accessed via http://localhost:9000/, wither username admin
und password sohist. The project name is equal to the repository-name.
- Demonstration(s) of SoHist: Dornauer Benedikt. (2023, March 9). Presentation of SoHist (1.0). Zenodo. https://doi.org/10.5281/zenodo.7713782
- Computations behind the Weighted Code Evolution Significance: Benedikt Dornauer. (2023). Computations behind the Weighted Code Evolution Significance (1.0). Zenodo. https://doi.org/10.5281/zenodo.7713698
- Code Analysis Tools compared: Benedikt Dornauer. (2023). Trend of Code Analysis Tools 2004 -2023 [Data set]. Zenodo. https://doi.org/10.5281/zenodo.783419