© 2008-2017, SonarSource S.A, Switzerland.
Except where otherwise noted, content in this space is licensed under a
Creative Commons Attribution-NonCommercial 3.0 United States License.

SONARQUBE is a trademark of SonarSource SA.
All other trademarks and copyrights are the property of their respective owners.

Description

SonarRuby detects bugs, vulnerabilities and code smells in Ruby code.

Additionally, coverage reports generated with SimpleCov can be imported. Users of Rubocop can also optionally import its findings in SonarQube .

First Analysis of a Ruby Project

1. Install SonarQube Server (see Setup and Upgrade for more details)
2. Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
3. Install SonarRuby (see Installing a Plugin for more details)

4. Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:

   sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.

5. Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI

Further Analyses

Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a sonar-project.properties file at the root of your project (see a sample project on GitHub: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner). Then subsequent analyses can simply be run with:

sonar-scanner

Advanced Usage

With SonarRuby, you can also:

• import SimpleCov coverage reports
• import Rubocop issues reports