Are you in a hurry or just interested in hard facts? Jump to https://git.io/fjeX1 and adapt the changes to make your PHP project ready for SonarCloud.
Also: I stole the cover image from SonarCloud's Twitter Profile 🙈.
- What you'll need
- Set up a new project on SonarCloud
- Configure Travis CI
- Create a
- Create/Update the
- Push your changes and enjoy
- Bonus: Use SonarLint in your IDE
I had heard only good things about SonarQube before, but so far, I haven't used it myself:
- on my local computer, I was (and still am) very happy with the PHP Inspections Extended/Ultimate plugin (by @kalessil)
- in the cloud, I used PHPUnit and its Code Coverage on Travis CI in combination with Scrutinizer CI
- the time last time I checked, and if I remember correctly, I would have needed a local or remote SonarQube Server to be able to use it. 1
If you want to give SonarCloud a try as well, follow along as I set it up on gamez/duration, a small library that makes it a little easier to work with durations in PHP.
- A SonarCloud Account
- A git repository hosted on GitHub, BitBucket or AzureDevOps
- A SonarCloud Organization (this should be created automatically once you connect e.g your GitHub account)
- A CI environment (in this example, I'm using Travis CI)
On https://sonarcloud.io/projects, click on the the
+ in the upper right corner and select "Analyze new project"
In the following screen, select the git repository you want to connect, and click on "Set up"
The next page will display some information that you will need later - write them down or keep the window open for later reference:
- You can find the Project and Organization Keys in the right sidebar, they will be similar to
- The authentication token is used to identify you when an analysis is performed, click on "Generate" to generate one.
Click on "Continue" and optionally follow the instructions to download and use the sonar scanner locally for your project.
In your project's settings on Travis CI, configure a new environment variable named
SONAR_TOKEN and set its value to the token you've been given earlier. Make sure to keep the "Display value in build log" switch disabled.
Together with the previously configured token, the following settings will make the connection between your project and SonarCloud.
sonar.projectKey=<your project key> sonar.projectName=Your project Name sonar.sources=src sonar.tests=tests sonar.language=php sonar.sourceEncoding=UTF-8 sonar.php.coverage.reportPaths=coverage-report.clover sonar.php.tests.reportPath=test-report.xml
sonar.projectKeymust be the project key that you have received earlier
sonar.projectNamewill be the title of your project on SonarCloud. When in doubt, remove the line, and it will default to
sonar.sourcestells SonarCloud which files to actually analyze. Don't set this value to
., otherwise all files in your project will be analyzed, including the
vendorsdirectory, in case your project is Composer based
sonar.php.tests.reportPathpoint SonarCloud to the locations of the reports that will be created on Travis CI
In order to use SonarCloud on Travis CI, you need to make the following additions and changes to your
Enable the SonarCloud addon
addons: sonarcloud: organization: "<your organization key>" git: depth: false
Travis CI by default makes a shallow clone of a git repository. By configuring the depth to
false, we ensure that the full history is loaded, so that SonarCloud can determine which contributor made which change for the full lifetime of the project.
Let your test suite generate reports
script: - vendor/bin/phpunit -c phpunit.xml.dist --coverage-clover=coverage-report.clover --log-junit=test-report.xml
sonar-scanner after running your test suite
script: - vendor/bin/phpunit --coverage-clover=coverage-report.clover --log-junit=test-report.xml - sonar-scanner
.travis.yml file could now look like this:
language: php sudo: false php: - 7.1 - 7.2 - 7.3 cache: directories: - $HOME/.composer/cache addons: sonarcloud: organization: "<your organization key>" git: depth: false install: composer update --no-interaction --no-suggest --no-progress script: - vendor/bin/phpunit -c phpunit.xml.dist --coverage-clover=coverage-report.clover --log-junit=test-report.xml - sonar-scanner
Duration for PHP
Working with durations made easy.
Do you like to use
DateInterval to compute and work with durations? Me neither, so let's fix that!
You can install the package with Composer:
composer require gamez/duration
You can then use Duration:
<?php require 'vendor/autoload.php' use Gamez\Duration $duration = Duration::make('13 minutes 37 seconds') // or start with nothing $duration = Duration::none();
Supported input values
Duration::make('P13M37S'); Duration::make(new DateInterval('P13M37S'));
Duration::make('13:37'); // minutes:seconds Duration::make('13:37:37'); // hours:minutes:seconds
A textual notation is any value that can be processed by DateInterval::createFromDateString()
Duration::make('13 minutes 37 seconds');
When transformed, a…
Visit sonarlint.org to benefit from SonarQube's/SonarCloud's inspections as you write your code 🎉
I ❤️ good code quality, and am willing to go to great lengths to achieve it. But I also like convenience very very much, and to me, SonarCloud provides both - for me as a Developer, today has been one of the highlights of this year so far, and if you can benefit from this post, it makes me even happier.