C/C++ Plugin for SonarQube


C/C++ Plugin Prerequisites
Plugin installation and configuration

  • Copy the sonar-cppdepend.jar from $CppDependInstallDir$/SonarQube to the $SonarQubeInstallDir$\extensions\plugins directory.

  • Define the repository where the CppDepend rules will be loaded to sonar, for that you have just to add the following line to the sonar.properties file configuration of Sonar.
    sonar.cppdepend.cdproj=C:/Intel/testsonar.cdproj

    The cdproj file is the cppdepend project created by the VisualCppDepend GUI.
    It's mandatory to define the sonar.cppdepend.cdproj configuration variable to load cppdepend rules inside SonarQube.

    Now you have to log as admin and activate these rules in the profile you want.



  • Restart the SonarQube server.
  • Execute $CppDependInstallDir$/SonarRunnerForCppDepend.exe "the .cdproj file to analyze "

    For example: SonarRunnerForCppDepend.exe C:\MyWorkspace\test.cdproj.
    SonarRunnerForCppDepend will analyze the cdproj file using CppDepend and launch the SonarRunner executable to load the results into SonarQube.
    Any other argument passed to the SonarRunnerForCppDepend after the cdproj file argument will be passed to the SonarRunner command.
      These two arguments are optionals, and they concern the "CppDepend Report Widget" and the "Abstractness vs Instability widget"
    • sonar.cppdepend.deploymentPath: Directory path where the cppdepend report will be copied.
    • sonar.cppdepend.deploymentUrl: URL of the directory where the cppdepend report is copied.

    For example if SonarQube is installed in C:\work\SonarQube and accessible by http://yourserver:9000 , you can execute the SonarRunner like this: SonarRunnerForCppDepend.exe C:\MyWorkspace\test.cdproj -Dsonar.cppdepend.deploymentPath="C:/work/sonarqube/web" -Dsonar.cppdepend.deploymentUrl="http://yourserver:9000"

Plugin features

  • Standard metrics: the plugin calculate all the standard SonarQube metrics.



  • Code duplication: The duplicaions are detected by the CPD tool embeded in SonarQube.



  • File dependencies: CppDepend detect all the dependencies between files and directories and load them to the SonarQube DSM.



  • Coverage: The plugin load the coverage result from Cobertura and Microsoft Visual Studio XML result files.
    However you have to set the path where the xml coverage files exist.
    SonarRunnerForCppDepend.exe C:\MyWorkspace\test.cdproj -Dsonar.cppdepend.coveragePath="c:\work\covearage"



  • CppDepend metrics: the plugin provides some useful design metrics like:

    Afferent coupling (Ca), Efferent coupling (Ce), Relational Cohesion(H), Instability (I), Abstractness (A), Distance from main sequence (D).

    These metrics could be added to the dashbord using the Custom Metrics Widgets



    And the metrics are available from the Design category:



  • CppDepend rules repository: After defining the sonar.cppdepend.cdproj in the sonar.properties file, the cppdepend rules repository will be added to the SonarQube rules.
    You have to log as admin in SonarQube to activate these rules in the profile you want.



  • Cppcheck rules repository: cppcheck is a powerful tool to detect C/C++ issues, it's embeded in CppDepend and all the cppcheck rules are added to the sonar rules.

    You have to log as admin in SonarQube to activate these rules in the profile you want.



  • CppDepend Widgets: The CppDepend SonarQube plugin provides some useful widgets to explore the CppDepend results:

    • Class Metrics widget:
      CppDepend calculate many interesting class metrics related to their design and implementation, some of these metrics could be discovered by this widget.



    • CQLinq queries widget:
      CQLinq is a powerful feature to create easily coding rules. To explore the results of the CQLinq queries, you have to create a CQLinq group named "Sonar Queries" in your jdproj file and add to it your queries:



      You have to define rules in this group, for that you have to add warnif count>0 at the beginning of your query:



      And add the Queries Widget in your SonarQube dashboard:



    • CppDepend report widget:



      With CppDepend you can cutomize your report as described here.
      To make this report accessible from SonarQube you have to pass these two arguments to SonarRunnerForCppDepend:
      • sonar.cppdepend.deploymentPath: Directory path where the cppdepend report will be copied.
      • sonar.cppdepend.deploymentUrl: URL of the directory where the cppdepend report is copied.

      For example if SonarQube is installed in C:\work\SonarQube and accessible by http://yourserver:9000 , you can execute the SonarRunner like this:
      SonarRunnerForCppDepend.exe C:\MyWorkspace\test.cdproj -Dsonar.cppdepend.deploymentPath="C:/work/sonarqube/web" -Dsonar.cppdepend.deploymentUrl="http://yourserver:9000"

    • Abstractness vs Instability widget:
      The Abstractness vs Instability diagram is very useful to detect the lack of abstractness in the most used projects.
      You can refer here for more detauls about this diagram.
      As described before for the CppDepend report widget, you have to define sonar.cppdepend.deploymentPath and sonar.cppdepend.deploymentUrl arguments.