Skip to end of metadata
Comment: Usage
Go to start of metadata
You are viewing an old version of this page. View the current version. Compare with Current ·  View Page History
<< Previous Version 21 Next >>

Name 

CXX Plugin 

Authors 

François DORIN, Franck BONIN, Vincent HARDION

Jira 

http://jira.codehaus.org/browse/SONARPLUGINS/component/14579

State 

Under development 

License 

LGPL v3 

Download sources 

http://svn.codehaus.org/sonar-plugins/trunk/cxx/ 

Download jar 

 

Description / Features

This plugin adds basic support of C++ language into Sonar.

Current feature list:

  • Basic size metrics:
    • Files (number of)
    • Lines
    • Lines of comments
    • Lines of code
    • Lines of commented out code
  • Static code checking via Cppcheck, RATS and Vera++
  • Dynamic checking for memory management problems via Valgrind
  • Cyclomatic (McCabe) complexity metrics including: 
    • Projects complexity
    • Average function/method complexity
    • Average file complexity
    • Complexity distributions
  • Code coverage metrics including:
    • Line coverage
    • Branch coverage
    • An aggregated coverage measure
  • Unit test execution metrics including:
    • Successfully executed tests
    • Failed tests
    • Skipped tests
    • Execution time
  • Recognition of code duplication
  • Basic highlighting mode for C++ in Sonar UI

Dependencies

The Cxx-Plugin has an obligatory dependency on Java (of course... the plugin itself and all runners are Java programs).

Moreover, there are optional dependencies on:

  • Various external code analyzers:
    • Cppcheck. Detects a wide range of problems ranging from performance issues and resource leakage to undefined behaviour. Binary packets are available on/for various platforms. Using the latest release pays off in general; compile from source if in doubt.
    • RATS. Detects (potential) security problems in code, sensible for code bases with increased security requirements. Use binary packages or compile from source.
    • Vera++. Focuses on code style issues. There's a binary package for Windows, users of other platforms are likely to compile themselves.
    • Valgrind (memcheck). Detects various memory management problems at runtime. Basically Linux only; just use the packages from your distribution.
    • CppNcss. Provides cyclomatic (McCabe) complexity measures. This is a Java program distributed as a zip archive. Just unpack and make sure the "bin" directory is in PATH.
  • GCCgcov, gcovr and Python for coverage determination. Install Python and place the script somewhere on the PATH.
      

Installation

 

  1. Copy the jar-archive into <sonar home>/extensions/plugins/ directory
  2. Restart the Sonar web server


 

Configuration

 

Cxx plugin uses the following properties during analysis. See here for the ways how to pass them to the plugin.

 

 

Property

Scope

Example

Description

sonar.cxx.suffixesSystem- and/or project-wide.C,.h

Comma separated list of file name extension to be considered as C++ source files during analysis. Leave unset to use the default ("cxx,cpp,cc,h,hxx,hpp,hh")

sonar.cxx.cppcheck.reportPathProject-widecppcheck-report-*.xml

Ant pattern describing the path to Cppcheck reports, relative to projects root. Leave unset to use the default ("cppcheck-reports/cppcheck-result-*.xml").

sonar.cxx.cppncss.reportPathProject-widecppncss-report-*.xmlAnt pattern describing the path to CppNcss reports, relative to projects root. Leave unset to use the default ("cppncss-reports/cppncss-result-*.xml").
sonar.cxx.gcovr.reportPathProject-widegcovr-report-*.xmlAnt pattern describing the path to gcovr reports, relative to projects root. Leave unset to use the default ("gcovr-reports/gcovr-result-*.xml").
sonar.cxx.rats.reportPathProject-widerats-report-*.xmlAnt pattern describing the path to RATS reports, relative to projects root. Leave unset to use the default ("rats-reports/rats-result-*.xml").
sonar.cxx.valgrind.reportPathProject-widevalgrind-report-*.xmlAnt pattern describing the path to Valgrind reports, relative to projects root. Leave unset to use the default ("valgrind-reports/valgrind-result-*.xml").
sonar.cxx.vera.reportPathProject-widevera-report-*.xmlAnt pattern describing the path to Vera++ reports, relative to projects root. Leave unset to use the default ("vera++-reports/vera++-result-*.xml").
sonar.cxx.xunit.reportPathProject-widexunit-report-*.xmlAnt pattern describing the path to unit test execution reports, relative to projects root. Leave unset to use the default ("xunit-reports/xunit-result-*.xml").
sonar.cxx.xunit.xsltURLProject-widecppunit-1.x-to-junit-1.0.xsl

A name of a built in XSLT-file or an URL to an external one. Available builtins:

  • boosttest-1.x-to-junit-1.0.xsl         For transforming Boost-reports
  • cpptestunit-1.x-to-junit-1.0.xsl      For transforming CppTestUnit-reports
  • cppunit-1.x-to-junit-1.0.xsl            For transforming CppUnit-reports

Leave unset if no transformation should be used.

 

 

Usage

 

You can analyze your projects using the usual means (see this page for all available). All runners should work. See below for details how to do it for maven-, ant-, ant all-the-other-projects.

Maven projects

Doing sonar analysis on maven projects is quite simple and usually a matter of:

  • Setting a couple of properties in your pom
  • Get and install the cxx-maven-plugin
  • Make sure sonar-server is running

  • Start the analysis with "mvn sonar:sonar"

For details see the first sample project.

Ant projects

TODO

Project using miscellaneous build systems

Outside of the maven world the process of integration of a sonar analysis into your project is usually less straightforward but also more flexible. The rough pattern should remain the same independent of the environment:

  1. Run the analyzers which are of interest for you and store the results in a file somewhere underneatch the root directory of your project. Its usually convenient to put this into the build system; a shell script may be a good choice, too.

  2. Use the sonar-runner to trigger the Cxx plugin which parses the result files and feeds the data into sonar. The sonar runner requires some data to proceed which is usually provided via the "sonar-project.properties"-file in the projects root directory.

There may be a Step '0' too: "use your build system to make a build suitable for running the Step 1". This may be the case for collecting coverage statistict when using gcc+gcov, for example.

For details how to invoke the tools and tie it all together see the second sample project.

Known limitations

TBD

Changelog

0.0.1 initial release with RATS support.

0.0.2 internal developpement release (not available)

0.0.3 first release with Cppcheck, Cppncss, Vera++, Gcov and Valgrind support.

0.0.4 CppCheck reports generation, Full integration with cxx-maven-plugin (cxx maven, still for proposal, can be found here)

0.0.5 xslt for xunit, sonar plugin api 2.7,

Labels
  • None