sonarqube code coverage java example

In this article, I am going to explain how to use SonarQube source code analysis tool with JaCoCo code coverage library for a Spring Boot application.


For those who started with TDD (Test Driven Development), code coverage is an important tool to measure and know how much percentage of their source code is covered and tested with test cases developed including both unit and integration tests.

Why it is important?

Higher code coverage will increase the maintainability of the code. Also, with sonarqube we can write quality code as it warns about potential bugs, hot-spots, vulnerabilities, code smells and duplication in the code.

Installation and Running

We are going to install sonarqube with docker and run it as a docker image.

To download the sonarqube image, type below command in your command line.

docker pull sonarqube

Once downloaded, enter the below command in the command line to verify it is downloaded.

docker images

We will start the container based on the downloaded image and give it the name sonarqube with the following command.

docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube

Here, -d option is for detached mode (background) and we expose 9000 and 9092 ports to the host using same port numbers.

Now, we can see the sonarqube dashboard by navigating to http://localhost:9000.

By default, the username and password is admin. After you login for the first time, it will prompt you to change the password.

Default username : admin

Default password : admin

JaCoCo Maven configuration

JaCoCo is a one of the famous code coverage library available for java based applications. In order to add JaCoCo for the project, you have to add the following maven plugin to the pom.xml file of the project.

Please find my pom.xml file if you still can’t find the plugins section.

Test coverage Analysis

First we need to run test cases before sending the report to sonarqube server. We can run the tests with the following command.

mvn test

Once it executes successfully, we will send the report to sonar server which will let us analyze which parts of the code to be covered with many other detailed reports and stats.

To send the report to sonar server, run the following command

mvn sonar:sonar -Dsonar.login=admin -Dsonar.password=<PASSWORD> 

If you have changed the password, replace <PASSWORD> placeholder with your password.

Once this command executes successfully, you should be able to see the URL for the analysis report. You can click the link to see the report.

Or you can also navigate to http://localhost:9000 to view the report.

After navigation, you should be able to see the sonarqube dashboard like below with your project with different reports.

Excluding classes from code coverage

In the code coverage analysis we focus only about the classes that should be covered with unit and integration tests. We need to exclude the non required classes like configs from coverage analysis.

This can be done by adding the classes needed to be excluded in the properties section.


The above mentioned classes are excluded from code coverage.

Official website for sonarqube - SonarQube

Keep Experimenting 🔎 

Keep Learning 🚀

Post a Comment