SonarQube 是一个用于代码质量管理的开放平台,通过插件机制,SonarQube 可以集成不同的测试
工具,代码分析工具,以及持续集成工具,例如 Hudson/Jenkins 等
官网:https://www.sonarqube.org/
部署 SonarQube
略…
![]()
jenkins 服务器部署扫描器 sonar-scanner
官方文档: https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
部署 sonar-scanner
顾名思义,扫描器的具体工作就是扫描代码,sonarqube 通过调用扫描器 sonar-scanner 进行代码质量分析
下载地址: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/
1 2 3 4 5
| [root@jenkins src]$unzip sonar-scanner-cli-4.6.0.2311.zip [root@jenkins src]$mv sonar-scanner-4.6.0.2311/ /usr/local/sonar-scanner [root@jenkins src]$vim /usr/local/sonar-scanner/conf/sonar-scanner.properties sonar.host.url=http://10.0.1.102:9000 sonar.sourceEncoding=UTF-8
|
准备测试代码
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
| [root@jenkins src]$unzip sonar-examples-master.zip ^C [root@jenkins src]$cd sonar-examples-master/projects/languages/php/php-sonar-runner [root@jenkins php-sonar-runner]$ll total 24 drwxr-xr-x 3 root root 4096 Mar 2 23:30 ./ drwxr-xr-x 4 root root 4096 Jul 25 2016 ../ -rw-r--r-- 1 root root 453 Jul 25 2016 README.md -rw-r--r-- 1 root root 331 Jul 25 2016 sonar-project.properties drwxr-xr-x 2 root root 4096 Jul 25 2016 src/ -rw-r--r-- 1 root root 272 Jul 25 2016 validation.txt [root@jenkins php-sonar-runner]$cat sonar-project.properties
sonar.projectKey=org.sonarqube:php-simple-sq-scanner sonar.projectName=PHP :: Simple Project :: SonarQube Scanner sonar.projectVersion=1.0
sonar.sources=src
sonar.language=php
sonar.sourceEncoding=UTF-8
|
在源代码目录执行扫描
在 sonar-project.properties 这个文件的目录下,执行 sonar-scanner 即可:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
| [root@jenkins php-sonar-runner]$ll total 24 drwxr-xr-x 3 root root 4096 Mar 2 23:30 ./ drwxr-xr-x 4 root root 4096 Jul 25 2016 ../ -rw-r--r-- 1 root root 453 Jul 25 2016 README.md -rw-r--r-- 1 root root 331 Jul 25 2016 sonar-project.properties drwxr-xr-x 2 root root 4096 Jul 25 2016 src/ -rw-r--r-- 1 root root 272 Jul 25 2016 validation.txt [root@jenkins php-sonar-runner]$ [root@jenkins php-sonar-runner]$/usr/local/sonar-scanner/bin/sonar-scanner INFO: Scanner configuration file: /usr/local/sonar-scanner/conf/sonar-scanner.properties INFO: Project root configuration file: /usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner/sonar-project.properties INFO: SonarScanner 4.6.0.2311 INFO: Java 11.0.10 Oracle Corporation (64-bit) INFO: Linux 4.15.0-136-generic amd64 INFO: User cache: /root/.sonar/cache INFO: Scanner configuration file: /usr/local/sonar-scanner/conf/sonar-scanner.properties INFO: Project root configuration file: /usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner/sonar-project.properties INFO: Analyzing on SonarQube server 7.9.5 INFO: Default locale: "en_US", source code encoding: "UTF-8" INFO: Load global settings INFO: Load global settings (done) | time=225ms INFO: Server id: 3B6AA649-AXfye5RyEWrAjeeRmPxd INFO: User cache: /root/.sonar/cache INFO: Load/download plugins INFO: Load plugins index INFO: Load plugins index (done) | time=126ms INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2. INFO: Load/download plugins (done) | time=3633ms INFO: Process project properties INFO: Execute project builders INFO: Execute project builders (done) | time=18ms INFO: Project key: org.sonarqube:php-simple-sq-scanner INFO: Base dir: /usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner INFO: Working dir: /usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner/.scannerwork INFO: Load project settings for component key: 'org.sonarqube:php-simple-sq-scanner' INFO: Load quality profiles INFO: Load quality profiles (done) | time=293ms INFO: Load active rules INFO: Load active rules (done) | time=3061ms WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings. INFO: Indexing files... INFO: Project configuration: INFO: Load project repositories INFO: Load project repositories (done) | time=19ms INFO: 1 file indexed INFO: Quality profile for php: Sonar way INFO: ------------- Run sensors on module PHP :: Simple Project :: SonarQube Scanner INFO: Load metrics repository INFO: Load metrics repository (done) | time=134ms WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by net.sf.cglib.core.ReflectUtils$1 (file:/root/.sonar/cache/866bb1adbf016ea515620f1aaa15ec53/sonar-javascript-plugin.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of net.sf.cglib.core.ReflectUtils$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release INFO: Sensor JaCoCo XML Report Importer [jacoco] INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=12ms INFO: Sensor JavaXmlSensor [java] INFO: Sensor JavaXmlSensor [java] (done) | time=7ms INFO: Sensor HTML [web] INFO: Sensor HTML [web] (done) | time=144ms INFO: Sensor PHP sensor [php] INFO: 1 source files to be analyzed INFO: 1/1 source files have been analyzed INFO: No PHPUnit test report provided (see 'sonar.php.tests.reportPath' property) INFO: No PHPUnit coverage reports provided (see 'sonar.php.coverage.reportPaths' property) INFO: Sensor PHP sensor [php] (done) | time=1652ms INFO: Sensor Analyzer for "php.ini" files [php] INFO: Sensor Analyzer for "php.ini" files [php] (done) | time=26ms INFO: ------------- Run sensors on project INFO: Sensor Zero Coverage Sensor INFO: Sensor Zero Coverage Sensor (done) | time=21ms INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it. INFO: Calculating CPD for 1 file INFO: CPD calculation finished INFO: Analysis report generated in 189ms, dir size=83 KB INFO: Analysis report compressed in 17ms, zip size=14 KB INFO: Analysis report uploaded in 1437ms INFO: ANALYSIS SUCCESSFUL, you can browse http://10.0.1.102:9000/dashboard?id=org.sonarqube%3Aphp-simple-sq-scanner INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://10.0.1.102:9000/api/ce/task?id=AXfzlFbUEMwg_dNR3M3w INFO: Analysis total time: 13.302 s INFO: ------------------------------------------------------------------------ INFO: EXECUTION SUCCESS INFO: ------------------------------------------------------------------------ INFO: Total time: 21.257s INFO: Final Memory: 8M/40M INFO: ------------------------------------------------------------------------ [root@jenkins php-sonar-runner]$
|
web 看测试结果:
![]()
jenkins 执行代码扫描
上面是命令行执行 sonar-scanner 命令进行测试,可以结合 jenkins 进行测试,无非就是将命令写到脚本里,让 jenkins 自动执行