Jenkins+OCLINT+SONAR+搭建IOS静态代码扫描平台
@[TOC]Jenkins+OCLINT+SONAR搭建IOS静态代码扫描平台
Jenkins+OCLINT+SONAR+sonar-objective-c-plugin搭建IOS静态代码扫描平台
本文记录了我搭建公司IOS静态代码扫描环境的操作过程,差不多一步一坑吧,但好歹是成功运行了。
环境说明
Jenkins 2.176.3
oclint 0.13
SONARqube:6.2
sonar-objective-c-plugin: 0.6.3
找到跟自己soanrqube版本匹配的objc插件,真是个苦差事,我找到了4个版本的objc插件,只有这个是匹配的。
操作步骤
1.
- 编译安装objective-c plugin:
git clone https://github.com/Backelite/sonar-objective-c
cd sonar-objective-c/
./build-and-deploy.sh
将编译的结果拷贝到sonar安装目录:
cp backelite-sonar-objective-c-plugin-0.6.3.jar /home/sonar/sonarqube-6.2/extensions/plugins/
cd /home/sonar/sonarqube-6.2/extensions/plugins/
chown sonar:sonar backelite-sonar-objective-c-plugin-0.6.3.jar
-
重启sonar服务
/home/sonar/sonarqube-6.2/bin/linux-x86-64/sonar.sh stop
/home/sonar/sonarqube-6.2/bin/linux-x86-64/sonar.sh start -
在MAC OS上运行命令,产生oclint.xml :
baiyudeMac-mini:Mobile-iOS-Components-AnySignSignetAPP_staticscan_job baiyu$ cat genReport.sh
oclint-json-compilation-database – -report-type pmd
-rc LONG_LINE=200
-rc LONG_VARIABLE_NAME=30
-disable-rule ShortVariableName
-max-priority-1=100000
-max-priority-2=100000
-max-priority-3=100000 >> oclint.xml -
根据oclint.xml, 将结果保存到sonar库中:
if [ -f oclint.xml ]; then
echo “sonar.host.url=http://localhost:9000” >> sonar-project.properties
echo “sonar.login=admin” >> sonar-project.properties
echo “sonar.password=asdfaasdfasd” >> sonar-project.properties
echo “sonar.objectivec.oclint.report=oclint.xml” >> sonar-project.properties
sonar-scanner
fi -
上面结果会报错:
-
解决办法:
6.1 按照方法1, 删除掉oclint.xml中的报错信息,编写脚本rm_clang.py:
$ cat rm_clang.py
#!/usr/bin/python
import xml.etree.ElementTree as ET
import os
import sys
reload(sys)
sys.setdefaultencoding(‘utf8’)
os.system(‘mv oclint.xml oclint.xml.origin’)
tree = ET.ElementTree(file=‘oclint.xml.origin’)
root = tree.getroot()
del_items = []
for child in root:
for one in child:
if one.attrib[‘ruleset’] == “clang”:
print child.attrib[‘name’]
del_items.append(child)
break
for del_item in del_items:
root.remove(del_item)
tree.write(‘oclint.xml’)
运行该脚本后,重新执行上面:
./rm_clang.py
if [ -f oclint.xml ]; then
echo “sonar.host.url=http://localhost:9000” >> sonar-project.properties
echo “sonar.login=admin” >> sonar-project.properties
echo “sonar.password=asdfaasdfasd” >> sonar-project.properties
echo “sonar.objectivec.oclint.report=oclint.xml” >> sonar-project.properties
sonar-scanner
fi
6.2 修改rule文件:(验证通过)
/root/sonar-objective-c/sonar-objective-c-plugin/src/main/resources/org/sonar/plugins/oclint
在rules.txt增加如下规则:
在profile-oclint.xml中增加: