devops-代码质量测试工具 SonarQube

谢清野
2023-12-01

官方网站:http://www.sonarqube.org/

1、准备

#1:安装数据库:使用 5.6 版本,不支持 5.5 的版本

#2:Mysql 数据库创建及授权:
#yum install vim gcc gcc-c++ wget autoconf net-tools lrzsz iotop lsof iotop bash-completion curl policycoreutils openssh-server openssh-clients postfix -y
#cd mysql-5.6.42-linux-glibc2.12-x86_64
#ln -sv /usr/local/src/mysql-5.6.42-linux-glibc2.12-x86_64 /usr/local/mysql
#useradd mysql -s /sbin/nologin 
#chown mysql.mysql /usr/local/mysql/ -R
#/usr/local/mysql/scripts/mysql_install_db --user=mysql --datadir=/data/mysql --basedir=/usr/local/mysql/
#cp /usr/local/src/mysql-5.6.42-linux-glibc2.12-x86_64/support-files/mysql.server /etc/init.d/mysqld
#cp my.cnf /etc/my.cnf
#chmod a+x /etc/init.d/mysqld 
#/etc/init.d/mysqld start
#ln -sv /usr/local/mysql/bin/* /usr/bin/
#mkdir /var/lib/mysql
#ln -sv /data/mysql/mysql.sock /var/lib/mysql/

#3:测试 mysql 连接:
# mysql -usonar -p123456 -h192.168.8.6

2、部署 SonarQube:

#1:编辑配置文件:
#sonar 依赖于 java 环境,而且 java 版本必须是 1.8 版本或更高,否则 sonar 启动失败
#6.7.X 版本的 sonar 需要调用 elasticsearch,而且默认需要使用普通用户启动
$ unzip sonarqube-6.7.6.zip
$ ln -sv /usr/local/src/sonarqube-6.7.6 /usr/local/sonarqube
$ grep "^[za-Z]" /usr/local/sonarqube/conf/sonar.properties
[root@s1 local]# grep "^[za-Z]" /usr/local/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://192.168.7.106:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
sonar.web.host=0.0.0.0
sonar.web.port=9000

#2:启动 sonarqube:
# /usr/local/sonarqube/bin/linux-x86-64/sonar.sh start
Starting SonarQube...
Started SonarQube.

#3:登录到 web 界面:
#点击有上角 login 登录,默认用户名密码都是 admin

#4:安装中文支持:
#/usr/local/sonarqube/extensions/plugins/ #插件本地路径安装中文插件:administration-system-update center-available,在后面的搜索框搜索插件名称,然后点install 安装;或 在 插 件 目 录 /usr/local/sonar/extensions/plugins 执 行以下命令:
# wget https://github.com/SonarQubeCommunity/sonar-l10nzh/releases/download/sonar-l10n-zh-plugin-1.11/sonar-l10n-zh-plugin-1.11.jar
#然后重启服务:
# /usr/local/sonarqube-6.7.6/bin/linux-x86-64/sonar.sh restart

#5:安装插件:
#安装各种语言插件:
Php
Java
Python

3、部署扫描器 sonar-scanner:

sonarqube 通过调用扫描器 sonar-scanner 进行代码质量分析,即扫描器的具体工作就是扫描代码:
下载地址:http://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner

#1:部署 sonar-scanner:
# unzip sonar-scanner-2.6.1.zip
# ln -sv /usr/local/src/sonar-scanner-2.6.1 /usr/local/sonar-scanner
# cd /usr/local/sonar-scanner/
# grep "^[a-Z]" conf/sonar-scanner.properties
sonar.host.url=http://localhost:8800
sonar.sourceEncoding=UTF-8
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://192.168.10.131:3306/sonar?useUnicode=true&character 
Encoding=utf8

#2:准备测试代码:
# cd /usr/local/src/
# unzip sonar-examples-master.zip
# cd sonar-examples-master
# cat projects/languages/php/php-sonar-runner/sonar-project.properties #以下是默认配置文件
# Required metadata
sonar.projectKey=org.sonarqube:php-simple-sq-scanner #key
sonar.projectName=PHP :: Simple Project :: SonarQube Scanner #项目名称,会显示在仪表盘
sonar.projectVersion=1.0 #版本
# Comma-separated paths to directories with sources (required)
sonar.sources=src #代码目录
# Language
sonar.language=php #语言格式为 php
# Encoding of the source files
sonar.sourceEncoding=UTF-8 #编码格式

#3:执行扫描:
# pwd
/usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner
#/usr/local/sonar-scanner/bin/sonar-scanner #手动在当前项目目录执行扫描,以下是扫描过程的提示信息,扫描的配置文件 sonar-project.propertie 每个项目都要有

#4:jenkins 关联到 SonarQube :
#首先安装插件,在 jenkins 插件安装界面安装 Sonar 插件 SonarQubePlugin
#其次配置 SonarQube server,系统管理-系统设置

#5:让 jenkins 关联到 Sonarscanner
#添加扫描器:系统管理-Global Tool Configuration

#6:配置扫描:
#选择自己的项目(demo)-构建-execute sonarqube scanner,将配置文件的内容修改成如下格式填写完成后点保存:
sonar.projectKey=test-demo1
sonar.projectName=test-demo1
sonar.projectVersion=1.0
sonar.sources=./
sonar.language=php
sonar.sourceEncoding=UTF-8

#7:配置项目进行扫描:

#8:构建项目并测试 sonar-scanner 是否生效:
#点击项目的立即构建,下图是执行成功的信息:
Started by user jenkinsadmin
Building remotely on slave-node1 in workspace /data/jenkins/slave/workspace/test-demo1
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url git@192.168.8.3:test-service/test-project.git # timeout=10
Fetching upstream changes from git@192.168.8.3:test-service/test-project.git
> git --version # timeout=10
using GIT_SSH to set credentials root private key
> git fetch --tags --progress git@192.168.8.3:test-service/test-project.git 
+refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/master^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision f231ddaaf0ba00bddf47ebd34abb0956e045c1a8 (refs/remotes/origin/master)
> git config core.sparsecheckout # timeout=10
> git checkout -f f231ddaaf0ba00bddf47ebd34abb0956e045c1a8
Commit message: "222"
> git rev-list --no-walk f231ddaaf0ba00bddf47ebd34abb0956e045c1a8 # timeout=10
[test-demo1] 
$ /data/jenkins/slave/tools/hudson.plugins.sonar.SonarRunnerInstallation/sonar_scanner/bin/sonarscanner -Dsonar.host.url=http://192.168.8.2:9000 -Dsonar.language=php -Dsonar.projectName=testdemo1 -Dsonar.projectVersion=1.0 -Dsonar.sourceEncoding=UTF-8 -Dsonar.projectKey=test-demo1 -
Dsonar.sources=./ -Dsonar.projectBaseDir=/data/jenkins/slave/workspace/test-demo1
INFO: Scanner configuration file: 
/data/jenkins/slave/tools/hudson.plugins.sonar.SonarRunnerInstallation/sonar_scanner/conf/sonarscanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 3.2.0.1227
INFO: Java 1.8.0_191 Oracle Corporation (64-bit)
INFO: Linux 3.10.0-862.el7.x86_64 amd64
INFO: User cache: /root/.sonar/cache
INFO: SonarQube server 6.5.0
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=74ms
INFO: User cache: /root/.sonar/cache
INFO: Load plugins index
INFO: Load plugins index (done) | time=9ms
INFO: Download sonar-csharp-plugin-5.10.1.1411.jar
INFO: Download sonar-python-plugin-1.8.0.1496.jar
INFO: Download sonar-java-plugin-4.12.0.11033.jar
INFO: Download sonar-l10n-zh-plugin-1.11.jar
INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest 
of l10n plugins since version #
INFO: Download sonar-scm-git-plugin-1.2.jar
INFO: Download sonar-flex-plugin-2.3.jar
INFO: Download sonar-xml-plugin-1.4.3.1027.jar
INFO: Download sonar-php-plugin-2.10.0.2087.jar
INFO: Download sonar-scm-svn-plugin-1.5.0.715.jar
INFO: Download sonar-javascript-plugin-3.1.1.5128.jar
INFO: Process project properties
INFO: Load project repositories
INFO: Load project repositories (done) | time=44ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=36ms
INFO: Load active rules
INFO: Load active rules (done) | time=655ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=90ms
INFO: Publish mode
INFO: Project key: test-demo1
INFO: ------------- Scan test-demo1
INFO: Load server rules
INFO: Load server rules (done) | time=59ms
INFO: Language is forced to php
INFO: Base dir: /data/jenkins/slave/workspace/test-demo1
INFO: Working dir: /data/jenkins/slave/workspace/test-demo1/.scannerwork
INFO: Source paths: .
INFO: Source encoding: UTF-8, default locale: en_US
INFO: Index files
WARN: File '/data/jenkins/slave/workspace/test-demo1/index.html' is ignored because it doesn't 
belong to the forced language 'php'
INFO: 0 files indexed
INFO: Sensor SonarJavaXmlFileSensor [java]
INFO: Sensor SonarJavaXmlFileSensor [java] (done) | time=1ms
INFO: Sensor Analyzer for "php.ini" files [php]
INFO: Sensor Analyzer for "php.ini" files [php] (done) | time=4ms
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=0ms
INFO: Sensor CPD Block Indexer
INFO: Sensor CPD Block Indexer (done) | time=0ms
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 89ms, dir size=20 KB
INFO: Analysis reports compressed in 66ms, zip size=5 KB
INFO: Analysis report uploaded in 278ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://192.168.8.2:9000/dashboard/index/test-demo1
INFO: Note that you will be able to access the updated dashboard once the server has processed the 
submitted analysis report
INFO: More about the report processing at 
http://192.168.8.2:9000/api/ce/task?id=AWdvj45lv3PDpp1Y9QlP
INFO: Task total time: 3.582 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 7.712s
INFO: Final Memory: 10M/172M
INFO: ------------------------------------------------------------------------
Finished: SUCCESS

#9:查看项目的构建历史:
#10:构建后操作:
#构建失败邮件通知管理员
#构建后执行其他 job
 类似资料: