Code quality analysis tool SonarQube installation, use, Chinese, database configuration

I used to use Coding.net’s code quality analysis function, which is very useful, but I can’t find this function recently. . Although code quality analysis is still listed as a major feature on the website, there is no documentation or description of the feature, as if it has disappeared. . There was no response when I contacted customer service. .

Our need was to find a tool that could count code comment rates and analyze code quality for multiple programming languages. Tried several and finally decided to use SonarQube.

Next up

• How do I use SonarQube to analyze local projects
• How to install the Chinese package
• How do I change the database configuration

Installation and use

First, go to the official website to download the latest version. I downloaded V7.0. Start SonarQube server with Get Started in Two Minutes:

• Decompress (put it anywhere)
• Windows: In the decompressed folder, go to the bin directory and select the system, such as the one I selectedwindows-x86-64“, and then double-click directlyStartSonar.batStart the server.
• Open the page http://localhost:9000
• Click on the pageLog inButton login, account and password areadmin.

How do you analyze projects?

The first time you log in, you see the Tutorial, which prompts you to set up the tokens used to authenticate your identity. Generated tokens need to be copied and written down! It won’t be shown twice! You can either generate a new token (token) by going to User > My Accounts > Security, or reclaim an existing token.

If you want to enhance security and do not want to use the password of a real SonarQube user when performing a code scan or calling a Web Service, you can use a user token instead of a user login. This improves security by avoiding the need to transfer an analytic user’s password over the network.

Then select the main language of the project to be analyzed, as well as the current operating system, and define keys to identify the project.

You will then be prompted to download and install the scanner. And modify environment variables. For example, Windows needs to add the scanner’s bin directory to the %PATH% environment variable. Of course, the scanner will no longer need to be downloaded.

Now you can scan the project. Follow the instructions to copy the command and execute it in the directory of the project you want to analyze. For example, my command looks like this:

sonar-scanner.bat -Dsonar.projectKey=myproject -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000 - sonar. Login =(created token)Copy the code

When you see this output, the analysis is complete, and the page http://localhost:9000 automatically refreshes, you can view the analysis results.

To configure the scanner parameters for the item to rescan, simply execute the command above again. But it is troublesome to execute such a long order every time. Fortunately, the scanner can be configured. Just create a file sonar-project.properties under the directory you want to analyze. As follows:

# your authentication tokenSonar. Login =[previously generated token]# must be unique in a given SonarQube instanceSonar. ProjectKey = [key] project# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.Sonar. ProjectName =[projectName] sonar. ProjectVersion =1.0# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# This property is optional if sonar.modules is set. 
# Comma-separated paths to directories containing source files.
# restrict the path to be analyzed
sonar.sources=.

# Encoding of the source code. Default is default system encoding
sonar.sourceEncoding=UTF-8

# Set the language of the source code to analyze
Restrict the code language to be analyzed, such as JS.
# Default parsing for multiple languages if not set
sonar.language = js
Copy the code

Then start the scanner in the directory of the file sonar-project.properties, the directory you want to analyze. For Windows, run sonar-scanner.bat. For more information about scanner Parameters, see Analysis Parameters.

On the New project analysis page, go to Administration > Projects and click the create Project button in the upper right corner.

localization

We got the results and we’re still a little confused, okay? Don’t know what it means? Try installing the Chinese package: go to Administration > Marketplace on the page, type Chinese in the search box, a Chinese Pack will appear, click install button on the right. When the installation is successful, you will be prompted to restart the SonarQube server. Wait a moment and see that Chinese is already displayed on the page.

Configuring the Database

At the bottom of the page, the embedded database is suitable for the test environment. Data cannot be migrated to another database server in the future. There is also no way to upgrade SonarQube.

SonarQube’s default database is H2. We can configure it to other databases, such as MySQL, Oracle, etc.

For example, MySQL:

1. First make sure the database is installed and start the server.

2. Mysql -u root -p

3. Create database for SonarQube:

   CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
   CREATE USER 'sonar' IDENTIFIED BY 'password';
   GRANT ALL ON sonar.* TO 'sonar'@The '%' IDENTIFIED BY 'password';
   GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'password';
   FLUSH PRIVILEGES;
   Copy the code

4. Modify the SonarQube configuration file, in the decompressed directory, modify the conf\sonar.properties file, add three lines of configuration, or find the default Settings in the comments, uncomment and modify again. :

   Mysql > connect to mysql
   sonar.jdbc.username=root
   sonar.jdbc.password=123456
   The url of the database created in the previous stepsonar.jdbc.url=jdbc:mysql://localhost:3306/sonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
   
   Copy the code

   #—– mysql 5.6 or greater… . You can see the installation the Server in the official documentation for more information.

5. When the changes are complete, restart the SonarQube server. It will no longer prompt you to use the embedded default database at the bottom of the page.

Error starting SonarQube: the remote host forced an existing connection to close

1. If an error occurs during the initial startup, check whether the database version meets the requirements. For example, in my notes, it saysMySQL 5.6 or greater, so the MySQL database version cannot be less than 5.6.
2. On the premise that the version meets the requirements, I encountered another situation. When I started SonarQube for the first time, the console reported an error and blinked. In this case, check that the MySQL server is started and the database can connect.

At the end

So that’s how you get started with SonarQube. It still has a lot of power to discover.

I think it’s really important for developers to have good tools. Finding the right tools can improve productivity and development quality later on. It’s worth the extra time.

Refer to the reading

• Scanner instructions Analyzing with SonarQube Scanner: docs.sonarqube.org/display/SCA…
• The scanning parameters configuration Analysis Parameters:docs.sonarqube.org/display/SON…
• Installing the Server: docs.sonarqube.org/display/SON…
• Create a MySQL DB for SonarQube: gist.github.com/davidhyk/d6…