Introduction to the
SonarQube(formerly Sonar) is an open source code quality management system that scans projects for duplicate code, coding standards, unit tests, code coverage, code complexity, potential bugs, comments, and more.
Supports Java, C/C++, C#, PHP, Flex, Groovy, JavaScript, Python and other languages.
The benefit of code scanning is to improve code quality by configuring rules to scan for code design flaws and code optimizations.
This article introduces the use of Docker technology to build SonarQube environment and scan the code.
Environment setup quick start
There is no data store when sonarqube is started in this way, and docker will not reload data after reloading.
docker run
–
d
—
name sonarqube
–
p
9000
:
9000
–
p
9092
:
9092
sonarqube:
The LTS browser is opened
:
0.0
.
0.0
:
9000
Your account password
:
Admin, admin fully configured start docker start mysql
To use mysql as the data store, run the following command:
docker run
—
name mysql
–
5.6
–
v
/
Users
/
xinxi
/
mysql:
/
var
/
lib
/
mysql
–
e MYSQL_ROOT_PASSWORD
=
123321
–
p
8888
:
3306
–
d
mysql:
5.6
Sonarqube does not support mysql5.5, with a minimum of 5.6 supported
[color=rgb(0, 105, 214) !important]
Docker start sonarqube
Two points to note:
- Db_sonar database needs to be manually created first, otherwise it will not be found
- The local IP address cannot be set to localhost, but must be set to the Intranet IP address
The startup command is as follows:
docker run
–
d
—
name Sonarqube
–
p
8185
:
9000
–
p
8186
:
9092
–
e
“SONARQUBE_JDBC_USERNAME=root”
–
e
“SONARQUBE_JDBC_PASSWORD=123321”
–
e
“SONARQUBE_JDBC_URL = JDBC: mysql: / / 192.168.129.25:8888 /
db_sonar? useUnicode=true&characterEncoding=utf8″
db_sonar? useUnicode=true&characterEncoding=utf8″
–
d
sonarqube:
LTS effect
After successful startup, the token will be set after the first successful page login. This token will be configured in the scanned code project in the future to connect to Sonarqube platform through token to transmit data results
[color=rgb(0, 105, 214) !important]
Android Project Configuration
[color=rgb(0, 105, 214) !important]
Android projects use Gradle management plug-ins, so you need to configure gradle files.
Gradle configuration in the project root directory is as follows:
Gradle configuration in the project root directory is as follows:
buildscript
{
repositories
{
maven
{
url
“https://plugins.gradle.org/m2/”
}
}
dependencies
{
classpath
“Org. Sonarsource. Scanner. Gradle: sonarqube – gradle – plugin: 2.5”
}
}
plugins
{
Add plugin info id
“org.sonarqube”
version
“2.6-rc1”
}
apply
plugin:
“org.sonarqube”
Execute command:
gradle sonarqube \
–
Dsonar
.
host
.
url
=
http:
//localhost:8186 \
–
Dsonar
.
login
=
a1cf2c8dbdc187441c3f908b79b562404b9a4f6b
The other way to configure it is in the gradle.properties configuration file
[color=rgb(0, 105, 214) !important]
Uploading result successful
[color=rgb(0, 105, 214) !important]
Scan results
[color=rgb(0, 105, 214) !important]
[color=rgb(0, 105, 214) !important]
MVN Project configuration Run the MVN command
sonar:
sonar
–
Dsonar
.
host
.
url
=
http:
//localhost:9000 -Dsonar.login=c8ce928f1497f1fa5591cdcf5357aa4e44920796
Scan results
[color=rgb(0, 105, 214) !important]
Before installing the iOS project configuration, install brew Tap Oclint
/
formulae
brew install oclint
brew install sonar
–
Scanner brew Install GcoVR project configuration
You need to add two files: run-sonar-sonar. Sh and sonar-project.properties in the project root directory
[color= RGB (0, 105, 214)! Important]
The Demo code
[color=rgb(0, 105, 214) !important]
Run the command in the project root directory
.
sh run
–
sonar
.
sh
Hit the pit
No OC plug-in is displayed
[color=rgb(0, 105, 214) !important]
Oc plug-ins installed through Sonarqube are available for a fee; download the free OC plug-in.
[color=rgb(0, 105, 214) !important]
[color=rgb(0, 105, 214) !important]
Github.com/Backelite/s…
Then put backelite-sonar-Objective-c-plugin-0.6.3. jar in Extensions /plugins of Sonarqube and restart the image.
Results show
[color=rgb(0, 105, 214) !important]
[color=rgb(0, 105, 214) !important]
To make the mirror
Sonarqube has no native Chinese support and no OC plug-in. You can package the Chinese package and oc plug-in into a new Docker image
Sonar -l10n-zh-plugin-1.16.jar, backelite-sonar-objective-c-plugin-0.6.3.jar and dockerfile in one directory
Dockerfile is as follows:
dockfile:
FROM sonarqube
ADD sonar
–
l10n
–
zh
–
plugin
–
1.16
.
jar
/
opt
/
sonarqube
/
extensions
/
plugins
/
ADD backelite
–
sonar
–
objective
–
c
–
plugin
–
0.6
.
3
.
jar
/
opt
/
sonarqube
/
extensions
/
plugins
/
Run docker build -t sonarqube:zh.
Jenkins continuous integration
Using the Android project as an example, first install the Sonarqube plug-in in Jenkins, and then configure the Servers address for Sonarqube in the system Settings
[color=rgb(0, 105, 214) !important]
Create a job and configure the Git address
[color=rgb(0, 105, 214) !important]
Select Execute SonarQube Scanner at the build site and configure as follows
[color=rgb(0, 105, 214) !important]
You need a Java plug-in
[color=rgb(0, 105, 214) !important]
Install the Java plug-in in SonarQube and restart
[color=rgb(0, 105, 214) !important]
The scan code is complete and the scan result is uploaded
[color=rgb(0, 105, 214) !important]
SonarQube looks at the scan results
[color=rgb(0, 105, 214) !important]
conclusion
SonarQube is an excellent code scanning tool that detects coding problems by statically scanning code. Code scanning is a low-cost, high-return method that is essential for continuous integration.
From TesterHome xinxi
Address: testerhome.com/topics/1711…
Learn more about Python at gzitcast