# Sonar Android practice
Sonarqube download and install
1.1 Download address
1.2 After downloading sonarqube, decompress the sonarqube to open the bin directory and start StartSonar in the corresponding OS directory. The system of this scheme is Windows, so the boot position is in E:\sonarqube-7.5\bin\ Windows-x86-64 \StartSonar, you can directly access http://localhost:9000 after the boot is complete Or http://127.0.0.1:9000, you can log in as an administrator to install the Chinese plug-in and other code scanning plug-ins
1.3 configuration
1.3.1 MySql configuration
Because Sonarqube relies on MySql, you need to install MySql
1.3.2 Sonar configuration MySql, go to E:\sonarqube-7.5\conf\ sonara. properties to add MySql configuration
# User credentials.
# Permissions to create tables, indices and triggers must be granted to JDBC user.
# The schema must be created first.
#sonar.jdbc.username=
#sonar.jdbc.password=Sonar, the JDBC url = JDBC: mysql: / / 127.0.0.1:3306 / qjfsonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance sonars.jdbc. username=root sonars.jdbc. password=root sonars.sorceencoding = utF-8 // Set the account and password when installing mysql sonar.login=admin sonar.password=adminCopy the codeRestarting the Sonarqube service and going back to http://localhost:9000 will be a little slower because you have to initialize the database information and you can install the plug-in on Sonar at this point
Next, you can install the Chinese plug-in. Go to Configuration > App Market > search for the Chinese Pack, then install and restart
2. Analyze android projects with Sonar
Method 1: Analyze the project with Sonar – Scanner
Sonar -scanner properties: sonar-scanner-3.2.0.1227- Windows/conf/sonar-scanner
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
sonar.host.url=http://localhost:9000
#----- Default source code encoding
#sonar.sourceEncoding=UTF-8Sonar, the JDBC url = JDBC: mysql: / / 127.0.0.1:3306 / qjfsonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance
sonar.jdbc.username=root
sonar.jdbc.password=root
Copy the codeThen create a sonar-project.properties in the Android root directory you want to analyze as follows
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
#sonar.host.url=http://localhost:9000
#----- Default source code encoding
#sonar.sourceEncoding=UTF-8
# must be unique in a given SonarQube instance
sonar.projectKey=StickyNavLayout-demo
# this is the name displayed in the SonarQube UISonar. The projectName = StickyNavLayout - demo sonar. ProjectVersion = 7.5# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# Since SonarQube 4.2, this property is optional if SonarQube. Modules is set.
# If not set, SonarQube starts looking for source code from the directory containing
# the sonar-project.properties file.
sonar.sources=E:\workplace\github\StickyNavLayout-demo\app\src
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8
Copy the codeThen run sonar-scanner under the project root directory for analysis
Method 2: Gradle configuration (recommended)
Do Android development, usually in Android Studio development, if in accordance with way one, each new project to create a file, it is not very convenient, androidStudio Gradle has added good sonar-scaner for us, can be configured through the following way
Root build. Gradle configuration
apply from: "dependencies.gradle"
apply plugin: 'com.alibaba.arouter'
buildscript {
ext.kotlin_version = '1.2.30'
repositories {
#1 Configure the Maven repository
maven {
url "https://plugins.gradle.org/m2/"
}
google()
jcenter()
}
dependencies {
The classpath # 2 configuration
classpath "Org. Sonarsource. Scanner. Gradle: sonarqube - gradle - plugin: 2.6.2." "
classpath 'com. Android. Tools. Build: gradle: 3.1.2'
classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
classpath 'org. Greenrobot: greendao - gradle - plugin: 3.2.2'
classpath "Com. Alibaba: arouter - register: 1.0.0"
// classpath "com.mob.sdk:MobSDK:+"
classpath 'com. Growingio. Android: VDS - gradle - plugin: 2.4.3'// Print plug-in for easy debugging of performance issues. By adding @debuglog to a call method, you can print the call parameters for that method, along with the execution time classpath'com. Jakewharton. Hugo: Hugo - plugin: 1.2.1'
// NOTE: Do not place your application dependencies here; they belong
// in the individual module build.gradle files
}
}
# 3 configure the plugin
apply plugin: "org.sonarqube"
# 4 configuration task
sonarqube {
properties {
property "sonar.sourceEncoding"."UTF-8"}}#4 Configure the sonarqube parameters
subprojects {
apply plugin: 'eclipse'
apply plugin: 'idea'
repositories {
mavenCentral()
jcenter()
}
sonarqube {
properties {
property "sonar.sources"."src"
property "sonar.java.binaries"."build/intermediates/javac"
property "sonar.host.url"."http://http://10.1.3.40:9000/"
property "sonar.login"."admin"
property "sonar.password"."admin"
property "sonar.jdbc.url"."JDBC: mysql: / / http://10.1.3.40:3306/qjfsonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance"
property "sonar.jdbc.driverClassName"."com.mysql.jdbc.Driver"
property "sonar.jdbc.username"."root"
property "sonar.jdbc.password"."root"
}
}
}
allprojects {
repositories {
flatDir {
dirs project(':app').file('libs')} // maven {//// local maven repository address // url URI ('D:/AndroidStudio/LocalMaven')
// }
maven { url "http://mvn.mob.com/android" }
google()
jcenter()
}
configurations.all {
resolutionStrategy {
force "com.android.support:support-v4:${supportLib}"
force "com.android.support:support-annotations:${supportLib}"
force "com.android.support:appcompat-v7:${supportLib}"
force "com.android.support:design:${supportLib}"
force "com.android.support:recyclerview-v7:${supportLib}"
force "com.android.support:cardview-v7:${supportLib}"
force "com.android.support:design:${supportLib}"
force "com.android.support:support-compat:${supportLib}"
force "com.android.support:support-core-ui:${supportLib}"
force "com.android.support:support-core-utils:${supportLib}"
force "com.android.support:support-fragment:${supportLib}"
force "Com. Android. Support. The constraint, the constraint - layout: 1.1.0." "
}
}
}
task clean(type: Delete) {
delete rootProject.buildDir
}
Copy the codeFollow steps 1, 2,3, and 4 to complete the configuration, then execute
gradle sonarqube
Copy the code3: Jenkins + Jenkins Sonar plugin + Sonar -scaner plugin
First Jenkins on the Sonar plugin
3. Jenkins configuration
ProjectName = projectName XXX sonar. ProjectVersion =1.0 sonar. SourceEncoding = utf-8 sonar.sources=app/src,album/src,base/src,cropview/src,im-business/src,lib_live_agora/src,lib_log/src,performancelib/src, push/src,refreshlibrary/src,xrecyclerview/src sonar.java.binaries = app/build/intermediates/classes Sonar. Host. Sonar url = http://127.0.0.1:9000/. Login = admin sonar. The password = admin Sonar, the JDBC url = JDBC: mysql: / / 127.0.0.1:3306 / qjfsonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance
sonar.jdbc.driverClassName=com.mysql.jdbc.Driver
sonar.jdbc.username=root
sonar.jdbc.password=root
Copy the codeTask to run :scan JDK:JDK_8 Analysis properties: Sonar. projectKey=test sonar.projectName=test sonar.projectVersion=1.0 sonar.sourceEncoding= utF-8 sonar.sources=app Sonar. Java. Binaries = app/build/intermediates/classes sonar. The host. The sonar url = http://127.0.0.1:9000/. Login = admin Sonar. Password = admin sonar. JDBC. Url = JDBC: mysql: / / 127.0.0.1:3306 / qjfsonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance sonar.jdbc.driverClassName=com.mysql.jdbc.Driver sonar.jdbc.username=root sonar.jdbc.password=root Additional arguments:-X
Android Lint plugin development
There is also a library of open source plugins available on github, but this library is no longer supported by sonar7.5. Sonar7.5 has changed a lot. So I developed an address on my own
5. Java custom rule plug-in development
At present, the Java inspection rule is based on the PMD plug-in for secondary development. There are also a lot of information about the principle of PMD on the Internet. In general, Java CC generation parser is used to parse the source code and generate AST(abstract syntax tree).
6. Kotlin custom rule plug-in development
6.1 Built-in Plug-ins
Sonar currently supports many third-party code checking plug-ins such as Sonar Java, PMD, FindBugs, etc. You can customize your own plug-ins if your business needs
6.2 Customizing Plug-ins
AndroidLint used to have third party androidLint before Sonar6.5, but after 7.5, the third party library is not updated, only to develop their own github.com/dengqu/sona…
7 You are advised to enable rules
android lint: # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Use DP 4.DrawAllocation to avoid assigning objects while drawing or parsing a layout. E.g., instantiate the Paint object in Ondraw(). Node can be replaced by a TextView with compound drawables For example, a linear layout containing an Imageview and a TextView can be replaced by a CompoundDrawable TextView. If you specify a Drawable background for the RootView, the Theme background will be drawn once and then the specified background will be used. This is called “Overdraw”. This can be avoided by setting the background of the theme to NULL. 7.Hardcoded text 8.HashMap can be replaced with SparseArray 9.Layout hierarchy is too deep 10.Layout has too many views Memory allocations within drawing code