1、参考官方文档地址:https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
2、进行scanner的安装
[root@jenkins ~]# cd /usr/local/src [root@jenkins src]# wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-linux.zip [root@jenkins src]# ll total 535228 -rw-r--r-- 1 root root 314592758 Mar 3 2016 mysql-5.6.30-linux-glibc2.5-x86_64.tar.gz -rw-r--r-- 1 root root 159610886 Nov 20 20:23 sonarqube-6.7.6.zip -rw-r--r-- 1 root root 73866903 Jan 8 22:27 sonar-scanner-cli-3.3.0.1492-linux.zip
3、解压sonar-scanner包
[root@jenkins src]# unzip sonar-scanner-cli-3.3.0.1492-linux.zip [root@jenkins src]# mv sonar-scanner-3.3.0.1492-linux /usr/local/ [root@jenkins src]# ln -s /usr/local/sonar-scanner-3.3.0.1492-linux /usr/local/sonar-scanner
4、进入sonar-scanner
[root@jenkins src]# vim /usr/local/sonar-scanner/conf/sonar-scanner.properties [root@jenkins src]# cat /usr/local/sonar-scanner/conf/sonar-scanner.properties #Configure here general information about the environment, such as SonarQube server connection details for example #No information about specific project should appear here #----- Default SonarQube server sonar.host.url=http://localhost:9000 #把“#”给注释取消 #----- Default source code encoding sonar.sourceEncoding=UTF-8 #把“#”给注释取消
5、在项目的根目录中创建配置文件:sonar-project.properties
# must be unique in a given SonarQube instance sonar.projectKey=my:project #在给定的Sonaroube实例中必须是唯一的 # this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1. sonar.projectName=My project #这是Sonarkube用户界面中显示的名称和版本。在奏鸣曲6.1之前是强制性的。 sonar.projectVersion=1.0 # Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. # This property is optional if sonar.modules is set. sonar.sources=. # 分析的位置,“.”点代表当前位置 # Encoding of the source code. Default is default system encoding #sonar.sourceEncoding=UTF-8
6、使用案例:
参考地址: https://github.com/SonarSource
参考地址: https://github.com/SonarSource/sonar-scanning-examples
克隆下载的包
[root@jenkins src]# git clone https://github.com/SonarSource/sonar-scanning-examples.git Cloning into 'sonar-scanning-examples'... remote: Enumerating objects: 15, done. remote: Counting objects: 100% (15/15), done. remote: Compressing objects: 100% (15/15), done. remote: Total 370 (delta 3), reused 2 (delta 0), pack-reused 355 Receiving objects: 100% (370/370), 187.93 KiB | 243.00 KiB/s, done. Resolving deltas: 100% (86/86), done. [root@jenkins src]# ll total 535228 -rw-r--r-- 1 root root 314592758 Mar 3 2016 mysql-5.6.30-linux-glibc2.5-x86_64.tar.gz -rw-r--r-- 1 root root 159610886 Nov 20 20:23 sonarqube-6.7.6.zip -rw-r--r-- 1 root root 73866903 Jan 8 22:27 sonar-scanner-cli-3.3.0.1492-linux.zip drwxr-xr-x 11 root root 261 Jan 26 20:23 sonar-scanning-examples [root@jenkins src]# cd sonar-scanning-examples/ [root@jenkins sonar-scanning-examples]# ll total 0 drwxr-xr-x 5 root root 115 Jan 26 20:23 objc-llvm-coverage drwxr-xr-x 5 root root 89 Jan 26 20:23 sonarqube-scanner drwxr-xr-x 3 root root 51 Jan 26 20:23 sonarqube-scanner-ant drwxr-xr-x 3 root root 82 Jan 26 20:23 sonarqube-scanner-build-wrapper-linux drwxr-xr-x 4 root root 108 Jan 26 20:23 sonarqube-scanner-gradle drwxr-xr-x 5 root root 86 Jan 26 20:23 sonarqube-scanner-maven drwxr-xr-x 3 root root 27 Jan 26 20:23 sonarqube-scanner-msbuild drwxr-xr-x 3 root root 53 Jan 26 20:23 swift-coverage [root@jenkins sonar-scanning-examples]# cd sonarqube-scanner-maven/ [root@jenkins sonarqube-scanner-maven]# ll total 8 drwxr-xr-x 3 root root 32 Jan 26 20:23 app-groovy drwxr-xr-x 3 root root 32 Jan 26 20:23 app-it drwxr-xr-x 3 root root 32 Jan 26 20:23 app-java -rw-r--r-- 1 root root 3200 Jan 26 20:23 pom.xml -rw-r--r-- 1 root root 485 Jan 26 20:23 README.md
7、然后我们配置一个代码样式示例
[root@jenkins sonarqube-scanner-maven]# vim sonar-project.properties [root@jenkins sonarqube-scanner-maven]# cat sonar-project.properties # must be unique in a given SonarQube instance sonar.projectKey=devops-sonarqube-dame # this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1. sonar.projectName=devops-sonarqube-dame sonar.projectVersion=1.0 # Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. # This property is optional if sonar.modules is set. sonar.sources=. sonar.java.binaries=. # Encoding of the source code. Default is default system encoding #sonar.sourceEncoding=UTF-8
8、进行代码检查
[root@jenkins sonarqube-scanner-maven]# /usr/local/sonar-scanner/bin/sonar-scanner INFO: Scanner configuration file: /usr/local/sonar-scanner-3.3.0.1492-linux/conf/sonar-scanner.properties INFO: Project root configuration file: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven/sonar-project.properties INFO: SonarQube Scanner 3.3.0.1492 INFO: Java 1.8.0_121 Oracle Corporation (64-bit) INFO: Linux 3.10.0-862.el7.x86_64 amd64 INFO: User cache: /root/.sonar/cache INFO: SonarQube server 6.7.6 INFO: Default locale: "en_US", source code encoding: "UTF-8" INFO: Publish mode INFO: Load global settings INFO: Load global settings (done) | time=611ms INFO: Server id: 49B321BC-AWiJi6iHNvEJCKAZ7ZUg INFO: User cache: /root/.sonar/cache INFO: Load plugins index INFO: Load plugins index (done) | time=95ms INFO: Download sonar-l10n-zh-plugin-1.19.jar INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2. INFO: Download sonar-flex-plugin-2.3.jar INFO: Download sonar-csharp-plugin-6.5.0.3766.jar INFO: Download sonar-javascript-plugin-3.2.0.5506.jar INFO: Download sonar-java-plugin-4.15.0.12310.jar INFO: Download sonar-php-plugin-2.11.0.2485.jar INFO: Download sonar-python-plugin-1.8.0.1496.jar INFO: Download sonar-scm-git-plugin-1.3.0.869.jar INFO: Download sonar-scm-svn-plugin-1.6.0.860.jar INFO: Download sonar-typescript-plugin-1.1.0.1079.jar INFO: Download sonar-xml-plugin-1.4.3.1027.jar INFO: Process project properties INFO: Load project repositories INFO: Load project repositories (done) | time=45ms INFO: Load quality profiles INFO: Load quality profiles (done) | time=118ms INFO: Load active rules INFO: Load active rules (done) | time=1049ms INFO: Load metrics repository INFO: Load metrics repository (done) | time=66ms INFO: Project key: devops-sonarqube-dame INFO: ------------- Scan devops-sonarqube-dame INFO: Load server rules INFO: Load server rules (done) | time=405ms INFO: Base dir: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven INFO: Working dir: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven/.scannerwork INFO: Source paths: . INFO: Source encoding: UTF-8, default locale: en_US INFO: Index files INFO: 13 files indexed INFO: Quality profile for java: Sonar way INFO: Quality profile for xml: Sonar way INFO: Sensor JavaSquidSensor [java] INFO: Configured Java source version (sonar.java.source): none INFO: JavaClasspath initialization INFO: ------------------------------------------------------------------------ INFO: EXECUTION FAILURE INFO: ------------------------------------------------------------------------ INFO: Total time: 9.450s INFO: Final Memory: 17M/188M INFO: ------------------------------------------------------------------------ ERROR: Error during SonarQube Scanner execution ERROR: Please provide compiled classes of your project with sonar.java.binaries property ERROR: ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging. [root@jenkins sonarqube-scanner-maven]# vim sonar-project.properties [root@jenkins sonarqube-scanner-maven]# /usr/local/sonar-scanner/bin/sonar-scanner INFO: Scanner configuration file: /usr/local/sonar-scanner-3.3.0.1492-linux/conf/sonar-scanner.properties INFO: Project root configuration file: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven/sonar-project.properties INFO: SonarQube Scanner 3.3.0.1492 INFO: Java 1.8.0_121 Oracle Corporation (64-bit) INFO: Linux 3.10.0-862.el7.x86_64 amd64 INFO: User cache: /root/.sonar/cache INFO: SonarQube server 6.7.6 INFO: Default locale: "en_US", source code encoding: "UTF-8" INFO: Publish mode INFO: Load global settings INFO: Load global settings (done) | time=77ms INFO: Server id: 49B321BC-AWiJi6iHNvEJCKAZ7ZUg INFO: User cache: /root/.sonar/cache INFO: Load plugins index INFO: Load plugins index (done) | time=113ms INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2. INFO: Process project properties INFO: Load project repositories INFO: Load project repositories (done) | time=13ms INFO: Load quality profiles INFO: Load quality profiles (done) | time=29ms INFO: Load active rules INFO: Load active rules (done) | time=525ms INFO: Load metrics repository INFO: Load metrics repository (done) | time=32ms INFO: Project key: devops-sonarqube-dame INFO: ------------- Scan devops-sonarqube-dame INFO: Load server rules INFO: Load server rules (done) | time=64ms INFO: Base dir: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven INFO: Working dir: /usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven/.scannerwork INFO: Source paths: . INFO: Source encoding: UTF-8, default locale: en_US INFO: Index files INFO: 13 files indexed INFO: Quality profile for java: Sonar way INFO: Quality profile for xml: Sonar way INFO: Sensor JavaSquidSensor [java] INFO: Configured Java source version (sonar.java.source): none INFO: JavaClasspath initialization WARN: Bytecode of dependencies was not provided for analysis of source files, you might end up with less precise results. Bytecode can be provided using sonar.java.libraries property INFO: JavaClasspath initialization (done) | time=26ms INFO: JavaTestClasspath initialization INFO: JavaTestClasspath initialization (done) | time=0ms INFO: Java Main Files AST scan INFO: 4 source files to be analyzed INFO: Java Main Files AST scan (done) | time=878ms INFO: Java Test Files AST scan INFO: 0 source files to be analyzed INFO: Java Test Files AST scan (done) | time=1ms INFO: Sensor JavaSquidSensor [java] (done) | time=1485ms INFO: Sensor SurefireSensor [java] INFO: parsing [/usr/local/src/sonar-scanning-examples/sonarqube-scanner-maven/target/surefire-reports] INFO: 4/4 source files have been analyzed INFO: 0/0 source files have been analyzed INFO: Sensor SurefireSensor [java] (done) | time=12ms INFO: Sensor JaCoCoSensor [java] INFO: Sensor JaCoCoSensor [java] (done) | time=0ms INFO: Sensor SonarJavaXmlFileSensor [java] INFO: 4 source files to be analyzed INFO: Sensor SonarJavaXmlFileSensor [java] (done) | time=835ms INFO: Sensor XML Sensor [xml] INFO: 4/4 source files have been analyzed INFO: Sensor XML Sensor [xml] (done) | time=179ms INFO: Sensor Analyzer for "php.ini" files [php] INFO: Sensor Analyzer for "php.ini" files [php] (done) | time=3ms INFO: Sensor Zero Coverage Sensor INFO: Sensor Zero Coverage Sensor (done) | time=39ms INFO: Sensor CPD Block Indexer INFO: Sensor CPD Block Indexer (done) | time=202ms INFO: SCM provider for this project is: git INFO: 8 files to be analyzed INFO: 8/8 files analyzed INFO: 4 files had no CPD blocks INFO: Calculating CPD for 0 files INFO: CPD calculation finished INFO: Analysis report generated in 124ms, dir size=41 KB INFO: Analysis reports compressed in 25ms, zip size=21 KB INFO: Analysis report uploaded in 1260ms INFO: ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard/index/devops-sonarqube-dame INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AWiKJzgTLS0XEEHWUf6U INFO: Task total time: 7.216 s INFO: ------------------------------------------------------------------------ INFO: EXECUTION SUCCESS INFO: ------------------------------------------------------------------------ INFO: Total time: 8.825s INFO: Final Memory: 18M/271M INFO: ------------------------------------------------------------------------
9、浏览器验证
代码扫描已经提交,点击进入查看试试
