sonar-代碼掃描

代碼測試sonar

1.下載地址:

https://www.sonarqube.org/downloads/

2.配置jdk環境（版本要求1.8+）

[root@localhost#>> /usr/local/src]#tar xf server-jre-8u181-linux-x64.tar.gz
[root@localhost#>> /usr/local/src]#ln -sv /usr/local/src/jdk1.8.0_181/ /usr/local/jdk
[root@localhost#>> /usr/local/src]#ln -sv /usr/local/jdk/bin/java /usr/bin/

[root@localhost#>> /usr/local/src]#java -version
java version "1.8.0_181"

3.創建數據庫（版本要求5.6+）

#安裝：
	https://www.cnblogs.com/baolin2200/p/9647831.html

#創建數據庫：
mysql> CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL ON sonar.* TO sonar@"%"  IDENTIFIED BY "A-bc789456";
Query OK, 0 rows affected, 1 warning (0.00 sec)

4.下載sonar

[root@localhost#>> /usr/local/src]#wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-6.7.5.zip

5.解壓

unzip sonarqube-6.7.5.zip
ln -sv /usr/local/src/sonarqube-6.7.5/ /usr/local/sonar

6.配置sonar

[root@localhost#>> ~]#grep "^[a-Z]" /usr/local/sonar/conf/sonar.properties 
sonar.jdbc.username=sonar
sonar.jdbc.password=A-bc789456
sonar.jdbc.url=jdbc:mysql://192.8.19.105:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
sonar.web.host=0.0.0.0
sonar.web.port=9000

7.添加用戶：【在6.7.5 版本需求elasticsearch 不允許由root啟動】

can not run elasticsearch as root 所以需要創建用戶
[root@localhost#>> /usr/local]#useradd libaolin
[root@localhost#>> /usr/local]#passwd libaolin

8.更改sonar目錄權限

[root@localhost#>> /usr/local]#chown libaolin:libaolin sonar/ -R
[root@localhost#>> /usr/local]#su - libaolin

9.啟動：

[libaolin@localhost ~]$ /usr/local/sonar/bin/linux-x86-64/sonar.sh start

注：出錯請查看日志

Web頁面配置

1.登錄：【默認用戶/密碼：admin 】

http://192.8.19.105:9000/about

2.安裝中文插件

3.插件默認安裝位置：【可以直接copy到當前目錄即可】

[libaolin@localhost logs]$ ll /usr/local/sonar/extensions/plugins

4.安裝完成后重啟

5.安裝各語言插件

PHP  Java  python 等

部署掃描器sonar-scanner

Sonar通過掃描器進行代碼質量分析，即掃描器的具體工作就是掃描代碼：

1.下載地址：

https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip

2.下載解壓

[root@localhost#>> /usr/local/src]#wget https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip
[root@localhost#>> /usr/local/src]#unzip sonar-scanner-cli-3.2.0.1227-linux.zip
[root@localhost#>> /usr/local/src]#ln -sv /usr/local/src/sonar-scanner-3.2.0.1227-linux/ /usr/local/sonar-scanner

3.添加配置sonar-scanner

[root@localhost#>> /usr/local/sonar-scanner/conf]#grep "^[a-Z]" sonar-scanner.properties 
sonar.host.url=http://192.8.19.105:9000
sonar.sourceEncoding=UTF-8
sonar.jdbc.username=sonar
sonar.jdbc.password=A-bc789456
sonar.jdbc.url=jdbc:mysql://192.8.19.105:3306/sonar?useUnicode=true&characterEncoding=utf8

測試代碼掃描

1.創建sonar-project.properties文件

[root@nq python-sonar-runner]# cat sonar-project.properties 
# sonar項目名稱
sonar.projectKey=org.sonarqube:python-simple-sonar-scanner
sonar.projectName=Python :: Simple Project : SonarQube Scanner
sonar.projectVersion=1.0

# 代碼所在路徑
sonar.sources= /opt/projects/languages/python/src/ 
# Language
sonar.language=python

# Encoding of the source files
sonar.sourceEncoding=UTF-8

2.在sonar-project.properties 路徑執行代碼掃描器

[root@nq python-sonar-runner]# /usr/local/sonar-scanner/bin/sonar-scanner

3.通過http://192.8.19.105:9000/projects?sort=-analysis_date 查看

附件

sonar-l10n-zh-plugin-1.19.jar - 中文插件

sonar.jpi - Jenkins相關插件