搭建sonarqube分析golang程式碼

準備postgres

為什麼不使用Mysql呢，因為從7.9就不支援了

docker啟動postgres

docker run -d \
    --name sonar-postgres \
    -e POSTGRES_PASSWORD=postgres \
    -e PGDATA=/var/lib/postgresql/data/pgdata \
    -v /custom/mount:/var/lib/postgresql/data \
    postgres

安裝客戶端psql，通過yum安裝postgresql-server會附帶安裝psql。也可以安裝pgAdmin。

yum install postgresql-server

連線到伺服器

psql -h localhost -U postgres -W

建立資料庫

postgres=# CREATE DATABASE sonarqube WITH OWNER=postgres ENCODING='UTF8' CONNECTION LIMIT=-1;
CREATE DATABASE

postgres=# \l
                                 List of databases
   Name    |  Owner   | Encoding |  Collate   |   Ctype    |   Access privileges   
-----------+----------+----------+------------+------------+-----------------------
 postgres  | postgres | UTF8     | en_US.utf8 | en_US.utf8 | 
 sonarqube | postgres | UTF8     | en_US.utf8 | en_US.utf8 | 
 template0 | postgres | UTF8     | en_US.utf8 | en_US.utf8 | =c/postgres          +
           |          |          |            |            | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.utf8 | en_US.utf8 | =c/postgres          +
           |          |          |            |            | postgres=CTc/postgres
(4 rows)

docker啟動sonarqube

先建立幾個volume用於儲存資料

docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs

更改一些系統引數

sysctl -w vm.max_map_count=262144
sysctl -w fs.file-max=65536
ulimit -n 65536
ulimit -u 4096

如果不設定可能會出現錯誤：vm.max_map_count 65530 is too low

2020.07.09 10:33:43 INFO  es[][o.e.n.Node] initialized
2020.07.09 10:33:43 INFO  es[][o.e.n.Node] starting ...
2020.07.09 10:33:44 INFO  es[][o.e.t.TransportService] publish_address {127.0.0.1:9001}, bound_addresses {127.0.0.1:9001}
2020.07.09 10:33:44 INFO  es[][o.e.b.BootstrapChecks] explicitly enforcing bootstrap checks
ERROR: [1] bootstrap checks failed
[1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] stopping ...
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] stopped
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] closing ...
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] closed

啟動sonarqube

docker run -d --name sonarqube \
    -p 9000:9000 \
    --link sonar-postgres \
    -e SONAR_JDBC_URL=jdbc:postgresql://sonar-postgres/sonarqube \
    -e SONAR_JDBC_USERNAME=postgres \
    -e SONAR_JDBC_PASSWORD=postgres \
    -v sonarqube_data:/opt/sonarqube/data \
    -v sonarqube_extensions:/opt/sonarqube/extensions \
    -v sonarqube_logs:/opt/sonarqube/logs \
    sonarqube:8.3.1-community

本來是要使用8.4的，但是是因為有個BUG就放棄了。該BUG會在8.4.1修改。

建立專案

訪問服務地址http://localhost:9000/，然後登入介面，使用者名稱admin，密碼admin登入。

安裝中文包

建立專案

建立令牌

使用golangci-lint分析程式碼

golangci-lint聚合了很多工具，下面只是作為演示，具體請檢視官網。
在專案根目錄下新建檔案.golangci.yml。具體示例可檢視https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml

# example link : https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml
run:
  timeout: 1m
  skip-dirs-use-default: true

linters-settings:
  dupl:
    # tokens count to trigger issue, 150 by default
    threshold: 100

linters:
  enable:
    - dupl
    - golint

使用docker映象生成xml格式的分析檔案，出處請見

$ mkdir sonar
$ docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.27.0 golangci-lint run -v --out-format checkstyle > sonar/golangcilint.xml
level=info msg="[config_reader] Config search paths: [./ /app /]"
level=info msg="[config_reader] Used config file .golangci.yml"
level=info msg="[lintersdb] Active 12 linters: [deadcode dupl errcheck golint gosimple govet ineffassign staticcheck structcheck typecheck unused varcheck]"
............
level=info msg="[runner] linters took 6.693839801s with stages: goanalysis_metalinter: 6.412033368s, unused: 267.37634ms"
level=info msg="File cache stats: 9 entries of total size 25.5KiB"
level=info msg="Memory: 145 samples, avg is 153.5MB, max is 339.1MB"
level=info msg="Execution took 14.475792265s"

sonar客戶端掃描

在專案根目錄新建一個名為sonar-project.properties的檔案

# must be unique in a given SonarQube instance
sonar.projectKey=test
sonar.projectName=test

sonar.host.url=http://localhost:9000

sonar.sources=.
sonar.exclusions=**/*_test.go,**/vendor/**

sonar.tests=.
sonar.test.inclusions=**/*_test.go
sonar.test.exclusions=**/vendor/**

sonar.sourceEncoding=UTF-8

sonar.go.golangci-lint.reportPaths=sonar/golangcilint.xml

docker執行掃描客戶端

$ docker run --rm -v $(pwd):/usr/src sonarsource/sonar-scanner-cli
......
INFO: Analysis total time: 4.980 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 8.382s
INFO: Final Memory: 13M/50M
INFO: ------------------------------------------------------------------------

檢視分析結果

訪問 http://localhost:9000 檢視test專案，就可以看到有問題的程式碼了。