一、簡介
Sonar是一個用於程式碼質量管理的開放平臺,通過外掛機制,sonar可以收集不同的測試工具,程式碼分析工具,以及持續整合工具。與持續整合工具(比如jenkins)不同,sonar並不是簡單地把不同的程式碼檢查工具結果直接顯示在web頁面,而是通過不同的外掛對這些結果進行加工處理,通過量化的方式度量程式碼質量的變化,從而可以方便地對不同規模和種類的工程進行程式碼質量管理。在對其他工具的支援方面,sonar不僅提供了對IDE的支援,可以在Eclipse和Intellij IDEA這些工具裡聯機檢視結果;同時sonar還對大量的持續整合工具提供了介面支援,可以很方便地在持續整合中使用sonar,此外,sonar的外掛還可以對java以外的其他程式語言提供支援,對國際化及報告文件也有很良好的支援;官方網站https://www.sonarqube.org;
二、sonar平臺部署
sonarqube是一款用java語言編寫的程式,它主要作用是提供一個web介面,展示掃描分析結果以及系統管理,外掛管理等;掃描程式碼還是sonar-scanner這個外掛做的,它的工作原理是sonar-scanner通過識別專案中的sonar-project.properties配置檔案中定義的內容,把對應的專案原始碼進行掃描,把掃描後的結果儲存到指定的資料庫;然後sonarqube通過連線配置的資料庫,把sonar-scanner存入資料庫中的資料載入到web介面,從而使用者就可以通過web介面檢視掃描的專案原始碼的結果;
1、安裝資料庫
上傳mysql5.6安裝包和指令碼
[root@node03 ~]# rz rz waiting to receive. zmodem trl+C ȡ 100% 256 bytes 256 bytes/s 00:00:01 0 Errors 100% 321268 KB 35696 KB/s 00:00:09 0 Errors.gz... 100% 1 KB 1 KB/s 00:00:01 0 Errors [root@node03 ~]# ll total 321280 -rw-r--r-- 1 root root 256 Aug 20 2019 my.cnf -rw-r--r-- 1 root root 328979165 Aug 20 2019 mysql-5.6.42-linux-glibc2.12-x86_64.tar.gz -rw-r--r-- 1 root root 1470 Aug 20 2019 mysql-install.sh [root@node03 ~]#
安裝指令碼
#!/bin/bash DIR=`pwd` NAME="mysql-5.6.42-linux-glibc2.12-x86_64.tar.gz" FULL_NAME=${DIR}/${NAME} DATA_DIR="/data/mysql" yum install vim gcc gcc-c++ wget autoconf net-tools lrzsz iotop lsof iotop bash-completion -y yum install curl policycoreutils openssh-server openssh-clients postfix -y if [ -f ${FULL_NAME} ];then echo "安裝檔案存在" else echo "安裝檔案不存在" exit 3 fi if [ -h /usr/local/mysql ];then echo "Mysql 已經安裝" exit 3 else tar xvf ${FULL_NAME} -C /usr/local/src ln -sv /usr/local/src/mysql-5.6.42-linux-glibc2.12-x86_64 /usr/local/mysql if id mysql;then echo "mysql 使用者已經存在,跳過建立使用者過程" fi useradd mysql -s /sbin/nologin if id mysql;then chown -R mysql.mysql /usr/local/mysql/* -R if [ ! -d /data/mysql ];then mkdir -pv /data/mysql /var/lib/mysql && chown -R mysql.mysql /data -R /usr/local/mysql/scripts/mysql_install_db --user=mysql --datadir=/data/mysql --basedir=/usr/local/mysql/ cp /usr/local/src/mysql-5.6.42-linux-glibc2.12-x86_64/support-files/mysql.server /etc/init.d/mysqld chmod a+x /etc/init.d/mysqld cp ${DIR}/my.cnf /etc/my.cnf ln -sv /usr/local/mysql/bin/mysql /usr/bin/mysql ln -sv /data/mysql/mysql.sock /var/lib/mysql/mysql.sock /etc/init.d/mysqld start else echo "MySQL資料目錄已經存在," exit 3 fi fi fi
安裝mysql
[root@node03 ~]# bash mysql-install.sh
提示:自動安裝指令碼執行完成後,它會自動啟動mysql,如果啟動成功,說明mysql已經安裝完成;
驗證:檢視msyql是否啟動,是否可以連線到mysql資料庫?
建立資料庫和使用者授權
mysql> CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci; Query OK, 1 row affected (0.05 sec) mysql> GRANT ALL ON sonar.* TO sonar@"192.168.0.%" IDENTIFIED BY "admin"; Query OK, 0 rows affected (0.02 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) mysql>
驗證:使用建立的使用者連線資料庫,看看是否可以連線?
[root@node03 ~]# mysql -usonar -padmin -h192.168.0.43 Warning: Using a password on the command line interface can be insecure. ERROR 1045 (28000): Access denied for user 'sonar'@'node03.test.org' (using password: YES) [root@node03 ~]#
提示:這裡主要是mysql把ip地址反解成主機名了;
配置mysql,忽略ip地址反解成主機名
重啟mysql,再次測試新建的使用者是否能夠連線到mysql?
到此mysql安裝和測試就完成了
2、安裝jdk
[root@node03 ~]# yum install -y java-1.8.0-openjdk-devel
驗證java版本
[root@node03 ~]# java -version openjdk version "1.8.0_262" OpenJDK Runtime Environment (build 1.8.0_262-b10) OpenJDK 64-Bit Server VM (build 25.262-b10, mixed mode) [root@node03 ~]#
提示:sonar 依賴於 java 環境,而且 java 版本必須是 1.8 版本或更高,否則 sonar 啟動失敗;
3、上傳sonarqube安裝包,安裝sonarqube
提示:在官方下載太慢了,我這裡下載好了,直接傳上來的;現在最新版本7.9不支援mysql;
解壓壓縮包
[root@node03 src]# unzip sonarqube-6.5.zip
新建軟連線
[root@node03 src]# ll total 139932 drwxr-xr-x 13 root root 205 Oct 15 23:27 mysql-5.6.42-linux-glibc2.12-x86_64 drwxr-xr-x 10 root root 120 Aug 1 2017 sonarqube-6.5 -rw-r--r-- 1 root root 143286376 Aug 20 2019 sonarqube-6.5.zip [root@node03 src]# ln -sv /usr/local/src/sonarqube-6.5 /usr/local/sonaqube ‘/usr/local/sonaqube’ -> ‘/usr/local/src/sonarqube-6.5’ [root@node03 src]# ll /usr/local/ total 0 drwxr-xr-x. 2 root root 6 Nov 5 2016 bin drwxr-xr-x. 2 root root 6 Nov 5 2016 etc drwxr-xr-x. 2 root root 6 Nov 5 2016 games drwxr-xr-x. 2 root root 6 Nov 5 2016 include drwxr-xr-x. 2 root root 6 Nov 5 2016 lib drwxr-xr-x. 2 root root 6 Nov 5 2016 lib64 drwxr-xr-x. 2 root root 6 Nov 5 2016 libexec lrwxrwxrwx 1 root root 50 Oct 15 23:27 mysql -> /usr/local/src/mysql-5.6.42-linux-glibc2.12-x86_64 drwxr-xr-x. 2 root root 6 Nov 5 2016 sbin drwxr-xr-x. 5 root root 49 Sep 15 20:33 share lrwxrwxrwx 1 root root 28 Oct 15 23:39 sonaqube -> /usr/local/src/sonarqube-6.5 drwxr-xr-x. 4 root root 95 Oct 15 23:39 src [root@node03 src]#
配置sonarqube連線192.168.0.43上的資料庫,並讓其web埠監聽在本機所有地址的9000埠
[root@node03 sonaqube]# grep ^[a-z] conf/sonar.properties sonar.jdbc.username=sonar sonar.jdbc.password=admin sonar.jdbc.url=jdbc:mysql://192.168.0.43:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false sonar.web.host=0.0.0.0 sonar.web.port=9000 [root@node03 sonaqube]#
提示:sonar.jdbc.username是指連線資料庫的使用者名稱;sonar.jdbc.password指連線資料庫的使用者名稱密碼;sonar.jdbc.url指連線資料庫的驅動名以及資料庫地址,埠和資料庫名稱,後面是指定的引數保持預設即可;sonar.web.host用於指定監聽的ip地址,0.0.0.0表示監聽本機所有可用地址;sonar.web.port指定監聽的埠;
啟動sonarqube
[root@node03 sonaqube]# bin/linux-x86-64/sonar.sh --help Usage: bin/linux-x86-64/sonar.sh { console | start | stop | restart | status | dump } [root@node03 sonaqube]# bin/linux-x86-64/sonar.sh start Starting SonarQube... Started SonarQube. [root@node03 sonaqube]#
驗證:檢視9000埠是否處於監聽?
[root@node03 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 128 :::3306 :::* [root@node03 ~]#
提示:9000埠並沒有監聽;
檢視日誌
提示:日誌裡提示說記憶體不足;
檢視記憶體使用情況
[root@node03 sonaqube]# free -m total used free shared buff/cache available Mem: 1823 1662 73 0 87 30 Swap: 1023 687 336 [root@node03 sonaqube]#
提示:2G記憶體還剩73M,交換分割槽還是用了687M,記憶體的確有點小;解決辦法只有重新分配記憶體;我這裡是虛擬機器,直接調整記憶體即可;
調整好記憶體後,在啟動sonarqube,看看是否啟動起來?
提示:調整記憶體為4G,勉強啟動起來;所以如果資料庫和sonarqube在一臺主機上,建議將記憶體調到8G,甚至更高;
訪問9000埠
登入試試
提示:點選登入,彈出一個輸入token的介面,我們可以忽略它,直接進入即可;到此sonarqube服務就正常跑起來了;
4、安裝掃描器 sonar-scanner
上傳安裝包,並解壓
[root@node03 ~]# cd /usr/local/src/ [root@node03 src]# rz rz waiting to receive. zmodem trl+C ȡ 100% 489 KB 489 KB/s 00:00:01 0 Errorsp... [root@node03 src]# ll total 140424 drwxr-xr-x 13 root root 205 Oct 15 23:27 mysql-5.6.42-linux-glibc2.12-x86_64 drwxr-xr-x 10 root root 146 Oct 15 23:43 sonarqube-6.5 -rw-r--r-- 1 root root 143286376 Aug 20 2019 sonarqube-6.5.zip -rw-r--r-- 1 root root 501750 Aug 20 2019 sonar-scanner-2.6.1.zip [root@node03 src]# unzip sonar-scanner-2.6.1.zip Archive: sonar-scanner-2.6.1.zip creating: sonar-scanner-2.6.1/bin/ inflating: sonar-scanner-2.6.1/bin/sonar-scanner inflating: sonar-scanner-2.6.1/bin/sonar-runner creating: sonar-scanner-2.6.1/conf/ inflating: sonar-scanner-2.6.1/conf/sonar-scanner.properties creating: sonar-scanner-2.6.1/lib/ inflating: sonar-scanner-2.6.1/lib/sonar-scanner-cli-2.6.1.jar inflating: sonar-scanner-2.6.1/bin/sonar-runner.bat inflating: sonar-scanner-2.6.1/bin/sonar-scanner.bat [root@node03 src]#
建立軟連線
配置 sonar-scanner
提示:掃描器主要配置它需要連線的資料相關配置,以及soanrqube服務的地址;掃描器不需要啟動,它的工作方式是在對應專案裡sonar-porject.properties配置檔案所在目錄執行sonar-scanner,它預設會去找專案中的sonar-porject.properties配置檔案,進行掃描專案原始碼;
測試:上傳測試程式碼進行掃描
解壓,並進入到專案目錄,進入sonar-project.properties檔案所在目錄
提示:sonar.projectKey、sonar.projectName、sonar.projectVersion這三個可以根據自己的專案實際情況來定,這個只是標記專案的,不影響掃描結果;最重要的是要告訴掃描器去哪裡找原始碼;sonar.sources用來指定原始碼位置,通常這裡都是一個相對當前目錄的目錄;sonar.language這個是指定專案的語言,掃描器通過這裡的配置,確定用哪種外掛去掃描;sonar.sourceEncoding這個是指定原始碼的編碼;
在sonar-project.properties配置檔案所在目錄執行sonar-scanner命令進行掃描
[root@node03 python-sonar-runner]# ll total 12 -rw-r--r-- 1 root root 461 Jul 25 2016 README.md -rw-r--r-- 1 root root 338 Jul 25 2016 sonar-project.properties drwxr-xr-x 5 root root 93 Jul 25 2016 src -rw-r--r-- 1 root root 290 Jul 25 2016 validation.txt [root@node03 python-sonar-runner]# /usr/local/sonar-scanner/bin/sonar-scanner INFO: Scanner configuration file: /usr/local/sonar-scanner/conf/sonar-scanner.properties INFO: Project root configuration file: /root/sonar-examples-master/projects/languages/python/python-sonar-runner/sonar-project.properties INFO: SonarQube Scanner 2.6.1 INFO: Java 1.8.0_262 Oracle Corporation (64-bit) INFO: Linux 3.10.0-693.el7.x86_64 amd64 INFO: User cache: /root/.sonar/cache INFO: Load global settings INFO: Load global settings (done) | time=148ms WARN: Property 'sonar.jdbc.url' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database. WARN: Property 'sonar.jdbc.username' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database. WARN: Property 'sonar.jdbc.password' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database. INFO: User cache: /root/.sonar/cache INFO: Load plugins index INFO: Load plugins index (done) | time=80ms INFO: Download sonar-csharp-plugin-5.10.1.1411.jar INFO: Download sonar-python-plugin-1.8.0.1496.jar INFO: Download sonar-java-plugin-4.12.0.11033.jar INFO: Download sonar-scm-git-plugin-1.2.jar INFO: Download sonar-flex-plugin-2.3.jar INFO: Download sonar-xml-plugin-1.4.3.1027.jar INFO: Download sonar-php-plugin-2.10.0.2087.jar INFO: Download sonar-scm-svn-plugin-1.5.0.715.jar INFO: Download sonar-javascript-plugin-3.1.1.5128.jar INFO: SonarQube server 6.5.0 INFO: Default locale: "en_US", source code encoding: "UTF-8" INFO: Process project properties INFO: Load project repositories INFO: Load project repositories (done) | time=41ms INFO: Load quality profiles INFO: Load quality profiles (done) | time=42ms INFO: Load active rules INFO: Load active rules (done) | time=782ms INFO: Load metrics repository INFO: Load metrics repository (done) | time=86ms WARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project. INFO: Publish mode INFO: Project key: org.sonarqube:python-simple-sonar-scanner INFO: ------------- Scan Python :: Simple Project : SonarQube Scanner INFO: Load server rules INFO: Load server rules (done) | time=49ms INFO: Language is forced to py INFO: Base dir: /root/sonar-examples-master/projects/languages/python/python-sonar-runner INFO: Working dir: /root/sonar-examples-master/projects/languages/python/python-sonar-runner/.sonar INFO: Source paths: src INFO: Source encoding: UTF-8, default locale: en_US INFO: Index files INFO: 9 files indexed INFO: Quality profile for py: Sonar way INFO: Sensor PythonXUnitSensor [python] INFO: Sensor PythonXUnitSensor [python] (done) | time=7ms INFO: Sensor Python Squid Sensor [python] INFO: Python unit test coverage INFO: Python integration test coverage INFO: Python overall test coverage INFO: Sensor Python Squid Sensor [python] (done) | time=218ms INFO: Sensor SonarJavaXmlFileSensor [java] INFO: Sensor SonarJavaXmlFileSensor [java] (done) | time=1ms INFO: Sensor Analyzer for "php.ini" files [php] INFO: Sensor Analyzer for "php.ini" files [php] (done) | time=2ms INFO: Sensor Zero Coverage Sensor INFO: Sensor Zero Coverage Sensor (done) | time=11ms INFO: Sensor CPD Block Indexer INFO: Sensor CPD Block Indexer (done) | time=14ms INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it. INFO: 5 files had no CPD blocks INFO: Calculating CPD for 4 files INFO: CPD calculation finished INFO: Analysis report generated in 50ms, dir size=54 KB INFO: Analysis reports compressed in 11ms, zip size=27 KB INFO: Analysis report uploaded in 520ms INFO: ANALYSIS SUCCESSFUL, you can browse http://192.168.0.43:9000/dashboard/index/org.sonarqube:python-simple-sonar-scanner INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://192.168.0.43:9000/api/ce/task?id=AXUtFHMGxcHkiMKcN6ov INFO: Task total time: 3.414 s INFO: ------------------------------------------------------------------------ INFO: EXECUTION SUCCESS INFO: ------------------------------------------------------------------------ INFO: Total time: 6.631s INFO: Final Memory: 47M/181M INFO: ------------------------------------------------------------------------ [root@node03 python-sonar-runner]#
掃描結果如上所示
檢視掃描結果
安裝中文支援
上傳外掛到sonarqube的外掛目錄
重啟sonarqube,讓外掛生效
[root@node03 plugins]# /usr/local/sonaqube/bin/linux-x86-64/sonar.sh restart Stopping SonarQube... Stopped SonarQube. Starting SonarQube... Started SonarQube. [root@node03 plugins]#
驗證:重新重新整理web頁面,看看是否有中文支援了?
線上安裝外掛
提示:它這個安裝外掛的方式和jenkins安裝外掛的方式一樣,你把需要的安裝的外掛,在availabe中進行搜尋;然後點選後面的install即可;
到此,程式碼管理平臺sonarqube+sonar-scanner的部署和測試就完成了;