SonarQube Scanner
SonarScanner官方文档:https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
SonarScanner安装
注意:需要结合SonarQube平台使用,前提已经安装配置好SonarQube平台,本地配置SonarScanner相关配置,我本机是MacOS,下面主要介绍MacOS上配置SonarScanner
下载
解压,修改SonarQube的服务地址及登录用户名和密码
1
2
3
4
5
6
7
8
9
10
11
12#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
=http://xxx.xxx.xxx.xxx:9000
#----- Default source code encoding
#sonar.sourceEncoding=UTF-8
=admin
=admin
环境变量
1
jingdeMacBook-Pro:~ apple$ sudo vim ~/.bash_profile
添加如下内容:
1
2export SONAR_HOME=/Users/apple/JavaProject/sonar-scanner
export PATH=$SONAR_HOME/bin/:$PATH配置文件生效,并验证结果
1
2
3
4
5
6jingdeMacBook-Pro:~ apple$ sonar-scanner -v
INFO: Scanner configuration file: /usr/local/Cellar/sonar-scanner/4.4.0.2170/libexec/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.4.0.2170
INFO: Java 1.8.0_171 Oracle Corporation (64-bit)
INFO: Mac OS X 10.15.6 x86_64
MacOS安装
使用brew安装
1
jingdeMacBook-Pro:~ apple$ brew sonar-scanner
修改SonarQube的服务地址
1
2
3jingdeMacBook-Pro:bin apple$ cd /usr/local/Cellar/sonar-scanner/4.4.0.2170/libexec/conf/
jingdeMacBook-Pro:conf apple$ ls
sonar-scanner.properties
SonarScanner配置说明
将下载的Scanner压缩包解压后,进入Scanner目录下conf/sonar-scanner.properties,文件中配置项如下:
| 属性 | 值 |
|---|---|
| sonar.host.url | 服务器地址 |
| sonar.projectKey | 项目id |
| sonar.sources | 源代码路径,可以用逗号隔开 |
| sonar.projectName | 项目的显示名称 |
| sonar.projectVersion | 项目版本,maven中的version |
| sonar.login | 尽量用token代替 |
命令执行指定配置:
1 | sonar-scanner -Dproject.settings=../sonar-project.properties |
项目工程下配置的sonar-project.properties
SonarScanner示例
官方示例Scanner Git地址:https://github.com/SonarSource/sonar-scanning-examples
将示例下载到本地,并使用Idea打开,查看代码显示
本地项目主目录下创建文件:sonar-project.properties
SonarQube平台根据projectKey和projectName创建一个project
进入项目主目录下,执行命令:sonar-scanner
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22jingdeMacBook-Pro:sonarqube-scanner apple$ sonar-scanner
INFO: Scanner configuration file: /usr/local/Cellar/sonar-scanner/4.4.0.2170/libexec/conf/sonar-scanner.properties
INFO: Project root configuration file: /Users/apple/JavaProject/sonar-scanning-examples/sonarqube-scanner/sonar-project.properties
INFO: SonarScanner 4.4.0.2170
INFO: Java 1.8.0_171 Oracle Corporation (64-bit)
INFO: Mac OS X 10.15.6 x86_64
……
INFO: Load New Code definition
INFO: Load New Code definition (done) | time=327ms
INFO: Analysis report generated in 414ms, dir size=163 KB
INFO: Analysis report compressed in 148ms, zip size=55 KB
INFO: Analysis report uploaded in 365ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://8.140.112.109:9000/dashboard?id=org.sonarqube%3Asonarqube-scanner
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://8.140.112.109:9000/api/ce/task?id=AXfdA7TpGdb6fZ1OKKqm
INFO: Analysis total time: 43.011 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 15:23.931s
INFO: Final Memory: 89M/713M
INFO: ------------------------------------------------------------------------
执行成功后,到SonarQube查看结果
点击project,可查看详情
SonarScanner Maven示例
maven工程中配置scanner,有两种方式,一种是maven的setting.xml中配置,另一种是Maven项目中pom.xml中配置
方式一
打开MAVEN_HOME/conf/settings.xml或者~/.m2/settings.xml,加入如下内容
1 | <settings> |
配置完成后,我们可以在项目目录下执行maven命令执行进行分析
1 | mvn clean verify sonar:sonar -Dsonar.login=myAuthenticationToken |
这种方式将sonar.url写死在配置文件中,不够灵活,我们一般在执行命令时,将sonar的服务地址写在命令行中,可以灵活的变更。
方式二
Maven项目中pom.xml中配置sonar-maven-plugin的插件
1 | <build> |
配置完成后,我们可以在项目目录下执行maven命令执行进行分析
1 | mvn sonar:sonar \ |
指定多种相关参数
1 | mvn sonar:sonar \ |
-Dsonar.java.binaries:Java的二进制文件-Dsonar.branch.name:指定扫描的Git分支-Dsonar.sources:sonar扫描原文件目录-Dsonar.exclusions:sonar排除原文件目录
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 Jing's Blog!
