SonarQube's most complete installation steps, teach you to avoid all pits perfectly

Others 2020-09-14 21:06:17 views: null

After a morning of installation and searching for information, I actually want to breathe more fragrantly for this article.

aims:

  • Install a code scanning tool to perform a static scan of the code to find potential problems in time.

Introduction to SonarQube

  • SonarQube is an open platform for managing code quality
    • Can quickly locate potential or obvious errors in the code.
    • Currently, it supports code quality management and testing for more than 20 programming languages ​​such as Java, C#, C/C++, Python, PL/SQL, Cobol, JavaScrip, Groovy.
    • Integrate jenkins and DevOps for CI/CD work.
  • Seven dimensions to check code quality
    • Complexity distribution (complexity): the code complexity is too high to be difficult to understand
    • Duplications: The program contains a lot of copied and pasted code, which leads to bloated code. Sonar can show the serious duplication in the source code.
    • Unit test statistics (unit tests): Statistics and display unit test coverage, development or testing can clearly test the code coverage
    • Coding rules: Check whether the code conforms to the specification through Findbugs, PMD, CheckStyle, etc.
    • Comment rate (comments): If there are too few code comments, especially after personnel changes, it is difficult for others to take over; if there are too many, it is not conducive to reading
    • Potential bugs (potential bugs): detect potential bugs through Findbugs, PMD, CheckStyle, etc.
    • Architecture & design: Find out loops, show dependencies between packages, classes and classes, and check the degree of coupling between programs

Installation environment (all the pits are here)

  • 1.Java environment
  • 2. Database
  • 3.SonarQube
  • 4.Sonar-Scanner

pit

For the above four environments, I did not specify what version it is, why not? Because with the different versions of SonarQube, the other three environments will change, let's take a few obvious pitfalls:

  • 1. SonarQube-7.9.1 requires java11 to start.
  • 2. SonarQube7.9 and later versions no longer support MySQL. The versions before SonarQube7.9 require MYSQL5.6-8.0 (left closed and right open interval), otherwise java.io.IOException: The remote host forced to close a current Some connections.
  • 3. Some versions of SonarQube (like 7 and later) can only scan the master branch, but not other branches.
  • 4. According to other blog posts: SQL Server 2016 (sql server version needs to be above 12, that is, SQL Server 2012 and the following versions are not compatible with sonarqube 8.2)
  • 5. SonarQube cannot connect to the remote database and must use localhost. (Some articles mentioned in this pit, according to my actual measurement, does not exist, because I use the sqlserver database on the remote server)

Installation steps

  • 1. Install Java11 and configure environment variables (note: there is no jre after Java11 is installed, run: bin\jlink.exe --module-path jmods --add-modules java.desktop --output jre, it will be in this directory Generate jre folder)
  • 2. Install the database (according to the different versions of SonarQube, choose different versions of mysql, or SonarQube7.9 and later, just choose sqlserver) (I used sonarqube-7.9.1 + Microsoft SQL Server 2017 (RTM-CU20) ( KB4541283)-14.0.3294.2 (X64))
  • 3. Download SonarQube , (remember to choose the version you want).
  • 4. Unzip sonarqube, enter the conf file, and configure sonar.properties. If the configuration file is wrong, connection problems will occur.
配置文件如下:
sonar.jdbc.url=jdbc:sqlserver://xxxxxxxx;databaseName=sonarqube
sonar.jdbc.username=sa
sonar.jdbc.password=xxxxx
sonar.login=admin
sonar.password=admin
  • 5. Enter the sonarqube\sonarqube-7.9.1\bin\windows-x86-64 folder, double-click StartSonar.bat, and the following picture will appear.
    Insert picture description here

Steps for usage

  • How to scan
  • How to export pdf after scanning
    • Download the plug-in, how to this model: sonar-pdfreport-plugin-2.1.1.jar
    • Place it in the sonarqube-7.3\extensions\plugins directory
    • Restart the sonar service
    • After the service restarts, you can see that a new configuration page has been added, and the PDF report is a new page tab after adding a plug-in.

Guess you like

Origin blog.csdn.net/ljfirst/article/details/105773021
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com