Sonar+Jenkins builds an automated analysis platform for code quality

1.Sonar introduction

Sonar is an open source tool for managing code quality. It can analyze code bugs and vulnerabilities and Code Smells. It supports detection of more than 20 programming languages, such as java, c/c++, python, php and other languages. There are currently more than 85,000 The home organization is using sonar. Sonar can be fully integrated with the DevOps toolchain, can be integrated with most build tools, easily integrated with continuous integration engines such as Jenkins, TFS/VSTS, TeamCity, Bamboo, etc., and supports many source code management configuration tools, such as git, svn, cvs Wait.
Official address: https://www.sonarqube.org/
As early as 2007, when the first line of code was created, the founder of Sonar dreamed of one day providing every developer with the ability to measure the quality of their project code. His motto: "Continuous testing must become the mainstream of continuous integration."
The purpose of this article is to install a sonar and integrate it into Jenkins to achieve a continuous quality monitoring of the code.

2. Sonar installation

2.1. Introduction to the installation environment

Note: The sonar server requires at least 2G of memory to run effectively, while the operating system requires 1GB of available memory.

• Centos 7.2
• Install JDK 1.8
• Install Jenkins 2.89
• Install maven 3.5.2 (not necessary, used to compile some plug-ins)
• Install mysql 5.6 database (required version, no lower than 5.6)

After installing mysql, create the sonar database and account as follows:

CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY '123456' WITH GRANT OPTION;
FLUSH PRIVILEGES;

2.2. SonarQube installation

cd /data/package/
wget https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-6.6.zip
mkdir /data/service/sonar/
unzip sonarqube-6.6.zip -d /data/service/sonar/

Configure the startup script:

[root@c7-node1 ~]# cat /etc/init.d/sonar
#!/bin/sh
#
# rc file for SonarQube
#
# chkconfig: 345 96 10
# description: SonarQube system (www.sonarsource.org)
#
### BEGIN INIT INFO
# Provides: sonar
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: SonarQube system (www.sonarsource.org)
# Description: SonarQube system (www.sonarsource.org)
### END INIT INFO
/usr/bin/sonar $*

Authorize the execution permission of the startup script and configure the path

chmod +x /etc/init.d/sonar
ln -s /data/service/sonar/sonarqube-6.6/bin/linux-x86-64/sonar.sh /usr/bin/sonar
chkconfig sonar on

Modify the configuration file

[root@c7-node1 ~]# cd /data/service/sonar/sonarqube-6.6/conf/
[root@c7-node1 conf]# cp sonar.properties{,.bak}
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false

2.3. SonarQube Scanner installation

cd /data/package/
wget https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-2.8.zip
unzip sonar-scanner-2.8.zip -d /data/service/sonar/
ln -s /data/service/sonar/sonar-scanner-2.8/bin/sonar-scanner /usr/bin/sonar-scanner

Modify the configuration file

[root@c7-node1 ~]# cd /data/service/sonar/sonar-scanner-2.8/conf/
[root@c7-node1 conf]# cp sonar-scanner.properties{,.bak}
[root@c7-node1 conf]# vim sonar-scanner.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8

2.4. SonarQube runner installation

cd /data/service/
wget http://repo1.maven.org/maven2/org/codehaus/sonar/runner/sonar-runner-dist/2.4/sonar-runner-dist-2.4.zip
unzip sonar-runner-dist-2.4.zip -d /data/service/sonar/
ln -s /data/service/sonar/sonar-runner-2.4/bin/sonar-runner /usr/bin/sonar-runner

Modify the configuration file

[root@c7-node1 ~]# cd /data/service/sonar/sonar-runner-2.4/conf/
[root@c7-node1 conf]# cp sonar-runner.properties{,.bak}
[root@c7-node1 conf]# vim sonar-runner.properties
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8
sonar.jdbc.username=sonar
sonar.jdbc.password=123456

Add environment variables

[root@c7-node1 ~]# vim /etc/profile.d/sonar.sh
export SONAR_HOME=/data/service/sonar/sonarqube-6.6
export SONAR_RUNNER_HOME=/data/service/sonar/sonar-runner-2.4
export PATH=$SONAR_RUNNER_HOME/bin:$PATH
[root@c7-node1 ~]# source /etc/profile.d/sonar.sh

2.5. Start sonar

Note: Sonar is not allowed to start as the root user by default, so we need to create the sonar user and start it as the sonar user

[root@c7-node1 ~]# useradd sonar
[root@c7-node1 ~]# chown -R sonar:sonar /data/service/sonar/
[root@c7-node1 ~]# su sonar
[sonar@c7-node1 root]$ /etc/init.d/sonar start

After sonar is started successfully, you can open the web interface of sonar by accessing port 9000 of the server. The default account and password are admin:admin. Note: By default, sonar does not allow the root user to start, so we need to create the sonar user and start it as the sonar user.

The following page appears, indicating that the installation of sonar is successful. If the installation of sonar fails, you can check according to the error content of the log.

3. Sonar plug-in usage and localization

Sonar can expand its functions by installing plug-ins. For specific information, you can visit Sonar's plug-in library, which provides many code analysis plug-ins, authentication and authorization plug-ins, external analysis plug-ins, language plug-ins, visualization/reporting plug-ins, etc. Below we will demonstrate the installation of sonar plugin by installing sonar and other Chinese plugins.
Sonar’s plug-in library: https://docs.sonarqube.org/display/PLUG/Plugin+Library
3.1. After installing the Chinese plug-in
in the background and logging in to Sonar, search for Chinese in Administration–>System–>Update Center–>Available to see Go to the Chinese plug-in package and click install to install it. However, the installation time is very slow and even fails. It is recommended to install it manually.

3.2. Manually install the plug-in
Chinese plug-in github address: https://github.com/SonarQubeCommunity/sonar-l10n-zh
We download the Chinese plug-in source code to our local, and switch to the corresponding version (the sonar6.6 version I installed, Need to switch to 1.18tag) to compile

git clone https://github.com/SonarQubeCommunity/sonar-l10n-zh.git
cd sonar-l10n-zh/
git checkout sonar-l10n-zh-plugin-1.18
mvn package
cp target/sonar-l10n-zh-plugin-1.18-SNAPSHOT.jar /data/service/sonar/sonarqube-6.6/extensions/plugins/

After copying the Chinese plug-in to the sonar plug-in directory, restart sonar to take effect. After
restarting sonar, access the web verification effect, you can see that the Chinese language is successfully

installed, and our Chinese plug-in is installed. If you need to install other plug-ins, you can directly visit the official plug-in library Find and install it.
4.
Sonar analysis of Python code small example Sonar can be used to analyze the actual code after the installation of the localization is completed. I have prepared a small example to analyze the python code to demonstrate the process of sonar analysis of the code.
Example: My python project is developed using version 3.0, but using 2.0 syntax, let's try if sonar can analyze it (sonar has a built-in python 3.0 analysis plug-in, we don't need to install it). There is only one demo script, the function is to send emails. The print is 2.0 syntax, which cannot run normally in the 3.0 environment. We analyze the script to demonstrate the process of sonar's code analysis.

[sonar@c7-node1 ~]$ cat python_test/sendEmail.py
#!/usr/bin/python
# -*- coding: UTF-8 -*-

import sys
import smtplib
from email.mime.text import MIMEText
from email.header import Header

# 第三方 SMTP 服务
mail_host="xxx" #设置服务器
mail_user="xxx" #用户名
mail_pass="xxx" #口令

sender = '[email protected]'
receivers = sys.argv[1]

content=sys.argv[3]
message = MIMEText(content, 'plain', 'utf-8')

message['From'] = Header(sender, 'utf-8')
message['To'] = Header(receivers, 'utf-8')

subject = sys.argv[2]
message['Subject'] = Header(subject, 'utf-8')

try:
smtpObj = smtplib.SMTP()
smtpObj.connect(mail_host, 25) # 25 为 SMTP 端口号
smtpObj.login(mail_user,mail_pass)
smtpObj.sendmail(sender, receivers, message.as_string())
print "邮件发送成功"
except smtplib.SMTPException:
print "Error: 无法发送邮件"

Create a configuration file sonar-project.properties in the project root directory. If the project is not created in sonar, the first analysis will be automatically created according to the name and key entered in the configuration file

[sonar@c7-node1 ~]$ cat python_test/sonar-project.properties
sonar.projectKey=python_test
sonar.projectName=python_test
sonar.projectVersion=1.0
sonar.sources=.
sonar.sourceEncoding=UTF-8

Run the following command in the project root directory to start the analysis

sonar-scanner

After the scan is completed, we can open the web page again to see that our sonar automatically created the python_test project based on the content filled in the configuration file, and analyzed two bugs

Click on the project name, you can enter the project, view the detailed analysis information of the project,

click on bugs, you can see the specific bug information, we can see that the bug information is that there is a problem with the python print statement

Sonar can not only find bugs, but also tell us why we are wrong, and give correct examples;
check the specific information of the bug: say that the print statement was deleted in python3.0. Built-in functions should be used, and correct examples are given.

5. Sonar integrates Jenkins to use

5.1. Set the token
in sonar Use the admin user to log in to sonarQube, [Configuration] -> [Permission] -> [User]

5.2.Jenkins installs sonar related plug-ins to
install the two plug-ins in the red box

5.3. Jenkins configuration sonar plug-in
Click [System Management] -> [System Settings] Configure Sonar authentication information, save after setting

Click [System Management] -> [Global Tool Configuration], configure sonar scanner information

5.4. Configure sonar
in Jenkins job. For the convenience of operation, I will not put the code just now in git for pulling, and directly configure the working directory as the python_test directory just now. For the production environment, you can choose from svn or git to get the code to be analyzed

Add a build step, select Execute SonarQube Scanner, select a jdk for analysis, and fill in Analysis properties as the sonar-project.properties configuration file that was scanned manually.

In this way, the sonar part of our Jenkins is configured. We can save the job for construction. After the construction is completed, we can jump directly to the sonar to the analysis page through the construction history, as shown in the figure below, with the complete content of the Jenkins job and the construction video.

6. Postscript

This is the end of this article. Although some of the contents of sonar, such as project management, security, monitoring, email notifications, etc., are not mentioned in the article, I think the management of sonar after the Chinese version is relatively convenient and easy to operate. Here you can Log in to the background to explore by yourself.
There is also that the job of sonar+Jenkins is not very comprehensive and lacks the configuration of automatic code acquisition and release, but the configuration of sonar is still correct, you only need to add it to the first operation after your code is obtained, or compile The previous operations can be done.

文章系作者原创投稿。作者：西门飞冰，一名90后it男，一直在北京工作，热爱运动，热爱冒险，热爱旅行。  原文地址：http://www.fblinux.com/?p=1155。