https://www.ibm.com/developerworks/cn/devops/1612_qusm_jenkins/index.html
https://www.jianshu.com/p/a8d4825146a6
https://www.cnblogs.com/wangxin37/p/6397755.html
https://www.cnblogs.com/gao241/p/3190701.html
https://blog.csdn.net/qq_36871364/article/details/77770112
https://blog.csdn.net/kefengwang/article/details/54377055
https://blog.csdn.net/lswnew/article/details/79193529
https://blog.csdn.net/abcdocker/article/details/53840582
SonarQube is an open source code quality analysis platform, which is easy to manage the quality of the code, and can check out the loopholes and potential logic problems of the project code. At the same time, it provides a wealth of plug-ins to support the detection of multiple languages, such as Java, Python, Groovy, C, C++ and other dozens of programming languages. Its main core values are reflected in the following aspects:
- Check that the code follows programming standards: like naming conventions, written conventions, etc.
- Check for potential flaws in the design: SonarQube detects the flaws in the code through the plugin Findbugs, Checkstyle and other tools.
- Detect the amount of duplicated code in code: SonarQube can show that there is a lot of copy-pasted code in the project.
- Detect the degree of comments in the code: Too many or too few comments in the source code are not good, affecting the readability and comprehensibility of the program.
- Detect the relationship between packages and classes in the code: analyze whether the relationship between classes is reasonable and the complexity.
The SonarQube platform is composed of 4 parts:
- SonarQube Server
- SonarQube Database
- SonarQube Plugins
- SonarQube Scanner