introduce
Sonar is an open source platform for code quality management for managing the quality of Java source code. Through the plugin mechanism, Sonar can integrate different testing tools, code analysis tools, and continuous integration tools, such as pmd-cpd, checkstyle, findbugs, and Jenkins. These results are reprocessed through different plug-ins, and the changes in code quality are measured in a quantitative way, so that code quality management can be easily carried out for projects of different scales and types. At the same time, Sonar also provides interface support for a large number of continuous integration tools, which makes it easy to use Sonar in continuous integration. In addition, Sonar's plug-ins can provide support for programming languages other than Java, as well as good support for internationalization and report documentation.
SONAR install & run
Download address: http://www.sonarqube.org/downloads/
Run: After decompression, run the startup scripts in different directories under bin according to the platform. For linux x86_64, run bin/linux-x86-64/sonar.sh.
Available commands:
./sonar.sh { console | start | stop | restart | status | dump }
Install the plugin:
SONAR Chinese Pack: http://docs.codehaus.org/display/SONAR/Chinese+Pack
Place the plugin under ${SONARHOME}/extensions/plugins and restart sonar to take effect. Note that the version numbers match. In this example, the SonarQube version is 4.4, so the plugin version is selected as 1.8.
SONAR + Maven to analyze code quality
1) Set the database information used by sonar.
This example sets up sonar to use the mysql database to store analysis data. After saving the settings, execute restart to make them take effect.
${SONARHOME}/conf/sonar.properties:
# Permissions to create tables, indices and triggers must be granted to JDBC user.# The schema must be created first.sonar.jdbc.username=rootsonar.jdbc.password=root# Comment the following line to deactivate the default embedded database.#sonar.jdbc.url=jdbc:h2:tcp://localhost:9092/sonar#----- MySQL 5.x# Comment the embedded database and uncomment the following line to use MySQLsonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true
2) The sonar information needs to be set in Maven's settings.xml.
Where <sonar.host.url>http://localhost:9000</sonar.host.url> indicates the address of the sonar server. So when executing the maven command, the server specified by <sonar.host.url> must be running.
${MAVEN_HOME}/conf/settings.xml:
<profiles><profile><id>sonar</id><properties><sonar.jdbc.url>jdbc:mysql://192.168.198.128:3306/sonar</sonar.jdbc.url><sonar.jdbc.driver>com.mysql.jdbc.Driver</sonar.jdbc.driver><sonar.jdbc.username>root</sonar.jdbc.username><sonar.jdbc.password>root</sonar.jdbc.password><sonar.host.url>http://localhost:9000</sonar.host.url><!-- Sonar服务器访问地址 --></properties></profile></profiles><activeProfiles><activeProfile>sonar</activeProfile></activeProfiles>
3) Execute the mvn sonar:sonar command for code analysis.
We can execute sonar on a standard maven project in Eclipse. Note: Since maven has good support for sonar and will automatically execute the corresponding script, there is no need to add sonar instructions to the pom.
Before executing maven for sonar analysis, you must ensure that the sonar server is already running. In this example the sonar server is running on localhost:9000.
First, execute the sonar:sonar command, and finally get the following output. If the output "BUILD SUCCESS" indicates that the build has been successful.
Then, we can view the analysis results in the browser.
View analysis results
For using sonar's own server, visit: http://sonar_ip:9000 in the browser to open the sonar result page. You can log in with the admin/admin account.
1) home
Below is the home page, and the PROJECTS page on the right lists all the projects. Click the link in the red box to view the details.
2) General panel view of the project
Dashboard contains a lot of information, such as program statistics, problem statistics, technical debt, code complexity, unit test coverage, etc.
3) Hotspots hotspots
In the hotspot area, you can view more main (hot) information.
4) Problem View
Click "Issue" in the left navigation tree to open the issue view page. Specific questions can be viewed by clicking on the question number, as shown in the red box below.
Click on the question number to enter the specific question page. SonarQube allows administrators to revalidate issues, such as an open issue that can be considered misidentified.
Here's what happens when you think a question is a misjudgment.
On the Issues page, you can search for issues by "Status". Below are the results of a search for the "false positive" question.
5) Technical Debt
Here is a list of the time it takes to fix the problem, the so-called technical debt. The more problems that are left, the greater the technical debt.
6) Problem details
The problem details are listed here, including the problem severity level, the corresponding number of problems, and the description of the problem.
Combine with Jenkins
The SONAR server can be placed on any master or slave node. When performing sonar analysis, the sonar server information must be configured in maven's conf/settings.xml. Then you can perform sonar analysis in jenkins.
There are two ways to combine jenkins with sonar: one is through maven (jenkins -maven - sonar) as described above, and the other is to call sonar directly in jenkins.
Original link: Sonar, an open source platform for code quality management