Sonar code quality management open source platform

introduce

Sonar is an open source platform for code quality management for managing the quality of Java source code. Through the plugin mechanism, Sonar can integrate different testing tools, code analysis tools, and continuous integration tools, such as pmd-cpd, checkstyle, findbugs, and Jenkins. These results are reprocessed through different plug-ins, and the changes in code quality are measured in a quantitative way, so that code quality management can be easily carried out for projects of different scales and types. At the same time, Sonar also provides interface support for a large number of continuous integration tools, which makes it easy to use Sonar in continuous integration. In addition, Sonar's plug-ins can provide support for programming languages ​​other than Java, as well as good support for internationalization and report documentation.

SONAR install & run

Download address: http://www.sonarqube.org/downloads/

Run: After decompression, run the startup scripts in different directories under bin according to the platform. For linux x86_64, run bin/linux-x86-64/sonar.sh.

Available commands:

./sonar.sh { console | start | stop | restart | status | dump }

Install the plugin:

SONAR Chinese Pack: http://docs.codehaus.org/display/SONAR/Chinese+Pack

Place the plugin under ${SONARHOME}/extensions/plugins and restart sonar to take effect. Note that the version numbers match. In this example, the SonarQube version is 4.4, so the plugin version is selected as 1.8.

Sonar, an open source platform for code quality management

SONAR + Maven to analyze code quality

1) Set the database information used by sonar.

This example sets up sonar to use the mysql database to store analysis data. After saving the settings, execute restart to make them take effect.

${SONARHOME}/conf/sonar.properties:

# Permissions to create tables, indices and triggers must be granted to JDBC user.# The schema must be created first.sonar.jdbc.username=rootsonar.jdbc.password=root# Comment the following line to deactivate the default embedded database.#sonar.jdbc.url=jdbc:h2:tcp://localhost:9092/sonar#----- MySQL 5.x# Comment the embedded database and uncomment the following line to use MySQLsonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true

2) The sonar information needs to be set in Maven's settings.xml.

Where <sonar.host.url>http://localhost:9000</sonar.host.url> indicates the address of the sonar server. So when executing the maven command, the server specified by <sonar.host.url> must be running.

${MAVEN_HOME}/conf/settings.xml:

<profiles><profile><id>sonar</id><properties><sonar.jdbc.url>jdbc:mysql://192.168.198.128:3306/sonar</sonar.jdbc.url><sonar.jdbc.driver>com.mysql.jdbc.Driver</sonar.jdbc.driver><sonar.jdbc.username>root</sonar.jdbc.username><sonar.jdbc.password>root</sonar.jdbc.password><sonar.host.url>http://localhost:9000</sonar.host.url><!-- Sonar服务器访问地址 --></properties></profile></profiles><activeProfiles><activeProfile>sonar</activeProfile></activeProfiles>

3) Execute the mvn sonar:sonar command for code analysis.

We can execute sonar on a standard maven project in Eclipse. Note: Since maven has good support for sonar and will automatically execute the corresponding script, there is no need to add sonar instructions to the pom.

Before executing maven for sonar analysis, you must ensure that the sonar server is already running. In this example the sonar server is running on localhost:9000.

First, execute the sonar:sonar command, and finally get the following output. If the output "BUILD SUCCESS" indicates that the build has been successful.

Sonar, an open source platform for code quality management

Then, we can view the analysis results in the browser.

View analysis results

For using sonar's own server, visit: http://sonar_ip:9000 in the browser to open the sonar result page. You can log in with the admin/admin account.

1) home

Below is the home page, and the PROJECTS page on the right lists all the projects. Click the link in the red box to view the details.

Sonar, an open source platform for code quality management

2) General panel view of the project

Dashboard contains a lot of information, such as program statistics, problem statistics, technical debt, code complexity, unit test coverage, etc.

Sonar, an open source platform for code quality management

3) Hotspots hotspots

In the hotspot area, you can view more main (hot) information.

Sonar, an open source platform for code quality management

4) Problem View

Click "Issue" in the left navigation tree to open the issue view page. Specific questions can be viewed by clicking on the question number, as shown in the red box below.

Sonar, an open source platform for code quality management

Click on the question number to enter the specific question page. SonarQube allows administrators to revalidate issues, such as an open issue that can be considered misidentified.

Sonar, an open source platform for code quality management

Here's what happens when you think a question is a misjudgment.

Sonar, an open source platform for code quality management

On the Issues page, you can search for issues by "Status". Below are the results of a search for the "false positive" question.

Sonar, an open source platform for code quality management

5) Technical Debt

Here is a list of the time it takes to fix the problem, the so-called technical debt. The more problems that are left, the greater the technical debt.

Sonar, an open source platform for code quality management

6) Problem details

The problem details are listed here, including the problem severity level, the corresponding number of problems, and the description of the problem.

Sonar, an open source platform for code quality management

Combine with Jenkins

The SONAR server can be placed on any master or slave node. When performing sonar analysis, the sonar server information must be configured in maven's conf/settings.xml. Then you can perform sonar analysis in jenkins.

There are two ways to combine jenkins with sonar: one is through maven (jenkins -maven - sonar) as described above, and the other is to call sonar directly in jenkins.



Original link: Sonar, an open source platform for code quality management

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326066603&siteId=291194637