Sonar is an open platform for code quality management. Through the plug-in mechanism, Sonar can integrate different testing tools, code analysis tools, and continuous integration tools.
The operating system used in this article is CentOS7, which is installed based on docker, uses an external postgres database, and is started based on docker-compose.
1. Install sonar
Execute the following instructions on the server to install the postgres database and snarQube:
1. Download the postgres database:docker pull postgres
2. Download sonar: docker pull sonarqube
2. Install docker-compose
Execute the following instructions on the server to install docker-compose:
sudo curl -L https://github.com/docker/compose/releases/download/1.17.0/docker-compose-`uname -s -uname -m` -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
3. Write the docker-compose.yml file
version: '2'
services:
postgres:
image: sameersbn/postgresql:9.6-2
volumes:
- /srv/docker/postgresql/sonar:/var/lib/postgresql:Z
environment:
- DEBUG=false
- DB_USER=hfcb
- DB_PASS=hfcb
- DB_NAME=sonar
ports:
- "5432:5432"
sonar:
image: sonarqube
depends_on:
- postgres
volumes:
- /srv/docker/sonar:/images:Z
environment:
- SONARQUBE_JDBC_USERNAME=hfcb
- SONARQUBE_JDBC_PASSWORD=hfcb
- SONARQUBE_JDBC_URL=jdbc:postgresql://postgres/sonar
ports:
- "9000:9000"
- "9092:9092"
4. Start sonar
Execute the following command in the docker-compose.yml directory:
docker-compose up -d --no-recreate
5. Visit sonar
Data in browser: http://server IP: 
9000
6. Configure in the maven project
Add the following configuration to pom.xml
<properties>
<sonar.host.url>http://192.168.1.222:9000</sonar.host.url>
</properties>
7. Scan the project code
Execute in the project directory: mvn sonar:sonar
You can view the number of Bugs, Vulnerabilities and Code Smells scanned by sonar on the sonar page, and you can also view the specific location in the code.