SonarQube installation tutorial and simple to use (based Centos7, JDK1.8)

SonarQube

concept:

SonarQube is an automated code review tool used to detect errors in the code, vulnerabilities and code smell. It can be integrated with your existing workflow, continuous code checks for items between the branch and the pull request.
Advantage: a large number of continuous integration tools provides interface support, can be easily used in a continuous integration Sonar; integrate different testing tools, code analysis tools, and CI tool, such pmd-cpd, checkstyle, findbugs, Jenkins;

In CentOS system installation SonarQube:

Environmental requirements: Jdk 1.8 , MySQL

In addition, IP this practice CentOS7 server is: 10.141.211.174

1. Database Configuration:

   进入mysql，创建数据库sonar，密码为sonar
   $ mysql -u root -p
   
   mysql> CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
   mysql> CREATE USER 'sonar' IDENTIFIED BY 'sonar';
   mysql> GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
   mysql> GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
   mysql> FLUSH PRIVILEGES;

2. Use wget command to download the installation package at the following link:

   sonarqube:         https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.2.zip
   sonar-scanner-cli：   https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-2.8.zip
   可以自己更改需要的版本号(进入地址的Distribution/中进行查看)

   Specific command is as follows:

   # 下载压缩包并解压
   cd /usr/local
   wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.2.zip
   unzip sonarqube-7.2.zip
   
   # 添加用户sonar，并更改 该目录 的owner(原因：sonarqube中的es不许以root启动，故以sonar用户来启动)
   useradd sonar
   chown  -R  sonar. /usr/local/sonarqube-7.2

3. Edit the configuration file sonarqube

   vi /usr/local/sonarqube-7.2/conf/sonar.properties
   相应的修改处如下：
   1.
   # User credentials.
   # Permissions to create tables, indices and triggers must be granted to JDBC user.
   # The schema must be created first.
   sonar.jdbc.username=sonar
   sonar.jdbc.password=sonar
   
   2.
   #----- DEPRECATED
   #----- MySQL >=5.6 && <8.0
   # Support of MySQL is dropped in Data Center Editions and deprecated in all other editions
   # Only InnoDB storage engine is supported (not myISAM).
   # Only the bundled driver is supported. It can not be changed.
   sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
   
   3.
   # Binding IP address. For servers with more than one IP address, this property specifies which
   # address will be used for listening on the specified ports.
   # By default, ports will be used on all IP addresses associated with the server.
   sonar.web.host=10.141.211.174 （填写本机IP）

   Then save and exit.

4. Run the script to start the service

   cd /usr/local/sonarqube-7.2/
   # 以普通用户sonar启动服务，不然es启动会报错，用法：console、start、status、stop...
   su sonar bin/linux-x86-64/sonar.sh start
   
   # 查看状态，但这个状态只是暂时的，并不可信
   su sonar bin/linux-x86-64/sonar.sh status
   # 跟踪日志，确保启动成功(先跟着sonar.log日志，如果报es错误，可以去查看es.log；如果报了web错误，那么就是查看web.log)
   tail -f logs/sonar.log

5. Login web side:

   In the browser, enter: http: // IP: 9000, can successfully enter the (initial user: admin, default password: admin, you can set the token).

Install Sonar-Scanner:

1. Download the zip and unzip (best to use sonar-scanner-2.8 version, support for jdk1.8, or other versions will go wrong)

   cd /usr/local
   wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-2.8.zip
   unzip sonar-scanner-2.8.zip  # 解压后，目录名改为sonar-scanner

2. Edit / etc / profile file

   把以下配置添加到文件末尾，如下：
   
   #set sonar-scanner environment
   export SONAR_SCANNER_HOME=/usr/local/sonar-scanner
   export PATH=${SONAR_SCANNER_HOME}/bin:${PATH}
   
   然后执行命令： source /etc/profile

3. Check sonar-scanner version: sonar-scanner -v
   follow the prompts, edit sonar-scanner.properties file as follows:

   vi /usr/local/sonar-scanner/conf/sonar-scanner.properties
   
   修改SonarQube server的地址，改为前面SonarQube的地址(我的是http://10.141.211.174:9000)
   #----- Default SonarQube server
   sonar.host.url=http://10.141.211.174:9000
   
   去掉mysql的注释
   #----- MySQL
   sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8

Try to use SonarQube:

1. Ensure SonarQube already started, if not start to run:su sonar /usr/local/sonarqube-7.2/bin/linux-x86-64/sonar.sh start

2. A project to clone local:git clone xxx

3. In the root directory of the project, create a file sonar-project.properties, and edit it, edit the content as follows:

   # must be unique in a given SonarQube instance
   sonar.projectKey=simple-java-maven-app
   sonar.projectName=simple-java-maven-app
   sonar.projectVersion=1.0
   sonar.sources=src
   sonar.language=java
   sonar.sourceEncoding=UTF-8
   sonar.java.binaries=/usr/local/workspace/simple-java-maven-app/target/classes

4. Using sonar-scanner to analyze, execute commands in the project root directory: sonar-scannerthen you can see the results of the http://10.141.211.174:9000.
   In addition to sonar-scannerthe command, we can also use the maven command code analysis to achieve the same effect, the command is as follows:

   mvn sonar:sonar \
     -Dsonar.host.url=http://10.141.211.174:9000 \
     -Dsonar.login=acfa9b0585a3c0a10366826143edebf4abd36f6b   # 这个是sonarqube登录时的token

reference:

https://www.cnblogs.com/ding2016/p/8065241.html
https://www.cnblogs.com/owenma/p/7891170.html
https://blog.csdn.net/qq_21816375/article/details/80787993