Jenkins骚操作第七章sonarqube代码审查

一、sonarqube简介

SonarQube是一个用于管理代码质量的开放平台，可以快速的定位代码中潜在的或者明显的错误。目前支持java,C#,C/C++,Python,PL/SQL,Cobol,JavaScrip,Groovy等二十几种编程语言的代码质量管理与检 测，底层使用elasticsearch作为代码检索工具

官网：https://www.sonarqube.org/

|

软件	服务器 版本
jdk	192.168.199.133 / 1.8
MYSQL	192.168.199.133/ 5.7
SonarQube	192.168.199.133 / 6.7.4

二、安装MYSQL

yum -y install \
ncurses \
ncurses-devel \
bison \
cmake

useradd -s /sbin/nologin  mysql

tar zxvf mysql-5.7.17.tar.gz -C /opt/
tar zxvf boost_1_59_0.tar.gz -C /usr/local/
cd /usr/local/
mv boost_1_59_0 boost

cd mysql-5.7.17/

cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DSYSCONFDIR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8  \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DWITH_BOOST=/usr/local/boost \
-DWITH_SYSTEMD=1

如果在CMAKE的过程中有报错，当报错解决后，需要把源码目录中的CMakeCache.txt文件删除，然后再重新CMAKE，否则错误依旧

make -j6
make install

chown -R mysql.mysql /usr/local/mysql/
vim /etc/my.cnf

[client]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysql]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir = /usr/local/mysql/data
port = 3306
character_set_server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket = /usr/local/mysql/mysql.sock
server-id = 1

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES

chown mysql:mysql /etc/my.cnf
vim /etc/profile

export PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
source /etc/profile

cd /usr/local/mysql/
bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/usr/local/mysql/data

cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
systemctl daemon-reload
systemctl start mysqld
netstat -anpt | grep 3306
systemctl enable mysqld

修改密码

mysqladmin -u root -p password "12345"
mysql -uroot -p

授权远程登陆

grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option;

进入MYSQL

show databases;
create database sonar;
use sonar;
show table;

https://www.sonarqube.org/downloads/

解压sonar，设置权限

yum install unzip
unzip sonarqube-6.7.4.zip   #解压
mkdir /opt/sonar 创建目录
mv sonarqube-6.7.4/* /opt/sonar 移动文件
useradd sonar 创建sonar用户,必须sonar用于启动，否则报错
chown -R sonar. /opt/sonar 更改sonar目录及文件权限

修改sonar配置文件

vim /opt/sonar/conf/sonar.properties
16 sonar.jdbc.username=root
17 sonar.jdbc.password=12345 #密码和MYSQL一致
26 sonar.jdbc.url(解除注释)

cd /opt/sonar
su sonar
/opt/sonar/bin/linux-x86-64/sonar.sh start 启动
/opt/sonar/bin/linux-x86-64/sonar.sh status 查看状态
/opt/sonar/bin/linux-x86-64/sonar.sh stop 停止
tail -f logs/sonar.logs 查看日志

三、设置sonar

http:192.168.199.133:9000

第一步：登陆

第二步：创建token,保存密钥

进入界面

四、安装sonarqube scanner

进入Jenkins

进入tool配置

记住name 因为要和idea匹配

进入manage Credentials

进入system configuration

name要记住。要和idea匹配

五、自由风格验证

验证时gitlab、Jenkins都必须存活，同时，所有数据都从gitlab中来，验证时数据存入MYSQL

# must be unique in a given SonarQube instance
sonar.projectKey=web_demo_freestyle
# this is the name and version displayed in the SonarQube UI. Was mandatory prior to 
SonarQube 6.1.
sonar.projectName=web_demo_freestyle
sonar.projectVersion=1.0
# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# This property is optional if sonar.modules is set.
sonar.sources=.
sonar.exclusions=**/test/**,**/target/**
sonar.java.source=1.8
sonar.java.target=1.8
# Encoding of the source code. Default is default system encoding
sonar.sourceEncoding=UTF-8

sonar页面验证

六、错误代码验证

idea------>pom.xml------>记得下载

<dependency>
   <groupId>javax.servlet</groupId>
   <artifactId>javax.servlet-api</artifactId>
   <version>4.0.1</version>
</dependency>

点击下载java 成立java文件

package com.mjh;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class HelloWorld extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        super.doPost(req, resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        //模拟错误代码
        int i =1110;
        //模拟冗余代码
        int j =55;
        j=150;
        resp.getWriter().write("hello,servlet");
    }
}

报错：找不到’JAVA’ or ‘JAVA_HOME’ PATH

解决方案

进入linux中重启 source /etc/profile即可

七、流水线验证

//注意:sonar-scanner和sonarqube与system中的名字和tool中的 名字保持一致

stage('code checking') {
    steps {
        script {
                        //引入了sonarqube-scanner工具
                        scannerHome = tool 'sonar-scanner'
                        }
                        //引入了sonarqube服务器系统环境
                        withSonarQubeEnv('sonarqube') {
                        sh "${scannerHome}/bin/sonar-scanner"
                        }
    }
}

加文件-----》sonar-project.properties

# must be unique in a given SonarQube instance
sonar.projectKey=web_demo_pipeline
# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.
sonar.projectName=web_demo_pipeline
sonar.projectVersion=1.0

# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# This property is optional if sonar.modules is set.

sonar.sources=.
sonar.exclusions=**/test/**,**/target/**

sonar.java.source=1.8
sonar.java.target=1.8

# Encoding of the source code. Default is default system encoding
sonar.sourceEncoding=UTF-8