1. 安装包准备:
注意:不同版本之间是有兼容性问题的,可参考官方推荐版本
sonarqube 版本:8.9.9.56886 说明:snoar服务器
sonar-pdfplugin 版本:3.x 说明:测试报告生成pdf插件
sonarscanner 版本:4.7.0.2747-windows 说明:扫描器
sonarqube-community-branch-plugin-1.8.0.jar 说明:指定扫描分支,不安装,默认扫描master分支
java环境:jdk 11
2. 环境准备
配置系统环境变量
2.1 配置sonar-scanner
变量名:SONAR_SCANNER_HOME
变量值(安装包所在位置):D:\work\soft\sonarqube\sonar-scanner-4.7.0.2747-windows
path新增:%SONAR_SCANNER_HOME%\bin
验证:
$ sonar-scanner -v
INFO: Scanner configuration file: D:\work\soft\sonarqube\sonar-scanner-
4.7.0.2747-windows\bin\..\conf\sonar-scanner.properties
INFO: SonarScanner 4.7.0.2747
INFO: Java 11.0.14.1 Eclipse Adoptium (64-bit)
INFO: Windows 10 10.0 amd64
2.2 配置sonarQube
- 配置jdk11的环境
变量名:JAVA_HOME11
变量值(安装包所在位置):D:\work\soft\jdk-11.0.16.1_windows-x64_bin\jdk-11.0.16.1
path新增:%JAVA_HOME11%\bin
-
修改\conf\wrapper.conf配置文件
# Path to JVM executable. By default it must be available in PATH. # Can be an absolute path, for example: wrapper.java.command=D:/tools/jdk-11.0.16.1_windows-x64_bin/jdk-11.0.16.1/bin/java.exe #wrapper.java.command=java # # DO NOT EDIT THE FOLLOWING SECTIONS # #******************************************************************** # Wrapper Java #******************************************************************** wrapper.java.additional.1=-Dsonar.wrapped=true wrapper.java.additional.2=-Djava.awt.headless=true wrapper.java.mainclass=org.tanukisoftware.wrapper.WrapperSimpleApp wrapper.java.classpath.1=../../lib/sonar-application-8.9.9.56886.jar wrapper.java.classpath.2=../../lib/jsw/wrapper-3.2.3.jar wrapper.java.classpath.3=../../lib/sonar-shutdowner-8.9.9.56886.jar wrapper.java.library.path.1=./lib wrapper.app.parameter.1=org.sonar.application.App wrapper.java.initmemory=8 wrapper.java.maxmemory=32 #******************************************************************** # Wrapper Logs #******************************************************************** wrapper.console.format=PM wrapper.console.loglevel=INFO wrapper.logfile.format=M wrapper.logfile.loglevel=INFO wrapper.logfile.rollmode=DATE wrapper.logfile=../../logs/sonar.YYYYMMDD.log # Maximum size that the log file will be allowed to grow to before # the log is rolled. Size is specified in bytes. The default value # of 0, disables log rolling. May abbreviate with the 'k' (kb) or # 'm' (mb) suffix. For example: 10m = 10 megabytes. #wrapper.logfile.maxsize=0 # Maximum number of rolled log files which will be allowed before old # files are deleted. The default value of 0 implies no limit. wrapper.logfile.maxfiles=7 # Log Level for sys/event log output. (See docs for log levels) wrapper.syslog.loglevel=NONE #******************************************************************** # Wrapper Windows Properties #******************************************************************** # Title to use when running as a console wrapper.console.title=SonarQube # Disallow start of multiple instances of an application at the same time on Windows wrapper.single_invocation=true #******************************************************************** # Wrapper Windows NT/2000/XP Service Properties #******************************************************************** # WARNING - Do not modify any of these properties when an application # using this configuration file has been installed as a service. # Please uninstall the service before modifying this section. The # service can then be reinstalled. # Name of the service wrapper.ntservice.name=SonarQube # Display name of the service wrapper.ntservice.displayname=SonarQube # Description of the service wrapper.ntservice.description=SonarQube # Service dependencies. Add dependencies as needed starting from 1 wrapper.ntservice.dependency.1= # Mode in which the service is installed. AUTO_START or DEMAND_START wrapper.ntservice.starttype=AUTO_START # Allow the service to interact with the desktop. wrapper.ntservice.interactive=false #******************************************************************** # Forking Properties #******************************************************************** wrapper.disable_restarts=TRUE wrapper.ping.timeout=0 wrapper.shutdown.timeout=0 wrapper.jvm_exit.timeout=0 -
将下载的sonarqube-community-branch-plugin-1.8.0.jar插件放到\sonarqube-8.9.9.56886\extensions\plugins\目录下
-
修改\conf\sonar.properties
# WEB SERVER
sonar.web.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=web
sonar.ce.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=ce
-Dsonar.pdf.username=admin
-Dsonar.pdf.password=admin
3. 运行snoarQube
在\sonarqube-8.9.9.56886\bin\windows-x86-64\下,运行StartSonar.bat文件
第一次运行时会要求要修改密码,根据提示修改密码
账号:admin
修改后密码:admin123
4.sonarQube的配置项目
4.1创建项目
4.2访问授权令牌
4.3生成令牌
4.4maven扫描运行方式
5.springcloud项目的配置
5.1添加配置文件sonar-project.properties
在被扫描的项目/模块路径下新增配置文件sonar-project.properties
配置文件内容
# must be unique in a given SonarQube instance
sonar.projectKey=test-service
# --- optional properties ---
# defaults to project key
#sonar.projectName=My project
sonar.projectName=test-service
# defaults to 'not provided'
#sonar.projectVersion=1.0
sonar.projectVersion=1.0
# Path is relative to the sonar-project.properties file. Defaults to .
#sonar.sources=.
# 源代码目录,如果多个使用","分割 例如:mode1/src/main,mode2/src/main
sonar.sources=src/main/java
# 单元测试目录,如果多个使用","分割 例如:mode1/src/test,mode2/src/test
sonar.tests=src/test/java
# java字节码目录
sonar.java.binaries=target/classes
# 单元测试报告目录
#sonar.junit.reportsPath=target/surefire-reports
sonar.coverage.jacoco.xmlReportPaths=target/surefire-reports
# 代码覆盖率插件
sonar.java.coveragePlugin=jacoco
# jacoco.exec文件路径
sonar.jacoco.reportPath=target/coverage-reports/jacoco.exec
# 忽略的目录
#sonar.exclusions=*/src/test/**/*
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8
sonar.login=admin
sonar.password=admin123
5.2pom.xml
在项目的父pom中添加依赖和插件依赖
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-junit-jupiter</artifactId>
<version>${mockito.version}</version>
</dependency>
<!-- Jacoco dependencies. -->
<dependency>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.6</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<!-- 单元测试 -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<plugin>
<!-- Configures the compiler. -->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
<configuration>
<compilerArgs>
<arg>-Xlint</arg>
</compilerArgs>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<testFailureIgnore>true</testFailureIgnore>
</configuration>
<version>2.22.0</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>2.22.0</version>
<executions>
<execution>
<goals>
<goal>integration-test</goal>
<goal>verify</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<!-- Code coverage plugin. -->
<!-- This sets up code coverage for the unit tests, the integration tests, -->
<!-- and the combined coverage of both. -->
<!-- After running a `mvn clean install`, open `target/site/jacoco-both/index.html` in a browser. -->
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.6</version>
<configuration>
<includes> <!--覆盖率计算包含的类-->
<include>**/controller/**/*</include>
<include>**/service/**/*</include>
</includes>
<excludes> <!--排除像entity、配置等无单元测试意义的类。如有,在Sonar服务端也需要配合排除(Ignore Code Coverage: https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/#header-5)-->
<exclude>**/config/**/*</exclude>
<exclude>**/entity/**/*</exclude>
</excludes>
</configuration>
<executions>
<execution>
<id>jacoco-initialize</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-site</id>
<phase>package</phase>
<goals>
<goal>report</goal>
</goals>
</execution>
</executions>
</plugin>
5.3执行扫描
在sonar-project.properties文件所在位置执行命令
mvn clean verify sonar:sonar -Dsonar.branch.name=develop
6. vue项目的配置
6.1 添加配置文件sonar-project.properties
在被扫描的项目/模块路径下新增配置文件sonar-project.properties
配置文件内容
# must be unique in a given SonarQube instance
sonar.projectKey=web-service
# --- optional properties ---
# defaults to project key
#sonar.projectName=My project
sonar.projectName=web-service
# defaults to 'not provided'
#sonar.projectVersion=1.0
# 中文的字段需要用Unicode转码,展示到sonarqube的web中才不会乱码
sonar.projectName=\u6d4b\u8bd5\u9879\u76ee
# 可用的配置项
sonar.projectVersion=1.0
sonar.sourceEncoding=UTF-8
sonar.sources=./src
sonar.exclusions=/node_modules/
sonar.tests=./src
sonar.test.inclusions=**/*.spec.ts
# \u5FFD\u7565\u7684\u76EE\u5F55
#sonar.exclusions=*/src/test/**/*
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8
sonar.login=admin
sonar.password=admin123
6.2 在sonar-project.properties文件所在位置执行命令
sonar-scanner.bat -D"sonar.projectKey=web-service" -D"sonar.sources=." -D"sonar.host.url=http://localhost:9000" -D"sonar.login=admin" -D"sonar.branch.name=dev"
4744
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
