sonarqube是一款比较流行的静态代码审查工具,支持Java, C#, C/C++, PL/SQL, Cobol, JavaScrip, Groovy 等等二十几种编程语言的代码质量管理
具体的功能介绍这里就不细说了,可以参考sonarqube的官方网站:https://www.sonarqube.org/
接下来单独讲解在 centos7下 sonarqube的安装与简单配置
前置条件
1.mysql数据库
2.jdk
下载sonarqube
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip
unzip sonarqube-7.7.zip
配置数据库
mysql> CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci; //设置编码格式
mysql> GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar'; //创建账号以及密码
mysql> GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar'; //赋予账号权限
mysql> FLUSH PRIVILEGES; //刷新权限
配置sonar
[root@localhost fxm]# cd /opt/sonar/sonarqube-7.7/conf //进入配置文件
[root@localhost conf]# ls
sonar.properties wrapper.conf
[root@localhost conf]# vim sonar.properties //配置文件
修改下面的参数
sonar.jdbc.username=sonar //创建的账号
sonar.jdbc.password=sonar // 创建的密码
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance
启动sonarqube
[root@localhost fxm]# cd /opt/sonar/sonarqube-7.7/bin/linux-x86-64
[root@localhost linux-x86-64]# ./sonar.sh start
结果报错。
Running SonarQube...
wrapper | --> Wrapper Started as Console
wrapper | Launching a JVM...
jvm 1 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
jvm 1 |
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /root/sonarqube/sonarqube-7.2/temp
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='es', ipcIndex=1, logFilenamePrefix=es]] from [/root/sonarqube/sonarqube-7.2/elasticsearch]: /root/sonarqube/sonarqube-7.2/elasticsearch/bin/elasticsearch -Epath.conf=/root/sonarqube/sonarqube-7.2/temp/conf/es
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.e.p.PluginsService] no modules loaded
jvm 1 | 2018.06.23 23:41:55 INFO app[][o.e.p.PluginsService] loaded plugin [org.elasticsearch.transport.Netty4Plugin]
jvm 1 | 2018.06.23 23:41:56 WARN app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 1
jvm 1 | 2018.06.23 23:41:56 INFO app[][o.s.a.SchedulerImpl] Process [es] is stopped
查资料发现原因,root用户无法启动es, 现在创建sonarUser用户并赋权
[root@localhost fxm]#adduser sonarUser
[root@localhost fxm]#passwd sonarUser
Changing password for user sonarUser.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost fxm]# chown -R sonarUser:sonarUser sonarqube-7.7
再次启动sonarqube
[root@localhost conf]# cd /opt/sonar/sonarqube-7.7/bin/linux-x86-64
[root@localhost linux-x86-64]# su sonarUser
[sonarUser@localhost linux-x86-64]$ ./sonar.sh console
启动成功,访问 ip+9000端口 默认账号密码是 admin
9000端口是默认端口。如果有需要,可以在conf 目录中的sonar.properties里进行修改
后续会继续更新 将sonar集成在Jenkins上,实现Jenkins上自动拉取git代码,并用sonar做一个简单的代码静态扫描