SonarQube和SonarScanner的安装与使用

一、介绍

sonar是搞代码质量测试的一款开源工具。SonarQube是sonar的Web服务端，用来发布应用和在线浏览（分析），sonar-scanner用于扫描源码， 将代码写入数据库之类的地方，便于sonarqube进行分析

二、JDK的安装使用

2.1、配置JDK环境变量

以笔者的JDK安装目录为例，

jdk目录： D:\Program Files\Java\jdk1.8.0_101

jre目录：D:\Program Files\Java\jre1.8.0_101

2.1.1、配置JAVA_HOME

2.1.2、 配置PATH

2.1.3、配置CLASSPATH

2.1.4、验证是否配置成功

三、SonarQube的安装使用

默认端口： 9000

配置文件（以笔者电脑为例）：sonarqube-9.2.1.49989\conf\sonar.properties

默认用户名密码： 都是admin

默认访问网址： http://ip:9000

点击StartSonar.bat, 打开楼上的默认网址，输入默认密码就行了。

四、Sonar-scanner的安装使用

配置文件（以笔者电脑为例）： sonar-scanner-4.6.2.2472-windows\conf\sonar-scanner.properties

4.1、Sonar-Scanner环境变量配置

4.1.1 配置SONAR_RUNNER_HOME

4.1.2、 配置PATH

4.2、 运行项目验证结果

4.2.1、配置扫描文件

sonar.projectKey=agent
sonar.projectName=agent
sonar.projectVersion=4.3.0
sonar.sources=.
sonar.exclusions=**/public/**,**/src/locales/**
sonar.sourceEncoding=UTF-8
sonar.language=javascript
sonar.login=admin
sonar.password=admin

4.2.2、扫它

在项目根目录运行命令sonar-scanner等结果即可

PS D:\ataola\gitlab\20211207\sany-web\agent> sonar-scanner
INFO: Scanner configuration file: D:\ataola\document\2021\12\sonar-scanner-4.6.2.2472-windows\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: D:\ataola\gitlab\20211207\sany-web\agent\sonar-project.properties
INFO: SonarScanner 4.6.2.2472
INFO: Java 11.0.11 AdoptOpenJDK (64-bit)
INFO: Windows 10 10.0 amd64
INFO: User cache: C:\Users\14457\.sonar\cache
INFO: Scanner configuration file: D:\ataola\document\2021\12\sonar-scanner-4.6.2.2472-windows\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: D:\ataola\gitlab\20211207\sany-web\agent\sonar-project.properties
INFO: Analyzing on SonarQube server 9.2.1
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=350ms
INFO: Server id: BF41A1F2-AX2PesCwEVbfPSmwmCVA
INFO: User cache: C:\Users\14457\.sonar\cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=275ms
INFO: Load/download plugins (done) | time=873ms
INFO: Process project properties
INFO: Process project properties (done) | time=22ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=2ms
INFO: Project key: agent
INFO: Base dir: D:\ataola\gitlab\20211207\sany-web\agent
INFO: Working dir: D:\ataola\gitlab\20211207\sany-web\agent\.scannerwork
INFO: Load project settings for component key: 'agent'
INFO: Load project settings for component key: 'agent' (done) | time=284ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=586ms
INFO: Load active rules
INFO: Load active rules (done) | time=8301ms
INFO: Indexing files...
INFO: Project configuration:
INFO:   Excluded sources: **/public/**, **/src/locales/**
INFO: 327 files indexed
INFO: 46 files ignored because of inclusion/exclusion patterns
INFO: 4 files ignored because of scm ignore settings
INFO: Quality profile for css: Sonar way
INFO: Quality profile for js: Sonar way
INFO: Quality profile for json: Sonar way
INFO: ------------- Run sensors on module agent
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=306ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=38ms
INFO: Sensor IaC CloudFormation Sensor [iac]
INFO: Load project repositories
INFO: Load project repositories (done) | time=361ms
INFO: 0 source files to be analyzed
INFO: 0/0 source files have been analyzed
INFO: Sensor IaC CloudFormation Sensor [iac] (done) | time=481ms
INFO: Sensor JavaScript analysis [javascript]
INFO: 269 source files to be analyzed
INFO: 2/269 files analyzed, current file: src/pages/reportManagement/product/model.js
INFO: 70/269 files analyzed, current file: config/validator.js
INFO: 124/269 files analyzed, current file: src/pages/financingAccess/model.js
INFO: 206/269 files analyzed, current file: src/pages/financingAccess/addApply/components/Step4/index.jsx
INFO: 269/269 source files have been analyzed
INFO: Sensor JavaScript analysis [javascript] (done) | time=118667ms
INFO: Sensor TypeScript analysis [javascript]
INFO: No input files found for analysis
INFO: Sensor TypeScript analysis [javascript] (done) | time=12ms
INFO: Sensor CSS Metrics [javascript]
INFO: Sensor CSS Metrics [javascript] (done) | time=1086ms
INFO: Sensor CSS Rules [javascript]
INFO: 45 source files to be analyzed
INFO: 45/45 source files have been analyzed
INFO: Sensor CSS Rules [javascript] (done) | time=4514ms
INFO: Sensor C# Project Type Information [csharp]
INFO: Sensor C# Project Type Information [csharp] (done) | time=1ms
INFO: Sensor C# Analysis Log [csharp]
INFO: Sensor C# Analysis Log [csharp] (done) | time=38ms
INFO: Sensor C# Properties [csharp]
INFO: Sensor C# Properties [csharp] (done) | time=0ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=4ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=7ms
INFO: Sensor VB.NET Project Type Information [vbnet]
INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=2ms
INFO: Sensor VB.NET Analysis Log [vbnet]
INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=40ms
INFO: Sensor VB.NET Properties [vbnet]
INFO: Sensor VB.NET Properties [vbnet] (done) | time=0ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=217ms
INFO: CPD Executor 36 files had no CPD blocks
INFO: CPD Executor Calculating CPD for 233 files
WARN: Too many duplication groups on file src/utils/addressCascader/industry.js. Keep only the first 100 groups.
INFO: CPD Executor CPD calculation finished (done) | time=938ms
INFO: Analysis report generated in 711ms, dir size=5.0 MB
INFO: Analysis report compressed in 17935ms, zip size=1.7 MB
INFO: Analysis report uploaded in 562ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard?id=agent
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AX2enXM0eAsfd-3jKFcf
INFO: Analysis total time: 2:59.463 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 3:02.946s
INFO: Final Memory: 14M/54M
INFO: ------------------------------------------------------------------------
PS D:\ataola\gitlab\20211207\sany-web\agent> 

4.2.3、看它

写在最后

这是一篇水文，我其实不太喜欢这么搞，我认为如果团队Ok的话，从最开始编码规范就定义好，加上code review，加上mocha或者jest做测试，比较有感觉一点。这种东西，有人喜欢搞，也有人不喜欢搞，具体的还是根据需求来，比如甲方需要那就搞呗，搞得时候也要注意安全问题啊, 头像已经高斯模糊， 逃。。。。。。