SonarQube学习笔记
https://www.sonarqube.org/ (opens new window)
# 环境准备
First, check the requirements (opens new window). Then download and unzip the distribution (opens new window) (do not unzip into a directory starting with a digit).
SonarQube cannot be run as root on Unix-based systems, so create a dedicated user account for SonarQube if necessary.
# 安装SonarQube
0、安装JDK11
1、创建目录 /usr/local/sonar ,上传文件 sonarqube-9.6.1.59531.zip 到/usr/local/sonar
unzip sonarqube-9.6.1.59531.zip
mv sonarqube-9.6.1.59531 sonarqube
2
2、授权
# 创建用户组
groupadd sonar
# 创建用户sonar,并将用户sonar加入用户组sonar
useradd sonar -g sonar
# 授权
chown -R sonar:sonar sonarqube
2
3
4
5
6
3、启动SonarQube
su - sonar
/usr/local/sonar/sonarqube/bin/linux-x86-64/sonar.sh start
tail -f /usr/local/sonar/sonarqube/logs/sonar.log
2
3
4、浏览器访问
http://192.168.1.24:9000/
账号:admin
密码:admin
首次登录需要修改密码,新密码为:123456
5、停止SonarQube
/usr/local/sonar/sonarqube/bin/linux-x86-64/sonar.sh stop
6、创建在PostgreSQL中创建sonar用户,创建sonarqube数据库
7、修改数据库连接
vim /usr/local/sonar/sonarqube/conf/sonar.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=sonar
sonar.jdbc.url=jdbc:postgresql://192.168.1.25/sonarqube?currentSchema=public
2
3
8、启动SonarQube
su - sonar
/usr/local/sonar/sonarqube/bin/linux-x86-64/sonar.sh start
tail -f /usr/local/sonar/sonarqube/logs/sonar.log
2
3
Q & A
1、无法启动SonarQube,ES启动失败,报错如下:
[sonar@sonarqube ~]$ tail -f /usr/local/sonar/sonarqube/logs/sonar.log
2022.09.17 15:14:57 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
2022.09.17 15:15:02 WARN app[][o.s.a.p.AbstractManagedProcess] Process exited with exit value [ElasticSearch]: 78
2022.09.17 15:15:02 INFO app[][o.s.a.SchedulerImpl] Process[ElasticSearch] is stopped
2022.09.17 15:15:02 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped
[sonar@sonarqube ~]$ cat /usr/local/sonar/sonarqube/logs/es.log
bootstrap check failure [1] of [2]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
bootstrap check failure [2] of [2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
2
3
4
5
6
7
8
9
解决方案:
# 切换用户
su - root
[root@sonarqube ~]# vim /etc/security/limits.conf
# 追加以下内容
* soft nofile 65536
* hard nofile 65536
[root@sonarqube ~]# vim /etc/sysctl.conf
# 添加以下内容
vm.max_map_count=262144
[root@sonarqube ~]# reboot
[root@sonarqube ~]# ulimit -S -n
65536
[root@sonarqube ~]# ulimit -H -n
65536
[root@sonarqube ~]# sysctl -p
vm.max_map_count = 262144
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 安装PostgreSQL
# SonarScanner for Maven
https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-maven/ (opens new window)
https://docs.sonarqube.org/latest/analysis/analysis-parameters/ (opens new window)
https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/ (opens new window)
https://docs.sonarqube.org/latest/analysis/languages/java/ (opens new window)
https://docs.sonarqube.org/latest/branches/overview/ (opens new window)
Maven的setting.xml
<settings>
<pluginGroups>
<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
</pluginGroups>
<profiles>
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<!-- Optional URL to server. Default value is http://localhost:9000 -->
<sonar.host.url>
http://myserver:9000
</sonar.host.url>
</properties>
</profile>
</profiles>
</settings>
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
项目的pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>sonar-test</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<!-- https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/ -->
<sonar.language>java</sonar.language>
<sonar.sources>src/main/java</sonar.sources>
<sonar.tests>src/test/java</sonar.tests>
<sonar.exclusions>
**/util/*.java
</sonar.exclusions>
<sonar.coverage.exclusions>
**/util/*.java
</sonar.coverage.exclusions>
<sonar.test.exclusions>
**/*Test.java
</sonar.test.exclusions>
</properties>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.2</version>
<configuration>
<reuseForks>false</reuseForks>
<forkCount>1</forkCount>
</configuration>
</plugin>
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>
</plugin>
</plugins>
</pluginManagement>
</build>
<profiles>
<profile>
<id>coverage</id>
<build>
<plugins>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.7</version>
<executions>
<execution>
<id>prepare-agent</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>report</id>
<goals>
<goal>report</goal>
</goals>
<configuration>
<formats>
<format>XML</format>
</formats>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
在IDEA终端(这里终端用的是D:\Git\bin\bash.exe)执行:
# 查看mvn的jdk版本
mvn -v
# 切换jdk版本,mvn sonar:sonar需要jdk11
export JAVA_HOME=D:/Java/jdk-11.0.13
# 查看mvn的jdk版本
mvn -v
mvn clean verify sonar:sonar -Dsonar.login=squ_3a4736f2ccfffd3015089651f356e6880c0f312c
# 覆盖率
mvn clean verify sonar:sonar -Dsonar.login=squ_3a4736f2ccfffd3015089651f356e6880c0f312c -Pcoverage
# 分支+覆盖率
# Validation of project failed: To use the property "sonar.branch.name" and analyze branches, Developer Edition or above is required. See https://redirect.sonarsource.com/doc/branches.html for more information.
# https://github.com/mc1arke/sonarqube-community-branch-plugin
mvn clean verify sonar:sonar -Dsonar.login=squ_3a4736f2ccfffd3015089651f356e6880c0f312c -Pcoverage -Dsonar.branch.name=release-091701
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# Q & A
1、Junit执行单元测试用例成功,mvn test却失败的问题和解决方法。
Run Unit Test和Maven test的区别
差异1:在IDE中通过选中单元测试路径,点击右键选择run test和点击maven中的test是有区别的。在Maven执行测试的过程中,是不允许测试cases访问其他项目的测试类和其他项目的resources下文件的。也就是说,在a/src/test/java下的测试用例,是不能引用b/src/test/java中的类的,同时也不允许访问b/src/test/resources下的资源的。但是在IDE中的Run Unit Test几乎是没有这样的限制的。
差异2:Maven强制要求src/test/java下不能存在resource的文件,必须放到src/test/reources文件夹下,但是IDE却很少有对应的约束。
这些约束就是导致IDE下Run Unit Test是成功的,但是在Maven中失败的原因。
解决的办法 在maven插件配置:(surefire2.14以下版本)
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.12</version>
<configuration>
<forkMode>always</forkMode>
</configuration>
</plugin>
2
3
4
5
6
7
8
在maven插件配置:(surefire2.14及其以上版本)
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.19.1</version>
<configuration>
<reuseForks>false</reuseForks>
<forkCount>1</forkCount>
</configuration>
</plugin>
2
3
4
5
6
7
8
9
链接:https://www.jianshu.com/p/db100584a9a7
2、SonarQube显示不同分支的扫描结果
- Copy the plugin JAR file to the
extensions/plugins/directory of your SonarQube instance - Add
-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=webto thesonar.web.javaAdditionalOptsproperty in your Sonarqube installation'sconf/sonar.propertiesfile, e.g.sonar.web.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=web - Add
-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-${version}.jar=ceto thesonar.ce.javaAdditionalOptsproperty in your Sonarqube installation'sconf/sonar.propertiesfile, e.g.sonar.ce.javaAdditionalOpts=-javaagent:./extensions/plugins/sonarqube-community-branch-plugin-1.8.0.jar=ce - Start Sonarqube, and accept the warning about using third-party plugins
链接:
https://github.com/mc1arke/sonarqube-community-branch-plugin (opens new window)
https://blog.csdn.net/CN_TangZheng/article/details/112990592 (opens new window)