SonarQube code Quality Management Platform Installation and Use

SonarQube code Quality Management Platform Installation and Use

Sonar Introduction

Sonar is an open-source platform for code quality management. It manages the quality of source code and can detect code quality from seven dimensions.

Supports code quality management and detection in more than 20 programming languages, including java, C #, C/C ++, PL/SQL, Cobol, JavaScrip, and Groovy.

What does sonarQube bring?

Developers 'seven Deadly Sins
1. Poor complexity Distribution
Files, classes, methods, etc. If the complexity is too high, it will be difficult for developers to understand them, and if there is no automated unit test, changes to any component in the program may result in a comprehensive regression test.

2. Duplicate
Obviously, the program contains a lot of copy and paste code, which is of low quality.

Sonar can show serious duplicates in the source code.

3. Lack of Unit Tests

Sonar allows you to conveniently calculate and display unit test coverage.

4. No code standards
Sonar can be standardized and written through code rule detection tools such as PMD, CheckStyle, Findbugs, etc.
5. There are not enough or too many comments
Without comments, the Code may become less readable, especially when personnel changes are inevitable, the readability of the program will be greatly reduced.
Too many comments will make the developer spend too much effort on reading the comments, which violates the original intention.
6. Potential bugs

Sonar can detect potential bugs Through code rule detection tools such as PMD, CheckStyle, and Findbugs.

7. Poor Design (original Spaghetti Design, pasta Design)
Sonar can be used to find out a loop and display the dependency between packages, classes, and classes.
Detects custom architecture rules.
Sonar can be used to manage third-party jar packages.
LCOM4 can be used to detect the application of a single task rule
Detection Coupling

About Spaghetti Design: http://docs.codehaus.org/display/SONAR/Spaghetti+Design

Sonar can effectively detect the above seven problems in the Program Development Process

 

Install SonarQube

Preset conditions
1. You have installed the JAVA environment.
2. You have installed a MySQL database.

Software: http://www.sonarqube.org/downloads/
Download SonarQube and SonarQube Runner
English patch package download: http://docs.codehaus.org/display/SONAR/Chinese+Pack

1. Database Configuration
Enter database commands
# Mysql-u root-p

Mysql> create database sonar character set utf8 COLLATE utf8_general_ci;
Mysql> create user 'sonar 'identified BY 'sonar ';
Mysql> grant all on sonar. * TO 'sonar '@' % 'identified by 'sonar ';
Mysql> grant all on sonar. * TO 'sonar '@ 'localhost' identified by 'sonar ';
Mysql> flush privileges;

2. Install sonar and sonar-runner
Decompress the downloaded sonar-3.7.zip package to a Linux path, such as/usr/local.
Decompress the downloaded sonar-runner-dist-2.3.zip package to a specific path/usr/local
Add the SONAR_HOME and SONAR_RUNNER_HOME environment variables and add SONAR_RUNNER_HOME to the PATH

Modify the sonar configuration file
Edit the <install_directory>/conf/sonar. properties file and configure database settings. Various databases are supported by default.
Mysql is used here, so the comment of the mysql module is canceled.
# Vi sonar. properties

Sonar. jdbc. username: sonar
Sonar. jdbc. password: sonar
Sonar. jdbc. url: jdbc: mysql: // localhost: 3306/sonar? UseUnicode = true & characterEncoding = utf8 & rewriteBatchedStatements = true

# Optional properties
Sonar. jdbc. driverClassName: com. mysql. jdbc. Driver

Modify the sonar-runner configuration file
Switch to the sonar-runner installation directory and modify the sonar-runner.properties
Uncomment the corresponding comment based on the actual usage of the database

# Configure here general information about the environment, such as SonarQube DB details for example
# No information about specific project shoshould appear here
# ----- Default SonarQube server
Sonar. host. url = http: // localhost: 9000
# ----- PostgreSQL
# Sonar. jdbc. url = jdbc: postgresql: // localhost/sonar
# ----- MySQL
Sonar. jdbc. url = jdbc: mysql: // localhost: 3306/sonar? UseUnicode = true & characterEncoding = utf8
# ----- Oracle
# Sonar. jdbc. url = jdbc: oracle: thin: @ localhost/XE
# ----- Microsoft SQLServer
# Sonar. jdbc. url = jdbc: jtds: sqlserver: // localhost/sonar; SelectMethod = Cursor
# ----- Global database settings
Sonar. jdbc. username = sonar
Sonar. jdbc. password = sonar
# ----- Default source code encoding
Sonar. sourceEncoding = UTF-8
# ----- Security (when 'sonar. forceAuthentication 'is set to 'true ')
Sonar. login = admin
Sonar. password = admin

 

3. Add a database driver
Except for Oracle databases, other database drivers are provided by default, and these added drivers are only supported by sonar, so you do not need to modify them.
For an Oracle database, copy the JDBC driver to the <install_directory>/extensions/jdbc-driver/oracle directory.

4. Start the service
Directory switch to sonar's <install_directory>/bin/linux-x86-64/directory to start the service
#./Sonar. sh start the service
#./Sonar. sh stop Service
#./Sonar. sh restart the service

Now sonar has been installed.
Access http: \ localhost: 9000.

5. Install the sonar patch package
Chinese package installation
You can access http: \ localhost: 9000 to install the Chinese patch package. After sonar is enabled, go to the update center to install the package.
Or download the Chinese patch package and put it in the SONARQUBE_HOME/extensions/plugins directory. Then restart the SonarQube service.

Sonar is a Linux service and is automatically started upon startup.
Create the/etc/init. d/sonar file and enter the following content:

#! /Bin/sh
#
# Rc file for SonarQube
#
# Chkconfig: 345 96 10
# Description: SonarQube system (www.sonarsource.org)
#
### BEGIN INIT INFO
# Provides: sonar
# Required-Start: $ network
# Required-Stop: $ network
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: SonarQube system (www.sonarsource.org)
# Description: SonarQube system (www.sonarsource.org)
### END INIT INFO
 
/Usr/bin/sonar $ *

SonarQube is automatically started upon startup (Ubuntu, 32-bit ):

Sudo ln-s $ SONAR_HOME/bin/linux-x86-32/sonar. sh/usr/bin/sonar
Sudo chmod 755/etc/init. d/sonar
Sudo update-rc.d sonar defaults

SonarQube is automatically started upon startup (RedHat, CentOS, 64-bit ):

Sudo ln-s $ SONAR_HOME/bin/linux-x86-64/sonar. sh/usr/bin/sonar
Sudo chmod 755/etc/init. d/sonar
Sudo chkconfig -- add sonar

Use SonarQube Runner to analyze the source code

Preset conditions
SonarQube Runner has been installed and environment variables have been configured. That is, the sonar-runner command can be executed in any directory.

1. Create a sonar-project.properties configuration file under the root directory of the project source code
Take the Android project as an example:

Sonar. projectKey = android-sonarqube-runner
Sonar. projectName = Simple Android project analyzed with the SonarQube Runner
Sonar. projectVersion = 1.0
Sonar. sources = src
Sonar. binaries = bin/classes
Sonar. language = java
Sonar. sourceEncoding = UTF-8
Sonar. profile = Android Lint

Note: Android Lint
For Rule Analysis, you must first access http: \ localhost: 9000 to add the Android Lint plug-in to the update center so that it can analyze Android Lint rules.

2. Perform analysis
Switch to the project source code root directory and execute the command
# Sonar-runner
After the analysis is successful, access http: \ localhost: 9000 to view the analysis result.

Meanings of different parameters:
Http://docs.codehaus.org/display/SONAR/Analysis+Parameters
Download the source code analysis examples for different projects:
Https://github.com/SonarSource/sonar-examples/zipball/master

Association with IDE

Finally, of course, you must be associated with the IDE for more convenient real-time viewing.

Take Eclipse as an example, see: http://docs.sonarqube.org/display/SONAR/SonarQube+in+Eclipse

Appendix:

SonarQube official website address: http://www.sonarqube.org/
SonarQube official document address: http://docs.codehaus.org/display/SONAR/Documentation
SonarQube example address: http://nemo.sonarqube.org/

Two other articles:

Configure Sonar and Jenkins for continuous review

SonarQube code quality management tool environment preparation notes

Sonar details: click here
Sonar: click here

This article permanently updates the link address: