I. Installation
Installation Method:
Sonar can be installed independently or in combination with Maven and Hudson. It can be used with built-in memory databases or custom databases such as MySQL and Oracle.
This article introduces how to use the built-in database combined with Maven and Hudson to automatically monitor code quality changes in sonar.
Installation steps:
1. Download The sonar-3.0.zip package. Take V3.0 as an example.
Address http://dist.sonar.codehaus.org/sonar-3.0.zip
2. Prepare a Web Container. Take the installation of Tomcat 6 as an example to modify the startup parameters of Tomcat.
At least-xmx 1024 M-XX: maxpermsize = 256 m
Add
Java_opts = "$ JAVA_OPTS-server-XX: permsize = 128 M-XX: maxpermsize = 512 M-Xmx1024m-Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER = true"
3. Decompress sonar-3.0.zip to the sonar-3.0 directory and go to the sonar-3.0 directory to execute the build-war.sh command. The sonar. War file is generated in the current directory, to be deployed.
If you want to modify the configuration, go to the sonar-3.0 directory and modify the sonar. properties file with options including port and database information. If you want to modify it, you need to run the build-war.sh command before
4. Deploy sonar. War to the webapps directory of Tomcat
5. start Tomcat and access the relevant port to see the page
Use nginx for proxy:
For security considerations, nginx should be used as a proxy and basic authentication should be added
Ii. Configuration
Security Configuration:
1. For security considerations, we recommend using iptables to disable direct access to port 9080.
# Iptables-A input-s 127.0.0.1-p tcp -- dport 9080-J accept
# Iptables-A input-p tcp -- dport 9080-J Drop
2. log on to sonar, Click Log in the upper right corner, and log on with the default Administrator Account admin/admin.
3. Choose configuration> Security> users to modify the Administrator account and password, and add the required users.
Maven Configuration:
1. Go to the working directory and run the mvnsonar: sonar command to perform quality analysis on the current version to form a quality version.
2. Place the mvnsonar: sonar command to Hudson for automatic execution. You can select to execute the command twice a week. The project code will be of two quality versions every week.
Iii. Sonar usage
Directly use the configured user access address to view the relevant information.
You can create a group or user for a project.
Project permissions can be assigned to users.
Various metrics can be viewed in various views
Code review is available
We can see changes in code quality.
Integrated with various plug-ins such as PMD, checkstyle, findbugs, and metric