Use the code Quality Check Tool sonar in combination with Hudson and Maven

I. Installation

Installation Method:

Sonar can be installed independently or in combination with Maven and Hudson. It can be used with built-in memory databases or custom databases such as MySQL and Oracle.

This article introduces how to use the built-in database combined with Maven and Hudson to automatically monitor code quality changes in sonar.

 

Installation steps:

1. Download The sonar-3.0.zip package. Take V3.0 as an example.

Address http://dist.sonar.codehaus.org/sonar-3.0.zip

2. Prepare a Web Container. Take the installation of Tomcat 6 as an example to modify the startup parameters of Tomcat.

At least-xmx 1024 M-XX: maxpermsize = 256 m

Add

Java_opts = "$ JAVA_OPTS-server-XX: permsize = 128 M-XX: maxpermsize = 512 M-Xmx1024m-Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER = true"

3. Decompress sonar-3.0.zip to the sonar-3.0 directory and go to the sonar-3.0 directory to execute the build-war.sh command. The sonar. War file is generated in the current directory, to be deployed.

If you want to modify the configuration, go to the sonar-3.0 directory and modify the sonar. properties file with options including port and database information. If you want to modify it, you need to run the build-war.sh command before

4. Deploy sonar. War to the webapps directory of Tomcat

5. start Tomcat and access the relevant port to see the page

 

Use nginx for proxy:

For security considerations, nginx should be used as a proxy and basic authentication should be added

Ii. Configuration

Security Configuration:

1. For security considerations, we recommend using iptables to disable direct access to port 9080.

# Iptables-A input-s 127.0.0.1-p tcp -- dport 9080-J accept

# Iptables-A input-p tcp -- dport 9080-J Drop

2. log on to sonar, Click Log in the upper right corner, and log on with the default Administrator Account admin/admin.

3. Choose configuration> Security> users to modify the Administrator account and password, and add the required users.

 

Maven Configuration:

1. Go to the working directory and run the mvnsonar: sonar command to perform quality analysis on the current version to form a quality version.

2. Place the mvnsonar: sonar command to Hudson for automatic execution. You can select to execute the command twice a week. The project code will be of two quality versions every week.

 

Iii. Sonar usage

Directly use the configured user access address to view the relevant information.

You can create a group or user for a project.

Project permissions can be assigned to users.

Various metrics can be viewed in various views

Code review is available

We can see changes in code quality.

Integrated with various plug-ins such as PMD, checkstyle, findbugs, and metric