代码质量分析工具sonarqube

0. 准备工作

基础环境
宿主机环境:Ubuntu 18.04.4 LTS
安装版本:sonarqube-7.9.2.zip
安装目录:/home/sonarqube
java版本:openjdk version “11.0.9” 2020-10-20
数据库:psql (PostgreSQL) 10.14 (Ubuntu 10.14-0ubuntu0.18.04.1)

内核参数修改

1
2
3
4
5
6
7
vim /etc/sysctl.conf
#sonar参数优化
vm.max_map_count=262144
fs.file-max=65536

#生效
sysctl -p

创建启动用户:

1
2
3
4
5
6
7
8
# sonarqube不能使用root用户启动
useradd -r -m -s /bin/bash sonarqube


# 修改资源限制:
vim /etc/security/limits.conf
sonarqube - nofile 65536
sonarqube - nproc 65536

1. 安装PostgreSQL

查看支持的版本:

1
root@sonar:/usr/local/src# apt-cache madison postgresql

安装pgsql默认系统支持版本:

1
root@sonar:/usr/local/src# apt install postgresql

配置pgsql:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#进入postgres创建数据库和用户
root@sonar:/usr/local/src# su - postgres
postgres@sonar:~$ psql -U postgres

#创建数据库
postgres=# CREATE DATABASE sonar;

#创建用户
postgres=# CREATE USER sonar WITH ENCRYPTED PASSWORD '123456';

#授权
postgres=# GRANT ALL PRIVILEGES ON DATABASE sonar TO sonar;

#授权生效
postgres=# ALTER DATABASE sonar OWNER TO sonar;

#修改配置文件
修改数据库监听地址:vim /etc/postgresql/10/main/postgresql.conf
listen_addresses = '*' # what IP address(es) to listen on;
默认监听端口为5432

#开启远程访问:vim /etc/postgresql/10/main/pg_hba.conf
# IPv4 local connections:
host all all 0.0.0.0/0 md5

#重启pgsql:
root@sonar:/usr/local/src# systemctl restart postgresql
root@sonar:/usr/local/src# systemctl enable postgresql
Synchronizing state of postgresql.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable postgresql

#查看端口是否开启
root@sonar:/usr/local/src# ss -ntlp|grep 5432
LISTEN 0 224 0.0.0.0:5432 0.0.0.0:* users:(("postgres",pid=10080,fd=7))
LISTEN 0 224 [::]:5432 [::]:* users:(("postgres",pid=10080,fd=8))

2. 安装sonarqube

2.1 安装jdk11

1
root@sonar:/usr/local/src# apt install openjdk-11-jdk

2.2 安装sonarqube

博文使用的安装包下载地址:sonarqube-7.9.2.zip

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
root@sonar:/usr/local/src# unzip sonarqube-7.9.2.zip
root@sonar:/usr/local/src# ln -sv /usr/local/src/sonarqube-7.9.2 /usr/local/sonarqube
# 需要普通用户去启动,root不支持,会报错。
root@sonar:/usr/local/src# chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R
root@sonar:/usr/local/src# su - sonarqube

# 修改配置文件
sonarqube@sonar:/usr/local/sonarqube/conf$ vim sonar.properties

# 修改数据库密码
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
# 修改数据库连接地址
sonar.jdbc.url=jdbc:postgresql://192.168.0.216/sonar

#启动
sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh --help
Usage: ./sonar.sh { console | start | stop | force-stop | restart | status | dump }
sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh start

#访问
http://192.168.0.216:9000/about
默认用户名和密码:admin/admin

2.3 开机自启动

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#配置服务
vim /etc/systemd/system/sonarqube.service
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=simple
User=sonarqube
Group=sonarqube
PermissionsStartOnly=true
ExecStart=/usr/bin/nohup /usr/bin/java -Xms2048m -Xmx2048m -Djava.net.preferIPv4Stack=true -jar /usr/local/sonarqube/lib/sonar-application-7.9.2.jar
StandardOutput=syslog
LimitNOFILE=65536
LimitNPROC=65536
TimeoutStartSec=5
Restart=always

[Install]
WantedBy=multi-user.target

#设置开机启动
systemctl daemon-reload
systemctl restart sonarqube
systemctl enable sonarqube

3. 汉化

去插件市场:http://192.168.0.216:9000/admin/marketplace => “Plugins” 搜索”chinese” 安装”Chinese Pack” 重启服务。
插件安装位置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
root@sonar:/usr/local/sonarqube/extensions/plugins# ll
total 88048
drwxr-xr-x 2 sonarqube sonarqube 4096 Nov 1 11:03 ./
drwxr-xr-x 5 sonarqube sonarqube 4096 Nov 1 10:52 ../
-rw-r--r-- 1 sonarqube sonarqube 224 Dec 9 2019 README.txt
-rw-r--r-- 1 sonarqube sonarqube 287504 Dec 9 2019 sonar-auth-github-plugin-1.5.0.870.jar
-rw-r--r-- 1 sonarqube sonarqube 3388540 Dec 9 2019 sonar-auth-saml-plugin-1.1.0.181.jar
-rw-r--r-- 1 sonarqube sonarqube 4094975 Dec 9 2019 sonar-csharp-plugin-7.15.0.8572.jar
-rw-r--r-- 1 sonarqube sonarqube 7015434 Dec 9 2019 sonar-css-plugin-1.1.1.1010.jar
-rw-r--r-- 1 sonarqube sonarqube 1544789 Dec 9 2019 sonar-flex-plugin-2.5.1.1831.jar
-rw-r--r-- 1 sonarqube sonarqube 3903342 Dec 9 2019 sonar-go-plugin-1.1.1.2000.jar
-rw-r--r-- 1 sonarqube sonarqube 1727846 Dec 9 2019 sonar-html-plugin-3.1.0.1615.jar
-rw-r--r-- 1 sonarqube sonarqube 15098 Dec 9 2019 sonar-jacoco-plugin-1.0.2.475.jar
-rw-r--r-- 1 sonarqube sonarqube 8302745 Dec 9 2019 sonar-java-plugin-5.13.1.18282.jar
-rw-r--r-- 1 sonarqube sonarqube 6866969 Dec 9 2019 sonar-javascript-plugin-5.2.1.7778.jar
-rw-r--r-- 1 sonarqube sonarqube 7595999 Dec 9 2019 sonar-kotlin-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 49222 Nov 1 11:02 sonar-l10n-zh-plugin-1.29.jar
-rw-r--r-- 1 sonarqube sonarqube 300503 Dec 9 2019 sonar-ldap-plugin-2.2.0.608.jar
-rw-r--r-- 1 sonarqube sonarqube 5105268 Dec 9 2019 sonar-php-plugin-3.2.0.4868.jar
-rw-r--r-- 1 sonarqube sonarqube 2752167 Dec 9 2019 sonar-python-plugin-1.14.1.3143.jar
-rw-r--r-- 1 sonarqube sonarqube 10036210 Dec 9 2019 sonar-ruby-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 9202024 Dec 9 2019 sonar-scala-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 2622236 Dec 9 2019 sonar-scm-git-plugin-1.8.0.1574.jar
-rw-r--r-- 1 sonarqube sonarqube 7229293 Dec 9 2019 sonar-scm-svn-plugin-1.9.0.1295.jar
-rw-r--r-- 1 sonarqube sonarqube 2239156 Dec 9 2019 sonar-typescript-plugin-1.9.0.3766.jar
-rw-r--r-- 1 sonarqube sonarqube 3580236 Dec 9 2019 sonar-vbnet-plugin-7.15.0.8572.jar
-rw-r--r-- 1 sonarqube sonarqube 2242738 Dec 9 2019 sonar-xml-plugin-2.0.1.2020.jar

安装插件也可以将相关的jar包放在该目录。

安装汉化插件

4. jenkins服务器部署扫描器sonar-scanner

jenkins服务器上,博文使用的安装包下载地址:sonar-scanner-cli-4.3.0.2102-linux.zip
准备scanner包:

1
2
3
4
5
root@jenkins:~# ll /usr/local/src/sonar-scanner-cli-4.3.0.2102-linux.zip 
-rw-r--r-- 1 root root 42393648 Aug 12 12:13 /root/sonar-scanner-cli-4.3.0.2102-linux.zip
root@jenkins:~# unzip sonar-scanner-cli-4.3.0.2102-linux.zip
root@jenkins:/usr/local/src# ln -sv /usr/local/src/sonar-scanner-4.3.0.2102-linux/ /usr/local/sonar-scanner-4.3.0
'/usr/local/sonar-scanner-4.3.0' -> '/usr/local/src/sonar-scanner-4.3.0.2102-linux/'

修改配置文件:

1
2
3
4
5
6
7
8
9
root@jenkins:/usr/local/sonar-scanner-4.3.0/conf# cat sonar-scanner.properties
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here

#----- Default SonarQube server
sonar.host.url=http://192.168.0.216:9000

#----- Default source code encoding
sonar.sourceEncoding=UTF-8

扫描:
博文使用的源码包下载地址:sonar-examples-master.zip

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#准备待扫码的代码,官网提供测试使用
sonar-examples-master

解压
在项目下定义扫描配置:
root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# cat sonar-project.properties
# Required metadata
sonar.projectKey=org.sonarqube:python-simple-sonar-scanner
sonar.projectName=Python :: Simple Project : SonarQube Scanner
sonar.projectVersion=1.0

# Comma-separated paths to directories with sources (required)
# 相对路径
sonar.sources=src

# Language
# 定义语言类型
sonar.language=py

# Encoding of the source files
# 编码
sonar.sourceEncoding=UTF-8

## 在想扫描的文件下直接运行sonar-scanner
root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# /usr/local/sonar-scanner-4.3.0/bin/sonar-scanner

出现INFO: EXECUTION SUCCESS字样表示完成

查看扫描结果:
可以通过前面搭建的sonarqube的web页面进行查看。
image-20201101123554179

jenkins插件扫描(难以自定义相关路径,不推荐。)
安装插件
image-20201101132057802

安装完成会出现相关配置项

  1. 告诉jenkin,sonarqube服务器的位置
    image-20201101132949850
  2. 让jenkins添加sonar-scanner扫描器
    jebkins-系统管理-全局工具配置
    image-20201101133537866
  3. 在job里配置项目属性
    jod-配置-构建
    image-20201101134139806
    image-20201101134352534

排错

1. 未关闭服务,直接关机导致服务无法启动。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
启动日志片段:tail -f /usr/local/sonarqube/logs/*.log

--> Wrapper Started as Daemon
Launching a JVM...
Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.

2020.11.01 11:55:45 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /usr/local/src/sonarqube-7.9.2/temp #需要创建一个temp文件,但是这个文件是root权限的,普通用户无法删除
2020.11.01 11:55:45 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
2020.11.01 11:55:45 ERROR app[][o.s.a.p.ManagedProcessHandler] Fail to launch process [es]
java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file # 直接错误原因。
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53)
at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152)
at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84)
at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192)
at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72)
at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190)
at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142)
at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134)
at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108)
at org.sonar.application.App.start(App.java:69)
at org.sonar.application.App.main(App.java:96)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:219)
at java.base/java.nio.file.Files.write(Files.java:3424)
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51)
... 16 common frames omitted
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Process[es] is stopped
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Hard stopping SonarQube
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped

WrapperSimpleApp: Encountered an error running main: java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file
java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53)
at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152)
at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84)
at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192)
at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72)
at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190)
at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142)
at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134)
at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108)
at org.sonar.application.App.start(App.java:69)
at org.sonar.application.App.main(App.java:96)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:219)
at java.base/java.nio.file.Files.write(Files.java:3424)
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51)
... 16 more
<-- Wrapper Stopped

处理办法:

  1. 直接删除/usr/local/src/sonarqube-7.9.2/temp 文件
  2. 给该文件设置权限:chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R
---------------- 谢谢光临 ----------------

本文标题:代码质量分析工具sonarqube

文章作者:pxrux

发布时间:2020年10月31日 - 00:10

最后更新:2020年10月31日 - 00:10

原始链接:http://www.mykernel.cn/sonarqube.html

许可协议: 署名-非商业性使用-禁止演绎 4.0 国际 转载请保留原文链接及作者。

0%