Shulou(Shulou.com)06/03 Report--

Today, I will talk to you about how to install and use SonarQube code quality management platform. Many people may not know much about it. In order to let everyone know more, Xiaobian summarizes the following contents for everyone. I hope you can gain something according to this article.

About Sonar

Sonar is an open source platform for code quality management, which manages the quality of source code and can detect code quality from seven dimensions.

Through plug-in form, it can support code quality management and inspection of more than twenty programming languages including java, C#,C/C++,PL/SQL,Cobol,JavaScrip,Groovy, etc.

What does sonarQube bring?

Developers' Seven Deadly Sins

1. Bad complexity distribution

Files, classes, methods, etc., are difficult to change if they are too complex, which makes it difficult for developers to understand them,

And without automated unit testing, changes to any component in the program would likely result in the need for comprehensive regression testing

2. repeated

Obviously, the program contains a lot of copy-and-paste code that is of low quality.

Sonar can show where duplication is severe in source code

3. Lack of unit testing

Sonar makes it easy to count and display unit test coverage

4. No code standards

Sonar can be written by PMD,CheckStyle,Findbugs, etc. Code Rules Detection Tools Specification Code

5. Not enough or too many comments

No comments will make the code less readable, especially when there are inevitable changes in personnel, the readability of the program will be greatly reduced

Too many comments will make developers spend too much energy on reading comments, which is also contrary to the original intention.

6. Potential bugs

sonar can detect potential bugs through code rule Detection Tools such as PMD,CheckStyle,Findbugs, etc.

7. Bad Spaghetti Design

Sonar can be used to find loops, showing package-to-package and class-to-class dependencies

Custom schema rules can be detected

Sonar allows you to manage third-party jar packages

LCOM4 can be used to detect the application of individual task rules

detection coupling

About Spaghetti Design: docs.codehaus.org/display/SONAR/Spaghetti+Design

Sonar can effectively detect the above seven problems in the process of program development

SonarQube Installation

preset condition

1. Java environment installed

2. MySQL database installed

Software download address: www.sonarqube.org/downloads/

Download SonarQube and SonarQube Runner

Chinese patch download: docs.codehaus.org/display/SONAR/Chinese+Pack

1. database configuration

database entry command

#mysql -u root -p

mysql> CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;

mysql> CREATE USER 'sonar' IDENTIFIED BY 'sonar';

mysql> GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';

mysql> GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';

mysql> FLUSH PRIVILEGES;

2. Install Sonar and Sonar-Runner

Extract the downloaded sonar-3.7.zip package to a Linux path such as/usr/local

Extract the downloaded sonar-runner-dist-2.3.zip package from a path/usr/local

Add SONAR_HOME, SONAR_RUNNER_HOME environment variables, and add SONAR_RUNNER_HOME to PATH

Modify sonar profile

Edit the/conf/sonar.properties file to configure database settings. By default, support for various databases has been provided.

mysql is used here, so uncomment the mysql module

#vi sonar.properties

[java] view

plaincopy

sonar.jdbc.username: sonar

sonar.jdbc.password: sonar

sonar.jdbc.url: jdbc:mysql://localhost:3306/sonar? useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true

# Optional properties

sonar.jdbc.driverClassName: com.mysql.jdbc.Driver

Modify sonar-runner's profile

Switch to the installation directory of sonar-runner and modify sonar-runner.properties.

Cancel corresponding comments according to actual use of database

[java] view

plaincopy

#Configure here general information about the environment, such as SonarQube DB details for example

#No information about specific project should appear here

#----- Default SonarQube server

sonar.host.url=http://localhost:9000

#----- PostgreSQL

#sonar.jdbc.url=jdbc:postgresql://localhost/sonar

#----- MySQL

sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar? useUnicode=true&characterEncoding=utf8

#----- Oracle

#sonar.jdbc.url=jdbc:oracle:thin:@localhost/XE

#----- Microsoft SQLServer

#sonar.jdbc.url=jdbc:jtds:sqlserver://localhost/sonar;SelectMethod=Cursor

#----- Global database settings

sonar.jdbc.username=sonar

sonar.jdbc.password=sonar

#----- Default source code encoding

sonar.sourceEncoding=UTF-8

#----- Security (when 'sonar.forceAuthentication' is set to 'true')

sonar.login=admin

sonar.password=admin

3. Add Database Driver

Database drivers other than Oracle Database are already provided by default, and these added drivers are the only ones supported by sonar, so no modification is required

For Oracle databases, you need to copy the JDBC driver to the/extensions/jdbc-driver/oracle directory

4. start the service

Change directory to sonar's/bin/linux-x86-64/directory to start service

#./ sonar.sh start Start Services

#./ sonar.sh stop Stop Services

#./ sonar.sh restart Restart Services

Sonar is installed.

Visit http:\\localhost:9000

5.sonar Chinese patch installation

Chinese Package Installation

To install the Chinese patch package, visit http:\\localhost:9000, open sonar, and enter the update center to install

Or download the Chinese patch package, place it in SONARQUBE_HOME/extensions/plugins directory, and restart SonarQube service

sonar as a Linux service and bootstrapping

Create a new file/etc/init.d/sonic and enter the following:

[java] view

plaincopy

#!/ bin/sh

#

# rc file for SonarQube

#

# chkconfig: 345 96 10

# description: SonarQube system (www.sonarsource.org)

#

### BEGIN INIT INFO

# Provides: sonar

# Required-Start: $network

# Required-Stop: $network

# Default-Start: 3 4 5

# Default-Stop: 0 1 2 6

# Short-Description: SonarQube system (www.sonarsource.org)

# Description: SonarQube system (www.sonarsource.org)

### END INIT INFO

/usr/bin/sonar $*

SonarQube boot-up (Ubuntu, 32 bit):

sudo ln -s $SONAR_HOME/bin/linux-x86-32/sonar.sh /usr/bin/sonar

sudo chmod 755 /etc/init.d/sonar

sudo update-rc.d sonar defaults

SonarQube bootstrapping (Red Hat, CentOS, 64 bit):

sudo ln -s $SONAR_HOME/bin/linux-x86-64/sonar.sh /usr/bin/sonar

sudo chmod 755 /etc/init.d/sonar

sudo chkconfig --add sonar

Source code analysis using SonarQube Runner

preset condition

SonarQube Runner is installed and the environment variables are configured, i.e. the sonar-runner command can be executed in any directory

1. Create the sonar-project.properties configuration file in the root directory of the project source code

Take the android project as an example:

[java] view

plaincopy

sonar.projectKey=android-sonarqube-runner

sonar.projectName=Simple Android project analyzed with the SonarQube Runner

sonar.projectVersion=1.0

sonar.sources=src

sonar.binaries=bin/classes

sonar.language=java

sonar.sourceEncoding=UTF-8

sonar.profile=Android Lint

Note: To use Android Lint

Rule analysis requires visiting http:\\localhost:9000 Update Center to add Android Lint plug-in to analyze Android Lint rules

2. perform analysis

Switch to the project source root directory and execute the command

# sonar-runner

After successful analysis, visit http:\\localhost:9000 to view the analysis results

Meaning of different parameters:

http://docs.codehaus.org/display/SONAR/Analysis+Parameters

Source code analysis examples for different projects Download:

https://github.com/SonarSource/sonar-examples/zipball/master

After reading the above, do you have any further understanding of how to install and use SonarQube code quality management platform? If you still want to know more knowledge or related content, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.