sonar服務(wù)
拉取docker鏡像:
https://hub.docker.com/_/sonarqube
根據(jù)上述鏈接的介紹啟動(dòng)服務(wù),或
docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube
sonar掃描
基于maven的java掃描
在linux下掃描java
在~/.m2下新增文件settings.xml
加入如下內(nèi)容:
<settings>
<pluginGroups>
<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
</pluginGroups>
<profiles>
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<!-- Optional URL to server. Default value is http://localhost:9000 -->
<sonar.host.url>
http://10.17.2.178:9000
</sonar.host.url>
</properties>
</profile>
</profiles>
</settings>
掃描代碼執(zhí)行:
mvn sonar:sonar
普通代碼掃描
需要安裝sonar-runner
(注意:以前叫sonar-scanner问窃,現(xiàn)在改名為sonar-runner)
可以參考:https://www.voyalab.com/2016/10/08/installing-sonarqube-scanner/
我修改為最新的:
wget http://repo1.maven.org/maven2/org/codehaus/sonar/runner/sonar-runner-dist/2.4/sonar-runner-dist-2.4.zip
unzip sonar-runner-dist-2.4.zip
sudo mv sonar-runner-2.4 /opt/sonar/
sudo vim /opt/sonar/conf/sonar-runner.properties
host.url改為并取消注釋sonar.host.url=http://10.17.2.178:9000
sudo ln -s /opt/sonar/bin/sonar-runner /usr/bin/sonar-runner
掃描執(zhí)行:
sonar-runner -Dsonar.projectKey=xxx -Dsonar.sources=.
(源碼文件夾如果有多個(gè)沦泌,用英文逗號(hào)隔開(kāi))
也可以設(shè)置配置骄酗,適合配置很少改變的場(chǎng)景,參考
https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
測(cè)試部的sonar地址:
http://10.17.2.77:9000
用戶(hù)名和密碼都是:admin
