一立由、安裝SonarQube Community版本的服務(wù)器

SonarQube官網(wǎng) https://www.sonarqube.org ，按照Sonar-iOS-SonarQube服務(wù)器安裝中一步步開(kāi)始進(jìn)行服務(wù)器的搭建操作瑰钮。

二、Sonar-Swift插件的安裝

1. 在Github上的Sonar-Swift微驶，去下載最新的jar包浪谴。
2. 將下載的jar放到SonarQube服務(wù)器的extensions/plugins文件夾下开睡。
3. 重啟SonarQube服務(wù)器。

三苟耻、客戶端掃描軟件安裝

客戶端掃描代碼只需要安裝這部分軟件即可

1篇恒、安裝sonar-scannner

該軟件用于上傳報(bào)告到SonarQube服務(wù)器。
下載 sonar-scanner凶杖，將下載的文件解壓縮到本地目錄胁艰，并且將目錄下的bin目錄加到系統(tǒng)的環(huán)境變量PATH中，以便在命令行中可以訪問(wèn)該命令智蝠。

2腾么、下載run-sonar-swift.sh腳本

該腳本是用于執(zhí)行掃描的主入口。
下載后將該文件放到固定的目錄下杈湾，并將該目錄加入到系統(tǒng)的環(huán)境變量PATH中解虱。

3、安裝sonar-swift依賴的所有軟件

3.1毛秘、xcpretty饭寺，需要安裝一個(gè)修復(fù)問(wèn)題版本的xcpretty

git clone https://github.com/Backelite/xcpretty.git
cd xcpretty
git checkout fix/duration_of_failed_tests_workaround
gem build xcpretty.gemspec
sudo gem install --both xcpretty-0.2.2.gem

如果報(bào)如下錯(cuò)誤，表示沒(méi)有寫(xiě)入/usr/bin的權(quán)限叫挟，修改安裝路徑即可：

>sudo gem install --both xcpretty-0.2.2.gem
ERROR:  While executing gem ... (Gem::FilePermissionError)
   You don't have write permissions for the /usr/bin directory.

執(zhí)行如下命令：

>sudo gem install -n /usr/local/bin --both xcpretty-0.2.2.gem 

????在OSX系統(tǒng)中艰匙，/usr/bin屬于系統(tǒng)級(jí)別的保護(hù)，任何人不能寫(xiě)入抹恳，包括root也一樣员凝，是絕對(duì)禁止寫(xiě)入的，唯一的辦法就是像你上面的那樣奋献，安裝到/usr/local/bin里面去健霹。
????為什么要這么嚴(yán)格？因?yàn)?usr/bin這個(gè)目錄太敏感了瓶蚂，是任何病毒都想要攻克的地方糖埋，所以蘋(píng)果對(duì)此做了嚴(yán)格的禁止。

3.2窃这、SwiftLint瞳别，Swift的靜態(tài)代碼分析工具

brew install swiftlint

安裝過(guò)程如下：

>brew install swiftlint
==> Downloading https://homebrew.bintray.com/bottles/swiftlint-0.38.0.catalina.bottle.tar.gz
==> Downloading from https://akamai.bintray.com/a2/a2b39e51661fc24d201788391ce4f9c68007c818857f423161b37bc51f7fcb0b?__gd
######################################################################## 100.0%
==> Pouring swiftlint-0.38.0.catalina.bottle.tar.gz
??  /usr/local/Cellar/swiftlint/0.38.0: 6 files, 7.9MB

3.3、Tailor杭攻，針對(duì)Swift的跨平臺(tái)靜態(tài)分析工具

brew install tailor

正常安裝過(guò)程如下：

>brew install tailor
==> Downloading https://github.com/sleekbyte/tailor/releases/download/v0.12.0/tailor-0.12.0.tar
==> Downloading from https://github-production-release-asset-2e65be.s3.amazonaws.com/36204628/4d7049d8-1261-11e7-889c-b4
######################################################################## 100.0%
??  /usr/local/Cellar/tailor/0.12.0: 41 files, 4.0MB, built in 19 seconds

此工具依賴JDK祟敛，如果JDK沒(méi)有安裝，會(huì)報(bào)如下錯(cuò)誤兆解，建議先安裝JDK

>brew install tailor
tailor: Java 1.8+ is required to install this formula.
Install AdoptOpenJDK with Homebrew Cask:
  brew cask install adoptopenjdk
Error: An unsatisfied requirement failed this build.

3.4馆铁、slather，單元測(cè)試覆蓋率檢測(cè)工具

gem install slather

如果提示沒(méi)有權(quán)限锅睛，則執(zhí)行如下命令：
sudo gem install slather

如果還是報(bào)沒(méi)有權(quán)限埠巨，則執(zhí)行如下命令：
sudo gem install -n /usr/local/bin slather

安裝過(guò)程如下：

>sudo gem install -n /usr/local/bin slather
Building native extensions. This could take a while...
Successfully installed nokogiri-1.10.3
Fetching: slather-2.4.7.gem (100%)
Successfully installed slather-2.4.7
Parsing documentation for nokogiri-1.10.3
Installing ri documentation for nokogiri-1.10.3
Parsing documentation for slather-2.4.7
Installing ri documentation for slather-2.4.7
Done installing documentation for nokogiri, slather after 9 seconds
2 gems installed

3.5历谍、 lizard，復(fù)雜度檢測(cè)工具

3.5.1 使用pip安裝lizard
由于會(huì)有權(quán)限問(wèn)題辣垒，所以先將工具安裝到當(dāng)前用戶下

pip install lizard --user

如果提示如下錯(cuò)誤扮饶，說(shuō)明本地還沒(méi)有安裝python，需要先安裝

>pip install lizard --user
zsh: command not found: pip

安裝pip命令之后乍构，再次執(zhí)行l(wèi)izard安裝命令

pip是python的包管理工具，在Python2.7的安裝包中扛点，easy_install.py是默認(rèn)安裝的哥遮，而pip需要我們手動(dòng)安裝

>sudo easy_install pip

>pip install lizard --user

正常安裝過(guò)程如下：

 >pip install lizard --user
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Collecting lizard
  Downloading https://files.pythonhosted.org/packages/24/7a/7ca04c3d84998d7344caafd3534a1b8a80d293bf32afbd2ef3956282d1c2/lizard-1.16.6-py2.py3-none-any.whl (56kB)
     |████████████████████████████████| 61kB 326kB/s 
Installing collected packages: lizard
  WARNING: The script lizard is installed in '/Users/hushijun/Library/Python/2.7/bin' which is not on PATH.
  Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.
Successfully installed lizard-1.16.6

3.5.2 將用戶的python安裝包目錄~/Library/Python/2.7加到系統(tǒng)變量PATH中

3.6、OCLint陵究，Objective-C的靜態(tài)代碼分析工具

brew tap oclint/formulae
brew install oclint

安裝oclint報(bào)如下錯(cuò)誤：

 >brew install oclint
==> Installing oclint from oclint/formulae
Error: Your Xcode (10.1) is too outdated.
Please update to Xcode 10.2.1 (or delete it).
Xcode can be updated from the App Store.

更新brew和oclint
參考homebrew中的oclint文檔

$ brew update
$ brew upgrade oclint

查看brew緩存目錄：
$ brew --cache

正常安裝過(guò)程如下：

>brew tap oclint/formulae
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/cask).
No changes to formulae.

==> Tapping oclint/formulae
Cloning into '/usr/local/Homebrew/Library/Taps/oclint/homebrew-formulae'...
remote: Enumerating objects: 6, done.
remote: Counting objects: 100% (6/6), done.
remote: Compressing objects: 100% (5/5), done.
remote: Total 6 (delta 0), reused 5 (delta 0), pack-reused 0
Unpacking objects: 100% (6/6), done.
Tapped 1 formula (32 files, 29.4KB).

>brew install oclint
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/core).
==> New Formulae
wordgrinder

==> Installing oclint from oclint/formulae
==> Downloading https://github.com/oclint/oclint/releases/download/v0.13/oclint-0.13-x86_64-darwin-16.7.0.tar.gz
==> Downloading from https://github-production-release-asset-2e65be.s3.amazonaws.com/7159640/07e87f60-9c5f-11e7-8590-f3a
######################################################################## 100.0%
??  /usr/local/Cellar/oclint/0.13: 374 files, 86.2MB, built in 50 seconds

四眠饮、客戶端掃描配置

添加sonar-project.properties文件到項(xiàng)目的根目錄下，配置sonar-project.properties

在進(jìn)行單元測(cè)試覆蓋率檢測(cè)的時(shí)候铜邮，需要對(duì)要掃描的target的進(jìn)行Test相關(guān)配置
1仪召、用到Cocoapods的項(xiàng)目，要將項(xiàng)目中依賴的庫(kù)松蒜，都要放到Test的target中去扔茅。
2、對(duì)選中的Scheme進(jìn)行編輯（Edit Scheme）, 最終做到如下效果秸苗。

image.png

3召娜、配置對(duì)應(yīng)Test的Target。

A惊楼、在Host Application部分一定要選擇你要進(jìn)行掃描的target玖瘸。同時(shí)下部的復(fù)選框要選中Allow testing Host Application API。
如果是私有庫(kù)framework檀咙，則不需要選擇雅倒，只有真正的APP項(xiàng)目才需要選擇。
B弧可、在簽名部分要選擇對(duì)的Team和簽名環(huán)境蔑匣。
取消自動(dòng)簽名，手動(dòng)配置簽名侣诺。

私有庫(kù)framework的單元測(cè)試殖演，不需要選擇Host Application部分，如下圖：

image.png

APP項(xiàng)目的單元測(cè)試需要選擇年鸳，如下圖：

image.png

4趴久、build setting 配置
sonar 掃描需要把framework的Target做如下配置：

mach-o type 修改成dynamic library
defines module 修改成 yes

如下圖所示：

掃描

五、客戶端sonar掃描

1搔确、終端進(jìn)入xcode項(xiàng)目根目錄
2彼棍、執(zhí)行命令

run-sonar-swift.sh

如果是本地掃描灭忠，需要啟動(dòng)本地?cái)?shù)據(jù)庫(kù)和sonar服務(wù)器：

//啟動(dòng)mysql數(shù)據(jù)庫(kù)
mysql.server start

//啟動(dòng)sonar服務(wù)器
sonar.sh start

//開(kāi)始掃描
run-sonar-swift.sh

//如果需要單獨(dú)將掃描結(jié)果上傳到指定服務(wù)器
1、修改sonar-project.properties配置中的
sonar.host.url
2座硕、執(zhí)行命令：
sonar-scanner

六弛作、 參考文檔

1. OCLint: http://docs.oclint.org/en/stable/contents.html
2. SonarQube & sonar-scanner: https://docs.sonarqube.org/display/SCAN/
3. slather: https://github.com/SlatherOrg/slather
4. Lizard: https://github.com/terryyin/lizard
5. xcpretty: https://github.com/supermarin/xcpretty
6. SwiftLint: https://github.com/realm/SwiftLint