建立并运行Gradle项目并用SonarQube在本地进行分析有多困难?
成分是:
SonarQube(以前的Sonar)是一个开源平台,用于持续检查代码质量。
Gradle是一个开源的构建自动化系统。
Docker允许您将具有所有依赖关系的应用程序打包到用于软件开发的标准化单元中。
“这有多容易?” 当我决定将装有Windows的公司HP EliteBook重新格式化为一台完整的Linux Mint计算机后,我遇到了一个问题。
因此,我已经使用过Docker和IMHO了,在Linux下它的工作更加愉快,所以我认为是时候进行更多研究了 ,也许可以让SonarQube分析一个项目而不会太麻烦 。
那么,这有多容易?
第1步–使用Docker获取SonarQube
我要寻找的第一件事是已经有SonarQube的Docker映像。 这就是未来的恕我直言:在容器中运行所需的任何组件。
至少出于开发和测试目的,这是一个巨大的胜利:无论是底层操作系统还是个人工作环境, 映像都是它的样子,只要您可以运行Docker,您就可以“确切地”知道将要运行的内容。
现在没有时间创建映像, 只需让一个已经在自己公司或DockerHub上共享的人。
Docker Hub是用于发布和使用Docker容器映像的规范平台。
刚刚搜索“声纳”。
目前有243个存储库。 有2个引起了我的注意:
-
sonarqube
–是官方的。 有165个星和24.3万拉 。 - 拥有2星和378拉力的
orangesignal/sonar
-
tpires/sonar-server
,拥有18颗星和tpires/sonar-server
次拉动。
尽管#1和#3似乎具有更高的星/拉组合,但我还是去了orangesignal/sonar
因为它使用了Docker Compose 。
Docker撰写
在orangesignal / sonar的DockerHub页面上,引用了GitHub存储库。 克隆它:
git clone https://github.com/orangesignal/docker-sonarqube.git
目录布局为:
tvinke@picard ~ $ cd docker-sonarqube/
tvinke@picard ~/docker-sonarqube $ tree
.
├── 3.6
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 3.7
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.0
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.1
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.2
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.3
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.4
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 4.5
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 5.0
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── 5.1
│ ├── docker-entrypoint.sh
│ └── Dockerfile
├── docker-build.bash
├── docker-compose.yml
├── example
│ ├── docker-compose.yml
│ ├── docker-entrypoint.sh
│ ├── Dockerfile
│ └── nginx-conf.d
│ └── default.conf
├── LICENSE
├── README.md
├── remove_all_stopped_containers.bash
└── remove_all_untagged_images.bash
12 directories, 30 files
SonarQube的各种版本(实际上是Dockerfiles
)和一个有趣docker-compose.yml
,其中包含“组成”。
docker-compose.yml
db:
image: postgres:9
hostname: pgsql-01
ports:
- 5432:5432
environment:
- POSTGRES_DB=sonar
- POSTGRES_USER=sonar
- POSTGRES_PASSWORD=sonar
sonar:
image: orangesignal/sonar:latest
hostname: sonar-01
links:
- db
ports:
- 9000:9000
environment:
- SONAR_JDBC_URL=jdbc:postgresql://pgsql-01:5432/sonar
- SONAR_JDBC_USERNAME=sonar
- SONAR_JDBC_PASSWORD=sonar
这不是使用H2或MySQL,而是使用Docker映像postgres:9
来使用Postgres数据库,并在特定的主机名和端口下运行它。 接下来是引用orangesignal/sonar
图像的最新发布版本并与Postgres数据库链接的部分。
我已经安装了Docker,但是还必须安装Docker Compose才能运行
tvinke@picard ~/docker-sonarqube $ docker-compose up
这开始了整个shebang。
...
sonar_1 | 2016.02.26 10:24:35 INFO web[o.s.s.s.IndexSynchronizer] Index source lines
sonar_1 | 2016.02.26 10:24:35 INFO web[o.s.s.s.IndexSynchronizer] Index users
sonar_1 | 2016.02.26 10:24:35 INFO web[o.s.s.s.IndexSynchronizer] Index views
sonar_1 | 2016.02.26 10:24:35 INFO web[jruby.rack] jruby 1.7.9 (ruby-1.8.7p370) 2013-12-06 87b108a on Java HotSpot(TM) 64-Bit Server VM 1.8.0_66-b17 [linux-amd64]
sonar_1 | 2016.02.26 10:24:35 INFO web[jruby.rack] using a shared (threadsafe!) runtime
sonar_1 | 2016.02.26 10:24:41 INFO web[jruby.rack] keeping custom (config.logger) Rails logger instance
sonar_1 | 2016.02.26 10:24:41 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
sonar_1 | 2016.02.26 10:24:41 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
sonar_1 | 2016.02.26 10:24:41 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
sonar_1 | 2016.02.26 10:24:42 INFO app[o.s.p.m.Monitor] Process[web] is up
访问SonarQube仪表板
现在,在http:// localhost:9000上, SonarQube正在提供服务:
尚未分析任何项目。
第2步–获取示例Gradle项目
我需要一个示例Gradle项目。
我可以选择从头开始创建一个干净的,基于Java的Gradle项目,但是添加一些源和测试进行分析将使我超过为自己设置的5分钟时限。
最好的选择是仅使用SonarQube自己的示例GitHub存储库中的项目 :
tvinke@picard ~/workspace $ git clone https://github.com/SonarSource/sonar-examples.git
目录/projects
包含以下示例项目:
- 不同的分析器(SonarQube Runner,Maven,Ant)
- 不同的语言(Java,Cobol,.Net等)
- 执行单元测试和获取代码覆盖率数据的不同方法
示例使用了Sonar Runner,它现在已弃用 。 幸运的是, java-gradle-simple
项目正是我所需要的。
tree
输出(另一个漂亮的Linux工具):
tvinke@picard ~/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple $ tree
.
├── build.gradle
├── README.md
└── src
├── main
│ └── java
│ └── example
│ └── Greeting.java
└── test
└── java
└── example
├── FailingTest.java
└── GreetingTest.java
7 directories, 5 files
我希望SonarQube可以报告一些有关的信息。 我正在寻找的是使用Sonar Gradle插件的正确build.gradle
的示例。
build.gradle
apply plugin: 'java'
apply plugin: 'org.sonarqube'
apply plugin: 'jacoco'
allprojects {
ext.baseVersion = "0.1"
ext.snapshotVersion = true
group = "org.sonarqube"
version = "$baseVersion" + (snapshotVersion ? "-SNAPSHOT" : "")
}
sonarqube {
properties {
property "sonar.projectName", "Java :: Simple Project :: SonarQube Scanner for Gradle"
property "sonar.projectKey", "org.sonarqube:java-gradle-simple"
property "sonar.jacoco.reportPath", "${project.buildDir}/jacoco/test.exec"
}
}
buildscript {
repositories {
maven {
url "http://repo1.maven.org/maven2/"
}
maven {
url "https://plugins.gradle.org/m2/"
}
mavenLocal()
}
dependencies {
classpath 'org.ajoberstar:gradle-jacoco:0.1.0'
classpath 'org.sonarqube.gradle:gradle-sonarqube-plugin:1.0'
}
}
test {
ignoreFailures = true
}
repositories {
repositories {
maven {
url "http://repo1.maven.org/maven2/"
}
}
}
dependencies {
testCompile 'junit:junit:4.12'
}
如您所见,有一些插件:
apply plugin: 'java'
apply plugin: 'org.sonarqube'
apply plugin: 'jacoco'
除了Java插件外,还有SonarQube插件和JaCoCo插件。 后者使用由EclEmma团队创建的JaCoCo(“ Java代码覆盖率”)库提供Java代码覆盖率指标。
此外,还配置了其他一些东西,例如Sonar属性:
sonarqube {
properties {
property "sonar.projectName", "Java :: Simple Project :: SonarQube Scanner for Gradle"
property "sonar.projectKey", "org.sonarqube:java-gradle-simple"
property "sonar.jacoco.reportPath", "${project.buildDir}/jacoco/test.exec"
}
}
部分是用于识别SonarQube中的项目,如果您将其用于多个项目。
我将一切都保持原样,因为我可以开始...
步骤3 –使用Gradle Sonar插件进行分析
Gradle Sonar插件使用各种默认值,并使用Gradle构建中的许多信息来分析项目。
因此,我希望“事情一切顺利”(如果一切进展顺利,这是一个陷阱–使用最少的配置),所以看看如果我们这样做会发生什么:
gradle sonarqube
使用实际的默认SonarQube设置,它可以正常工作,并且可以找到本地H2数据库。
SonarQube实际上在哪里?
INFO: Work directory: /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/sonar
INFO: SonarQube Server 5.1.2
11:38:15.164 INFO - Load global repositories
11:38:15.281 INFO - Load global repositories (done) | time=119ms
11:38:15.283 INFO - Server id: 20160226102431
11:38:15.285 INFO - User cache: /home/tvinke/.sonar/cache
11:38:15.292 INFO - Install plugins
11:38:15.329 INFO - Install JDBC driver
11:38:15.335 INFO - Create JDBC datasource for jdbc:h2:tcp://localhost/sonar
:sonarqube FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':sonarqube'.
> Unable to execute Sonar
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED
Total time: 2.41 secs
不幸的是,我们docker-compose.yml
另有说明-我们使用的是Postgres数据库而不是其他的JDBC设置-而不是jdbc:h2:tcp://localhost/sonar
上的H2数据库。
我们可以通过在~/.gradle/gradle.properties
设置一些全局属性来覆盖默认值,例如
systemProp.sonar.host.url=http://localhost:9000
systemProp.sonar.jdbc.url=jdbc:postgresql://localhost/sonar
systemProp.sonar.jdbc.username=sonar
systemProp.sonar.jdbc.password=sonar
或者在命令行中传递它(保留默认值):
gradle sonarqube
-Dsonar.jdbc.url=jdbc:postgresql://localhost:5432/sonar
-Dsonar.verbose=true
SonarQube开始并快速完成了对这个小项目的分析:
tvinke@picard ~/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple $ gradle sonarqube -Dsonar.jdbc.url=jdbc:postgresql://localhost:5432/
sonar
:compileJava UP-TO-DATE
:processResources UP-TO-DATE
:classes UP-TO-DATE
:compileTestJava UP-TO-DATE
:processTestResources UP-TO-DATE
:testClasses UP-TO-DATE
:test UP-TO-DATE
:sonarqube
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Work directory: /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/sonar
INFO: SonarQube Server 5.1.2
12:00:29.104 INFO - Load global repositories
12:00:29.184 INFO - Load global repositories (done) | time=81ms
12:00:29.185 INFO - Server id: 20160226102431
12:00:29.186 INFO - User cache: /home/tvinke/.sonar/cache
12:00:29.192 INFO - Install plugins
12:00:29.219 INFO - Install JDBC driver
12:00:29.223 INFO - Create JDBC datasource for jdbc:postgresql://localhost:5432/sonar
12:00:29.758 INFO - Initializing Hibernate
12:00:30.421 INFO - Load project repositories
12:00:30.574 INFO - Load project repositories (done) | time=153ms
12:00:30.574 INFO - Load project settings
12:00:30.786 INFO - Load technical debt model
12:00:30.801 INFO - Apply project exclusions
12:00:30.939 WARN - 'sonar.dynamicAnalysis' is deprecated since version 4.3 and should no longer be used.
12:00:30.954 WARN - SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project.
12:00:30.955 INFO - ------------- Scan Java :: Simple Project :: SonarQube Scanner for Gradle
12:00:30.959 INFO - Load module settings
12:00:31.025 INFO - Load rules
12:00:31.231 INFO - Base dir: /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple
12:00:31.231 INFO - Working dir: /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/sonar
12:00:31.232 INFO - Source paths: src/main/java
12:00:31.232 INFO - Test paths: src/test/java
12:00:31.233 INFO - Binary dirs: build/classes/main
12:00:31.233 INFO - Source encoding: UTF-8, default locale: en_US
12:00:31.233 INFO - Index files
12:00:31.241 INFO - 3 files indexed
12:00:31.314 INFO - Quality profile for java: Sonar way
12:00:31.326 INFO - Sensor JavaSquidSensor
12:00:31.513 INFO - Configured Java source version: 7
12:00:31.746 INFO - Java Main Files AST scan...
12:00:31.748 INFO - 1 source files to be analyzed
12:00:31.950 INFO - Java Main Files AST scan done: 204 ms
12:00:31.950 INFO - 1/1 source files have been analyzed
12:00:31.951 INFO - Java bytecode scan...
12:00:31.964 INFO - Java bytecode scan done: 13 ms
12:00:31.964 INFO - Java Test Files AST scan...
12:00:31.964 INFO - 2 source files to be analyzed
12:00:32.011 INFO - Java Test Files AST scan done: 47 ms
12:00:32.011 INFO - 2/2 source files have been analyzed
12:00:32.013 INFO - Package design analysis...
12:00:32.015 INFO - Package design analysis done: 2 ms
12:00:32.016 INFO - Sensor JavaSquidSensor (done) | time=690ms
12:00:32.016 INFO - Sensor Lines Sensor
12:00:32.017 INFO - Sensor Lines Sensor (done) | time=1ms
12:00:32.018 INFO - Sensor QProfileSensor
12:00:32.021 INFO - Sensor QProfileSensor (done) | time=4ms
12:00:32.021 INFO - Sensor InitialOpenIssuesSensor
12:00:32.032 INFO - Sensor InitialOpenIssuesSensor (done) | time=11ms
12:00:32.032 INFO - Sensor ProjectLinksSensor
12:00:32.039 INFO - Sensor ProjectLinksSensor (done) | time=7ms
12:00:32.039 INFO - Sensor VersionEventsSensor
12:00:32.057 INFO - Sensor VersionEventsSensor (done) | time=18ms
12:00:32.057 INFO - Sensor SurefireSensor
12:00:32.057 INFO - parsing /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/test-results
12:00:32.100 INFO - Sensor SurefireSensor (done) | time=43ms
12:00:32.100 INFO - Sensor JaCoCoOverallSensor
12:00:32.105 WARN - You are not using the latest JaCoCo binary format version, please consider upgrading to latest JaCoCo version.
12:00:32.106 INFO - Analysing /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/jacoco/test.exec
12:00:32.117 WARN - You are not using the latest JaCoCo binary format version, please consider upgrading to latest JaCoCo version.
12:00:32.117 INFO - Analysing /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/sonar/jacoco-overall.exec
12:00:32.151 INFO - No information about coverage per test.
12:00:32.152 INFO - Sensor JaCoCoOverallSensor (done) | time=52ms
12:00:32.152 INFO - Sensor SCM Sensor
12:00:32.152 INFO - No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
12:00:32.152 INFO - Sensor SCM Sensor (done) | time=0ms
12:00:32.152 INFO - Sensor JaCoCoSensor
12:00:32.152 WARN - You are not using the latest JaCoCo binary format version, please consider upgrading to latest JaCoCo version.
12:00:32.153 INFO - Analysing /home/tvinke/workspace/sonar-examples/projects/languages/java/gradle/java-gradle-simple/build/jacoco/test.exec
12:00:32.155 INFO - No information about coverage per test.
12:00:32.155 INFO - Sensor JaCoCoSensor (done) | time=3ms
12:00:32.155 INFO - Sensor CPD Sensor
12:00:32.155 INFO - JavaCpdEngine is used for java
12:00:32.155 INFO - Cross-project analysis disabled
12:00:32.169 INFO - Sensor CPD Sensor (done) | time=14ms
12:00:32.170 INFO - No quality gate is configured.
12:00:32.195 INFO - Compare to previous analysis (2016-02-26)
12:00:32.197 INFO - Compare over 30 days (2016-01-27, analysis of Fri Feb 26 09:54:19 CET 2016)
12:00:32.501 INFO - Execute decorators...
12:00:33.012 INFO - Store results in database
12:00:33.177 INFO - Analysis reports generated in 13ms, dir size=1002 bytes
12:00:33.181 INFO - Analysis reports compressed in 4ms, zip size=2 KB
12:00:33.211 INFO - Analysis reports sent to server in 29ms
12:00:33.211 INFO - ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard/index/org.sonarqube:java-gradle-simple
12:00:33.211 INFO - Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report.
BUILD SUCCESSFUL
Total time: 5.274 secs
结果:
分析成功
SonarQube的仪表板现在列出了我们的简单Java项目。 该项目的概述现在揭示了许多有关当前代码库状态的信息。
SonarQube自己的示例项目有2个(故意)问题:
问题概述指出了实际情况:
所以寿回答我原来的问题:它是不是很难有一个本地运行SonarQube安装分析了摇篮项目。
由于我已经安装了Docker和Docker Compose,因此我们花了“ 5分钟”才能到达这里,但是要花更多的时间才能消除技术负担。
现在,您还在等什么- 快解决吧! :-)
进一步阅读
- SonarQube网站– http://www.sonarqube.org/
- DockerHub和GitHub上的 orangesignal / sonar
- 设置和升级> 安装和配置Gradle Sonar插件
- Gradle.org文档– https://plugins.gradle.org/plugin/org.sonarqube
- JaCoCo Java代码覆盖率首页– http://eclemma.org/jacoco/
翻译自: https://www.javacodegeeks.com/2016/03/3-steps-analyzing-gradle-project-sonarqube-using-docker.html