Jenkins Sonar

sonar简介

SonarQube是 一个开源的代码质量分析平台，便于管理代码的质量，可检查出项目代码的漏洞和潜在的逻辑问题。同时，它提供了丰富的插件，支持多种语言的检测， 如 Java、Python、Groovy、C、C++等几十种编程语言的检测。、主要的核心价值体现在如下几个方面：

• 检查代码是否遵循编程标准：如命名规范，编写的规范等。
• 检查设计存在的潜在缺陷：SonarQube 通过插 件 Findbugs、Checkstyle 等工具检测代码存在的缺陷。
• 检测代码的重复代码量：SonarQube 可以展示项目中存在大量复制粘贴的代码。
• 检测代码中注释的程度：源码注释过多或者太少都不好，影响程序的可读可理解性。
• 检测代码中包、类之间的关系：分析类之间的关系是否合理，复杂度情况。

SonarQube 平台是由4个部分组成:

• SonarQube Server
• SonarQube Database
• SonarQube Plugins
• SonarQube Scanner

安装 SonarQube

IP：10.20.200.107  jdk版本 1.8

SonarQube 下载地址 https://www.sonarqube.org/downloads/  版本 6.7.4

①、mysql中创建数据库

create database sonar DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

CREATE USER 'sonar'@'%' IDENTIFIED BY 'sonar123';

GRANT ALL PRIVILEGES ON sonar.* TO 'sonar'@'%';

②、修改sonar 的相关配置

[root@nginx logs]# cat /opt/sonarqube-6.7.4/conf/sonar.properties|grep -v "^#\|^$"
sonar.jdbc.username=sonar
sonar.jdbc.password=sonar123
sonar.jdbc.url=jdbc:mysql://10.10.10.11:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
sonar.web.context=/sonar　　　　#这里自定义设置，也可以不写sonar，直接设为“/”
sonar.web.host=0.0.0.0
sonar.web.port=9000　　　　　　　#默认端口

额外可选参数配置（前期可不添加）

#jvm使用的内存大小，xms最大使用内存，xmx最小使用内存

sonar.web.javaOpts=-server -Xms1G -Xmx521m -XX:+HeapDumpOnOutOfMemoryError

③、启动

由于sonar启动的时候会自动启动es插件，并且es不允许root用户启动，所以需要创建sonar用户来启动，否则es.log会报如下错误

java.lang.RuntimeException: can not run elasticsearch as root

创建用户及启动

adduser sonarUser
passwd sonarUser
chown -R sonarUser:sonarUser  /opt/sonarqube-6.7.4

su sonarUser

bin/sonar.sh start|stop|restart

④、打开页面，进行汉化

从 https://github.com/SonarQubeCommunity/sonar-l10n-zh/releases 上下载 sonar-l10n-zh-plugin-1.19.jar 放到 /opt/sonarqube-6.7.4/extensions/plugins 目录，重启sonar

注：插件版本一定要正确，具体信息看下载地址里的说明

访问地址 http://ip:9000/sonar，默认用户/密码  admin/admin

安装过程中出现问题可看 日志，分别为 sonar.log  es.log  web.log

安装scanner

与jenkins同主机 ip ：10.10.10.11

版本 2.8  下载地址 ：https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-2.8.zip  解压到 /opt目录

进入目录，修改sonar-scanner.properties

[root@bogon sonar-scanner-2.8]# cat conf/sonar-scanner.properties |grep -v "^$\|^#"
sonar.host.url=http://10.20.200.107:9000/sonar/
sonar.login=admin
sonar.password=admin
sonar.jdbc.username=sonar
sonar.jdbc.password=sonar123
sonar.jdbc.url=jdbc:mysql://10.10.10.11:3306/sonar?useUnicode=true&characterEncoding=utf8

设置环境变量

cat /etc/profile

PATH=$PATH:/opt/sonar-scanner-2.8/bin
export PATH

source /etc/profile

查看是否成功

[root@bogon sonar-scanner-2.8]# sonar-scanner -h
INFO:
INFO: usage: sonar-scanner [options]
INFO:
INFO: Options:
INFO:  -D,--define <arg>     Define property
INFO:  -h,--help             Display help information
INFO:  -v,--version          Display version information
INFO:  -X,--debug            Produce execution debug output
INFO:  -i,--interactive      Run interactively

scanner在于jenkins 进行集成的作用是：jenkins通过scanner传入要分析的工程，scanner再将这些分析结果，传给sonargube 进行呈现

jenkins中安装插件及配置

①、安装插件

②、全局配置

系统管理--> 系统设置

这里的 server authentication token 在 sonarqube 界面里生成

输入令牌生成即可看到

系统管理-->全局工具配置

保存即可

③、新建maven项目并进行构建

构建环境这里

post step这里

说明：

Analysic properties 里输入sonar的检查参数

• #项目key (随意输入，必填项)
• sonar.projectKey=test-sonar

• #项目名称和版本（必填项）
• sonar.projectName=cuimi-job
• sonar.projectVersion=1.0

• #源码位置（必填项，相对于jenkins的workspace路径，例如，我此时的绝对路径为/var/lib/jenkins/workspace/test_sonar/hz-cloud-management/cloud-admin/src/main/java）
• sonar.sources=hz-cloud-management/cloud-admin/src/main/java

• #编译后的class位置（必填项，相对路径同上，如果有多个）
• sonar.java.binaries=hz-cloud-management/cloud-admin/target/classes

示例

sonar.projectKey=2017-12-19-job
sonar.projectName=test_sonar
sonar.projectVersion=1.0
sonar.login=admin　　　　　　　　　　 #此处为登录sonar的用户名   由于配置文件里的参数有时候读取不到，所以写在这里
sonar.password=admin　　　　　　　　 #此处为密码
sonar.sources=hz-cloud-management/cloud-admin/src/main/java
sonar.java.binaries=hz-cloud-management/cloud-admin/target/classes

添加构建后操作（可做可不做。。感觉没多大用处）

开始构建，构建完成如图所示、

点击方框中直接跳转到sonar界面

遇到的问题

构建完成时提示如下信息，导致构建失败

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.1.1168:sonar (default-cli) on project hz-cloud: Failed to upload report - 500: An error has occurred. Please contact your administrator -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.1.1168:sonar (default-cli) on project hz-cloud: Failed to upload report - 500: An error has occurred. Please contact your administrator
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:213)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:154)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:146)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:309)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:194)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:107)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:993)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:345)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:191)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
Caused by: org.apache.maven.plugin.MojoExecutionException: Failed to upload report - 500: An error has occurred. Please contact your administrator
    at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:67)
    at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:104)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:208)
    ... 20 more
Caused by: Failed to upload report - 500: An error has occurred. Please contact your administrator
[ERROR]
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
SonarQube analysis completed: FAILURE
Build step 'SonarQube analysis with Maven' changed build result to FAILURE
Build step 'SonarQube analysis with Maven' marked build as failure
Finished: FAILURE

同时查看sonarqube运行的web日志，/opt/sonarqube-6.7.4/logs/web.log

Caused by: com.mysql.jdbc.PacketTooBigException: Packet for query is too large (4269869 > 4194304). You can change this value on the server by setting the max_allowed_packet' variable.
    at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:3678)
    at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2509)
    at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2680)
    at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2490)
    at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:1858)
    at com.mysql.jdbc.PreparedStatement.executeUpdateInternal(PreparedStatement.java:2079)
    at com.mysql.jdbc.PreparedStatement.executeUpdateInternal(PreparedStatement.java:2013)
    at com.mysql.jdbc.PreparedStatement.executeLargeUpdate(PreparedStatement.java:5104)
    at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:1998)
    at org.apache.commons.dbcp.DelegatingPreparedStatement.executeUpdate(DelegatingPreparedStatement.java:105)
    at org.apache.commons.dbcp.DelegatingPreparedStatement.executeUpdate(DelegatingPreparedStatement.java:105)
    at org.sonar.db.ce.CeTaskInputDao.insert(CeTaskInputDao.java:53)
    ... 45 common frames omitted

解决办法：

原因是MySQL的max_allowed_packet设置过小引起的，开始默认设置的是4M，后来改为了20M，进入mysql

mysql -u -p 

mysql> show VARIABLES like '%max_allowed_packet%';
+--------------------------+------------+
| Variable_name            | Value      |
+--------------------------+------------+
| max_allowed_packet       | 4194304    |
| slave_max_allowed_packet | 1073741824 |
+--------------------------+------------+

修改/etc/my.cnf

[mysqld]
max_allowed_packet = 20M

重启mysql，重启sonarqube即可

重启sonarqube时报错

2018.07.09 16:20:26 INFO  app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /opt/sonarqube-6.7.4/temp

WrapperSimpleApp: Encountered an error running main: java.nio.file.AccessDeniedException: /opt/sonarqube-6.7.4/temp/conf/es/jvm.options
java.nio.file.AccessDeniedException: /opt/sonarqube-6.7.4/temp/conf/es/jvm.options
    at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
    at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
    at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
    at sun.nio.fs.UnixFileSystemProvider.implDelete(UnixFileSystemProvider.java:244)
    at sun.nio.fs.AbstractFileSystemProvider.delete(AbstractFileSystemProvider.java:103)
    at java.nio.file.Files.delete(Files.java:1126)
    at org.sonar.process.FileUtils2$DeleteRecursivelyFileVisitor.visitFile(FileUtils2.java:170)
    at org.sonar.process.FileUtils2$DeleteRecursivelyFileVisitor.visitFile(FileUtils2.java:165)
    at java.nio.file.Files.walkFileTree(Files.java:2670)
    at java.nio.file.Files.walkFileTree(Files.java:2742)
    at org.sonar.process.FileUtils2.deleteDirectoryImpl(FileUtils2.java:127)
    at org.sonar.process.FileUtils2.deleteDirectory(FileUtils2.java:112)
    at org.sonar.application.AppFileSystem$CleanTempDirFileVisitor.visitFile(AppFileSystem.java:117)
    at org.sonar.application.AppFileSystem$CleanTempDirFileVisitor.visitFile(AppFileSystem.java:101)
    at java.nio.file.Files.walkFileTree(Files.java:2670)
    at org.sonar.application.AppFileSystem.createOrCleanTempDirectory(AppFileSystem.java:96)
    at org.sonar.application.AppFileSystem.reset(AppFileSystem.java:62)
。。。。。。。。。。。。。。。。。。

可能存在缓存原因导致启动失败，删除 sonarqube目录下的temp目录下文件即可