1. docker安装sonar

docker -search sonar

docker pull sonarqube

docker run --restart=always -d --name sonarqube -p9000:9000 -e sonar.jdbc.username=admin -e sonar.jdbc.password=admin sonarqube

Admin@123

访问localhost:9000,可以成功进入sonar的ui界面

生成token

记住token的内容

2. jenkins配置

安装jenkins-sonar插件

配置系统全局变量，认证方式选择“secret text”

把生成的token内容填入Secret里面

3. pipeline构建

编写jenkinsfile文件

pipeline {

agent none

stages {

stage('Preparation') {

agent { node { label 'master' } }

steps {

checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'binbin', url: 'https://github.com/zbbkeepgoing/springboot-demo.git']]])

}

}

stage('Build') {

agent { node { label 'master' } }

steps {

dir(env.WORKSPACE){

sh "mvn clean install"

junit allowEmptyResults: true, keepLongStdio: true, testResults: 'target/surefire-reports/*.xml'

sh "mv target/sample-0.0.1-SNAPSHOT.jar target/sample.jar"

}

}

}

stage('Sonarqube') {

stage('测试代码静态扫描') { steps { echo 'This is a sonar step' sh "mvn sonar:sonar -Dsonar.host.url=http://10.10.15.172:9000 -Dsonar.login=sonartoken" //指定sonar的ip和token }

}

}

}

4. jenkins构建成功

[Pipeline] stage[Pipeline] { (测试代码静态扫描)[Pipeline] echo This is a sonar step[Pipeline] sh + mvn sonar:sonar -Dsonar.host.url=http://10.10.15.172:9000-Dsonar.login=13dc05980e001f8894ae6b3d21a4816ab02da799

[INFO] Scanning for projects...

[WARNING] [WARNING] Some problems were encountered while building the effective model for com.wpg:wpg-demo-project:pom:1.0-SNAPSHOT

[WARNING] 'dependencyManagement.dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique: io.seata:seata-spring-boot-starter:jar -> duplicate declaration of version 1.4.1 @ com.wpg:wpg-cloud:1.7-SNAPSHOT, /home/repository/com/wpg/wpg-cloud/1.7-SNAPSHOT/wpg-cloud-1.7-SNAPSHOT.pom, line 127, column 25

[WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.

[WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects.

[WARNING] [INFO] ------------------------------------------------------------------------[INFO] Reactor Build Order:[INFO] [INFO] wpg-demo-project[INFO] wpg-demo-yxproject-api[INFO] wpg-demo-yxproject-web[INFO] [INFO] ------------------------------------------------------------------------[INFO] Building wpg-demo-project 1.0-SNAPSHOT[INFO] ------------------------------------------------------------------------[WARNING] The POM for com.google.guava:guava:jar:29.0-jre is invalid, transitive dependencies (if any) will not be available, enable debug logging for more details[INFO] [INFO] --- sonar-maven-plugin:3.9.0.2155:sonar (default-cli) @ wpg-demo-project ---[INFO] User cache: /root/.sonar/cache[INFO] SonarQube version: 6.7.5[INFO] Default locale: "zh_CN", source code encoding: "UTF-8" (analysis is platform dependent)[INFO] Publish mode[INFO] Load global settings[INFO] Load global settings (done) | time=79ms[INFO] Server id: BF41A1F2-AXmNjGGJ4jMLrd5txmjD[INFO] User cache: /root/.sonar/cache[INFO] Load plugins index[INFO] Load plugins index (done) | time=53ms[INFO] Process project properties[INFO] Load project repositories[INFO] Load project repositories (done) | time=77ms[INFO] Load quality profiles[INFO] Load quality profiles (done) | time=35ms[INFO] Load active rules[INFO] Load active rules (done) | time=1203ms[INFO] Load metrics repository[INFO] Load metrics repository (done) | time=70ms[INFO] Project key: com.wpg:wpg-demo-project[INFO] ------------- Scan wpg-demo-yxproject-web[INFO] Load server rules[INFO] Load server rules (done) | time=586ms[INFO] Base dir: /root/jenkins/workspace/wpg-demo-yxproject-web/wpg-demo-yxproject-web[INFO] Working dir: /root/jenkins/workspace/wpg-demo-yxproject-web/wpg-demo-yxproject-web/target/sonar[INFO] Source paths: pom.xml, src/main/java[INFO] Test paths: src/test/java[INFO] Source encoding: UTF-8, default locale: zh_CN[INFO] Index files[INFO] 19 files indexed[INFO] Quality profile for java: Sonar way[INFO] Quality profile for xml: Sonar way[INFO] Sensor JavaSquidSensor [java][INFO] Configured Java source version (sonar.java.source): 8[INFO] JavaClasspath initialization[INFO] JavaClasspath initialization (done) | time=16ms[INFO] JavaTestClasspath initialization[INFO] JavaTestClasspath initialization (done) | time=6ms[INFO] Java Main Files AST scan[INFO] 16 source files to be analyzed[INFO] 16/16 source files have been analyzed[INFO] Java Main Files AST scan (done) | time=1617ms[INFO] Java Test Files AST scan[INFO] 2 source files to be analyzed[INFO] 2/2 source files have been analyzed[INFO] Java Test Files AST scan (done) | time=102ms[INFO] Sensor JavaSquidSensor [java] (done) | time=2178ms[INFO] Sensor SurefireSensor [java][INFO] parsing [/root/jenkins/workspace/wpg-demo-yxproject-web/wpg-demo-yxproject-web/target/surefire-reports][INFO] Sensor SurefireSensor [java] (done) | time=3ms[INFO] Sensor JaCoCoSensor [java][INFO] Sensor JaCoCoSensor [java] (done) | time=1ms[INFO] Sensor SonarJavaXmlFileSensor [java][INFO] 1 source files to be analyzed[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=357ms[INFO] Sensor XML Sensor [xml][INFO] 1/1 source files have been analyzed[INFO] Sensor XML Sensor [xml] (done) | time=98ms[INFO] Sensor Analyzer for "php.ini" files [php][INFO] Sensor Analyzer for "php.ini" files [php] (done) | time=3ms[INFO] ------------- Scan wpg-demo-yxproject-api[INFO] Base dir: /root/jenkins/workspace/wpg-demo-yxproject-web/wpg-demo-yxproject-api[INFO] Working dir: /root/jenkins/workspace/wpg-demo-yxproject-web/wpg-demo-yxproject-api/target/sonar[INFO] Source paths: pom.xml[INFO] Source encoding: UTF-8, default locale: zh_CN[INFO] Index files[INFO] 1 file indexed[INFO] Quality profile for xml: Sonar way[INFO] Sensor SonarJavaXmlFileSensor [java][INFO] 1 source files to be analyzed[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=37ms[INFO] 1/1 source files have been analyzed[INFO] Sensor XML Sensor [xml][INFO] Sensor XML Sensor [xml] (done) | time=8ms[INFO] Sensor Analyzer for "php.ini" files [php][INFO] Sensor Analyzer for "php.ini" files [php] (done) | time=0ms[INFO] ------------- Scan wpg-demo-project[INFO] Base dir: /root/jenkins/workspace/wpg-demo-yxproject-web

[INFO] Working dir: /root/jenkins/workspace/wpg-demo-yxproject-web/target/sonar[INFO] Source paths: pom.xml

[INFO] Source encoding: UTF-8, default locale: zh_CN

[INFO] Index files[INFO] 1 file indexed

[INFO] Quality profile for xml: Sonar way

[INFO] Sensor SonarJavaXmlFileSensor

[java][INFO] 1 source files to be analyzed

[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=44ms

[INFO] Sensor XML Sensor [xml]

[INFO] 1/1 source files have been analyzed

[INFO] Sensor XML Sensor [xml] (done) | time=15ms[INFO] Sensor Analyzer for "php.ini" files

[php][INFO] Sensor Analyzer for "php.ini" files

[php] (done) | time=0ms

[INFO] Sensor Zero Coverage Sensor

[INFO] Sensor Zero Coverage Sensor (done) | time=28ms

[INFO] Sensor CPD Block Indexer

[INFO] Sensor CPD Block Indexer (done) | time=35ms[INFO] 8 files had no CPD blocks

[INFO] Calculating CPD for 8 files

[INFO] CPD calculation finished

[INFO] Analysis report generated in 93ms, dir size=134 KB[INFO] Analysis reports compressed in 43ms, zip size=65 KB

[INFO] Analysis report uploaded in 68ms

[INFO] ANALYSIS SUCCESSFUL, you can browsehttp://10.10.15.172:9000/dashboard/index/com.wpg:wpg-demo-project

[INFO] Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report

[INFO] More about the report processing athttp://10.10.15.172:9000/api/ce/task?id=AXmOc8cJO8IdsgbY4ga-

[INFO] Task total time: 6.601 s

[INFO] ------------------------------------------------------------------------[INFO] Reactor Summary:[INFO] [INFO] wpg-demo-project ...................................SUCCESS [ 9.326 s]

[INFO] wpg-demo-yxproject-api ............................. SKIPPED

[INFO] wpg-demo-yxproject-web ............................. SKIPPED

[INFO] ------------------------------------------------------------------------

[INFO] BUILD SUCCESS

[INFO] ------------------------------------------------------------------------

[INFO] Total time: 10.009 s

[INFO] Finished at: 2021-05-21T18:23:42+08:00

[INFO] Final Memory: 93M/1165M

[INFO] ------------------------------------------------------------------------

5. sonar平台查看

以下为非docker式傻瓜安装sonar平台

环境准备

(1) sonarqube-7.9.1

(2) sonar-scanner-4.0.0.1744-linux

(3) Sqlserver（sonar7.9之后版本不支持mysql，oracle必须使用ojdbc7或者更高版本）

(4) jenkins

(5) jdk-12.0.1（jdk必须使用jdk11或者是更高版本）

注意：sonar的安装和启动不用root用户，而是用低权限的linux用户，建议自建用户sonar。

1. 新增sonar用户

useradd sonar

passwd

cd /home/sonar

mkdir sonar

2. 上传文件

unzip sonarqube-8.9.0.43852.zip

按如下配置修改 $SONAR_HOME/conf/sonar.properties 文件，配置数据库信息：

sonar.jdbc.username=sa

sonar.jdbc.password=Sqlserver123

sonar.jdbc.url=jdbc:sqlserver://10.102.7.210;databaseName=sonar

#sonar访问地址端口可根据情况修改或者保持默认

sonar.web.port=9000

3. 安装 sqlserver