安装包下载
zip包下载 sonarqube下载地址
项目启动由于我使用的是windows系统,所以找到zip包中的D:\programs\sonarqube-9.2.1.49989\bin\windows-x86-64\StartSonar.bat, 进行启动。
成功启动后打开的控制台的内容
wrapper | --> Wrapper Started as Console wrapper | Launching a JVM... jvm 1 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved. jvm 1 | jvm 1 | 2021.12.13 14:33:39 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory D:\programs\sonarqube-9.2.1.49989\temp jvm 1 | 2021.12.13 14:33:39 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on [HTTP: 127.0.0.1:9001, TCP: 127.0.0.1:4510] jvm 1 | 2021.12.13 14:33:39 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='es', ipcIndex=1, logFilenamePrefix=es]] from [D:\programs\sonarqube-9.2.1.49989\elasticsearch]: C:\Program Files\Java\jdk-17.0.1\bin\java -XX:+UseG1GC -Djava.io.tmpdir=D:\programs\sonarqube-9.2.1.49989\temp -XX:ErrorFile=../logs/es_hs_err_pid%p.log -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dio.netty.allocator.numDirectArenas=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.locale.providers=COMPAT -Dcom.redhat.fips=false -Xmx512m -Xms512m -XX:MaxDirectMemorySize=256m -XX:+HeapDumpOnOutOfMemoryError -Delasticsearch -Des.path.home=D:\programs\sonarqube-9.2.1.49989\elasticsearch -Des.path.conf=D:\programs\sonarqube-9.2.1.49989\temp\conf\es -cp lib/* org.elasticsearch.bootstrap.Elasticsearch jvm 1 | 2021.12.13 14:33:39 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running jvm 1 | WARNING: A terminally deprecated method in java.lang.System has been called jvm 1 | WARNING: System::setSecurityManager has been called by org.elasticsearch.bootstrap.Elasticsearch (file:/D:/programs/sonarqube-9.2.1.49989/elasticsearch/lib/elasticsearch-7.14.1.jar) jvm 1 | WARNING: Please consider reporting this to the maintainers of org.elasticsearch.bootstrap.Elasticsearch jvm 1 | WARNING: System::setSecurityManager will be removed in a future release jvm 1 | WARNING: A terminally deprecated method in java.lang.System has been called jvm 1 | WARNING: System::setSecurityManager has been called by org.elasticsearch.bootstrap.Security (file:/D:/programs/sonarqube-9.2.1.49989/elasticsearch/lib/elasticsearch-7.14.1.jar) jvm 1 | WARNING: Please consider reporting this to the maintainers of org.elasticsearch.bootstrap.Security jvm 1 | WARNING: System::setSecurityManager will be removed in a future release jvm 1 | 2021.12.13 14:33:47 INFO app[][o.s.a.SchedulerImpl] Process[es] is up jvm 1 | 2021.12.13 14:33:47 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [D:\programs\sonarqube-9.2.1.49989]: C:\Program Files\Java\jdk-17.0.1\bin\java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=D:\programs\sonarqube-9.2.1.49989\temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED -Dcom.redhat.fips=false -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/sonar-application-9.2.1.49989.jar;D:\programs\sonarqube-9.2.1.49989\lib\jdbc\h2\h2-1.4.199.jar org.sonar.server.app.WebServer D:\programs\sonarqube-9.2.1.49989\temp\sq-process14026979473995193028properties jvm 1 | WARNING: A terminally deprecated method in java.lang.System has been called jvm 1 | WARNING: System::setSecurityManager has been called by org.sonar.process.PluginSecurityManager (file:/D:/programs/sonarqube-9.2.1.49989/lib/sonar-application-9.2.1.49989.jar) jvm 1 | WARNING: Please consider reporting this to the maintainers of org.sonar.process.PluginSecurityManager jvm 1 | WARNING: System::setSecurityManager will be removed in a future release jvm 1 | 2021.12.13 14:34:17 INFO app[][o.s.a.SchedulerImpl] Process[web] is up jvm 1 | 2021.12.13 14:34:17 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[[key='ce', ipcIndex=3, logFilenamePrefix=ce]] from [D:\programs\sonarqube-9.2.1.49989]: C:\Program Files\Java\jdk-17.0.1\bin\java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=D:\programs\sonarqube-9.2.1.49989\temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED -Dcom.redhat.fips=false -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/sonar-application-9.2.1.49989.jar;D:\programs\sonarqube-9.2.1.49989\lib\jdbc\h2\h2-1.4.199.jar org.sonar.ce.app.CeServer D:\programs\sonarqube-9.2.1.49989\temp\sq-process11723127385223217487properties jvm 1 | 2021.12.13 14:34:18 WARN app[][startup] #################################################################################################################### jvm 1 | 2021.12.13 14:34:18 WARN app[][startup] Default Administrator credentials are still being used. Make sure to change the password or deactivate the account. jvm 1 | 2021.12.13 14:34:18 WARN app[][startup] #################################################################################################################### jvm 1 | WARNING: A terminally deprecated method in java.lang.System has been called jvm 1 | WARNING: System::setSecurityManager has been called by org.sonar.process.PluginSecurityManager (file:/D:/programs/sonarqube-9.2.1.49989/lib/sonar-application-9.2.1.49989.jar) jvm 1 | WARNING: Please consider reporting this to the maintainers of org.sonar.process.PluginSecurityManager jvm 1 | WARNING: System::setSecurityManager will be removed in a future release jvm 1 | 2021.12.13 14:34:21 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up jvm 1 | 2021.12.13 14:34:21 INFO app[][o.s.a.SchedulerImpl] SonarQube is up系统默认启动的web服务页面在当前系统的9000端口,访问http://127.0.0.1:9000/进入登录页面,默认的账号密码都是:admin。
创建项目在首页找到create Project 创建一个Manually项目,选择Locally,因为我采用的是本地的代码
生成token,然后选择项目的语言,操作系统,我这里使用的是JavaScript Vue项目和windows,拿到生成的sonar.projectKey、sonar.login和sonar.host.url等字段,到这里服务器端的sonarqube已经配置好了。
扫描项目首先安装sonar-scanner全局安装
cnpm i -g sonar-scanner进去自己的JavaScript项目的根目录下,添加文件sonar-project.properties,大概配置如下:
# 本地自己起的sonarqube服务地址 sonar.host.url=http://127.0.0.1:9000/ sonar.login=a3d88c9bede392a64c46c40ffd62507fdb96b766 sonar.projectKey=test-project # 中文的字段需要用Unicode转码,展示到sonarqube的web中才不会乱码 sonar.projectName=\u6d4b\u8bd5\u9879\u76ee # 公共可用的配置项 sonar.projectVersion=1.0 sonar.sourceEncoding=UTF-8 sonar.sources=./src sonar.exclusions=/node_modules/ sonar.tests=./src sonar.test.inclusions=**/*.spec.ts然后直接在当前根目录下运行shell命令:
sonar-scanner等运行结束后就可以得到项目的分析结果了,命令行可以看到分析结果的地址:
INFO: ANALYSIS SUCCESSFUL, you can browse http://127.0.0.1:9000/dashboard?id=bt-frontend-pc 扫描结果的一些概念官网文档
拷贝一些翻译的内容:
然后就快乐的查看sonarqube中扫描出来的问题,并开始快乐的解决问题了,javascript的扫描规则。
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,会注明原创字样,如未注明都非原创,如有侵权请联系删除!;3.作者投稿可能会经我们编辑修改或补充;4.本站不提供任何储存功能只提供收集或者投稿人的网盘链接。 |