An overview,

Sonar is an open source platform for code quality management. It is used to manage the quality of the source code. It can detect the quality of the code from multiple dimensions. It supports code quality management and detection of more than 20 programming languages such as Java, python, C#, go, scala, kotlin, JavaScrip, Groovy and so on.

The following uses Docker to launch a Sonarqube for a quick experience of what the platform has to offer.

2. Install SonarQube

You can install a SonarQube the traditional way by downloading a ZIP file, or you can start a SonarQube container using a Docker image.

1.Download the zip file to install SonarQube https://www.sonarqube.org/downloads/

  • Download the zip file shown above
  • Unzip the zip file, for example in C: \ sonarqube or/opt/sonarqube
  • Run the following command to start the SonarQube Server
# In Windows, Run the following command: C:\sonarqube\bin\windows-x86-64\ startsonar. bat # In Linux and other systems, run the following command: /opt/sonarqube/bin/[OS]/sonar.sh consoleCopy the code

2. Install SonarQube using Docker

  • Find Sonarqube in Docker Hub
  • usedocker pull sonarqube Pull the mirror
  • Run the following command to start the SonarQube Server
docker run -d --name sonarqube -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p 9000:9000 sonarqube:latest
Copy the code

3. Log in to SonarQube Server

Once the instance is up and running, log in to http://localhost:9000 with system administrator credentials

  • User name: admin
  • Password: admin

The password must be reset after the successful login

3. Analyze the project

After successful login, it is shown as the figure below:

1. Install the Chinese package

The following figure shows the successful installation of the Chinese package

2. Analyze the project

  • Click the Create New Project button.

  • Give your project a project key and a display name, then click the Set button.

  • Under Provide Token, select Generate token. Name your token, click the Build button, and then click Continue.

  • Under Run Analysis on Project, select the main language for the project, and then follow the instructions to analyze the project. Here you will download and execute the scanner on the code (or automatically if you are using Maven or Gradle).

Using Maven to perform SonarQube analysis is very simple. Simply run the following command in your project directory.

mvn sonar:sonar \
  -Dsonar.projectKey=test \
  -Dsonar.host.url=http://localhost:9000 \
  -Dsonar.login=a98ea942c2c4bd02b1621ee26653fe1b7007d83d
Copy the code

Once the analysis is complete, the page will automatically refresh and you will see the first analysis on SonarQube:

Iv. Problems encountered

When the preceding MVN command is executed, the following problems occur:

[ERROR] Failed to execute goal org. Sonarsource. Scanner. Maven: sonar maven - plugin: 3.8.0.2131: sonar (default - cli) on project quarkus-demo: Your project contains .java files, please provide compiled classes with sonar.java.binaries property, or exclude them from the analysis with sonar.exclusions property.Copy the code

[root@sonar: sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar] [root@sonar

mvn package sonar:sonar \
  -Dsonar.projectKey=test \
  -Dsonar.host.url=http://localhost:9000 \
  -Dsonar.login=a98ea942c2c4bd02b1621ee26653fe1b7007d83d
Copy the code

Sonarqube image repository address docker launches sonarqube official documentation