之前我们已经完成“在 Ubuntu 20.04 LTS 上安装SonarQube”,我们还需要安装BuildWrapper 和 SonarQube Scanner才能分析一个C++项目。
安装BuildWrapper
分析C/C++项目需要BuildWrapper,它运行构建并收集和分析 C/C++项目所需的所有配置(如宏定义,include目录等)。生成包装器不会影响构建过程,它只是窃听该过程,并写入你指定的文件中。
你可以直接从SonarQube服务器(请确保使用的是商业版本)下载生成包装器,以便使其版本与插件的版本完全匹配。
$ wget http://localhost:9000/static/cpp/build-wrapper-linux-x86.zip
解压缩下载的BuildWrapper包,然后把该目录添加到环境变量 PATH 便于稍后使用。
$ export PATH="path_to_build-wrapper-linux-x86:$PATH"
安装SonarScanner
从 SonarScanner | SonarQube Docs 下载相应的 Linux 64-bit 版本,解压缩下载包,然后把该目录添加到环境变量 PATH 便于稍后使用。
$ export PATH="path_to_sonar-scanner-cli-4.5.0.2216-linux:$PATH"
使用BuildWrapper 和 SonarScanner 分析一个C++示例项目
首先从 Sample project 下载示例项目代码,进入示例代码目录:
$ git clone https://github.com/SonarSource/sonar-scanning-examples.git
$ cd sonar-scanning-examples/sonarqube-scanner-build-wrapper-linux
运行 build wrapper:
$ build-wrapper-linux-x86-64 --out-dir bw-outputs ./build.sh
REMOVE PREVIOUS BUILD
BUILDING
BUILD SUCCESS
使用SonarQube Scanner分析项目:
$ sonar-scanner
INFO: Scanner configuration file: /opt/sonar-scanner-4.2.0.1873-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: /repo/sonar-scanning-examples/sonarqube-scanner-build-wrapper-linux/sonar-project.properties
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 1.8.0_191 Oracle Corporation (64-bit)
INFO: Linux 5.4.0-60-generic amd64
INFO: User cache: /home/iot/.sonar/cache
INFO: SonarQube server 7.9.5
INFO: Default locale: "en_US", source code encoding: "UTF-8"
WARN: SonarScanner will require Java 11 to run starting in SonarQube 8.x
INFO: Load global settings
INFO: Load global settings (done) | time=270ms
INFO: Server id: 92D88F0A-AXb_VjebOqGJTYQfpuEF
INFO: User cache: /home/iot/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=130ms
INFO: Load/download plugins (done) | time=327ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=18ms
INFO: Project key: org.sonarqube:cpp-build-wrapper
INFO: Base dir: /repo/sonar-scanning-examples/sonarqube-scanner-build-wrapper-linux
INFO: Working dir: /repo/sonar-scanning-examples/sonarqube-scanner-build-wrapper-linux/.scannerwork
INFO: Load project settings for component key: 'org.sonarqube:cpp-build-wrapper'
INFO: Load project settings for component key: 'org.sonarqube:cpp-build-wrapper' (done) | time=339ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=269ms
INFO: Load active rules
INFO: Load active rules (done) | time=2578ms
INFO: Indexing files...
INFO: Project configuration:
INFO: 3 files indexed
INFO: 0 files ignored because of scm ignore settings
INFO: ------------- Run sensors on module Example of C/C++ Scan (with BuildWrapper)
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=86ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=15ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=8ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=56ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=3ms
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 381ms, dir size=72 KB
INFO: Analysis report compressed in 39ms, zip size=9 KB
INFO: Analysis report uploaded in 99ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard?id=org.sonarqube%3Acpp-build-wrapper
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AXdBXc3yIt1AXBfuYd61
INFO: Analysis total time: 9.212 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 12.901s
INFO: Final Memory: 21M/286M
INFO: ------------------------------------------------------------------------
项目分析完成后,我们可以在 SonarQube 服务端看到相应的分析结果: