使用sonarqube对javascript代码进行扫描,分析代码质量,最简单的方式莫过于使用缺省的sonar-way中的javascript的规则,使用sonar-scanner进行扫描,这篇文章通过最简单的例子,来进行说明。
事前准备
Sonarqube
Sonarqube可以使用docker版本快速搭建,可以参看一下Easypack整理的镜像,具体使用可以参看如下链接,这里不再赘述:
https://hub.docker.com/r/liumiaocn/sonarqube/
环境假定
本文使用到的sonarqube为本机32003可以访问到的服务。版本为5.6.5
sonar-scanner
sonar-scanner详细信息如下:
liumiaocn:sonar liumiao$ sonar-scanner -vINFO: Scanner configuration file: /Users/liumiao/Desktop/sonar/sonar-scanner-3.2.0.1227-macosx/conf/sonar-scanner.propertiesINFO: Project root configuration file: /Users/liumiao/sonar/sonar-project.propertiesINFO: SonarQube Scanner 3.2.0.1227INFO: Java 1.8.0_121 Oracle Corporation (64-bit)INFO: Mac OS X 10.14 x86_64liumiaocn:sonar liumiao$
项目目录构成
项目文件与目录构成信息如下:
liumiaocn:sonar liumiao$ tree.├── sonar-project.properties└── src └── Person.js1 directory, 2 filesliumiaocn:sonar liumiao$
JavaScript源码
使用如下Person.js的JavaScript源码,详细信息如下
liumiaocn:sonar liumiao$ cat src/Person.js var Person = function(first, last, middle) { this.first = first; this.middle = middle; this.last = last;};Person.prototype = { whoAreYou : function() { return this.first + (this.middle ? ' ' + this.middle: '') + ' ' + this.last; }};var a = NaN;if (a === NaN) { // Noncompliant; always false console.log("a is not a number"); // this is dead code}if (a !== NaN) { // Noncompliant; always true console.log("a is not NaN"); // this statement is not necessarily true}for (var i = 0; i < strings.length; i--) { console.log("dead code")}if (str == null && str.length == 0) { console.log("String is empty");}liumiaocn:sonar liumiao$sonar-project.properties设定文件
项目设定文件信息详细如下:
liumiaocn:sonar liumiao$ cat sonar-project.properties sonar.projectKey=javascript-prjsonar.projectName=JavaScript Demo Projectsonar.projectVersion=1.0sonar.sources=srcsonar.host.url=http://127.0.0.1:32003sonar.login=adminsonar.password=adminliumiaocn:sonar liumiao$
执行sonar-scanner
liumiaocn:sonar liumiao$ pwd/Users/liumiao/sonarliumiaocn:sonar liumiao$ lssonar-project.properties srcliumiaocn:sonar liumiao$ sonar-scannerINFO: Scanner configuration file: /Users/liumiao/Desktop/sonar/sonar-scanner-3.2.0.1227-macosx/conf/sonar-scanner.propertiesINFO: Project root configuration file: /Users/liumiao/sonar/sonar-project.propertiesINFO: SonarQube Scanner 3.2.0.1227INFO: Java 1.8.0_121 Oracle Corporation (64-bit)INFO: Mac OS X 10.14 x86_64INFO: User cache: /Users/liumiao/.sonar/cacheINFO: SonarQube server 5.6.5INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)INFO: Load global repositoriesINFO: Load global repositories (done) | time=129msINFO: User cache: /Users/liumiao/.sonar/cacheINFO: Load plugins indexINFO: Load plugins index (done) | time=3msINFO: Process project propertiesINFO: Load project repositoriesINFO: Load project repositories (done) | time=126msINFO: Load quality profilesINFO: Load quality profiles (done) | time=41msINFO: Load active rulesINFO: Load active rules (done) | time=609msWARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project.INFO: Publish modeINFO: ------------- Scan JavaScript Demo ProjectINFO: Load server rulesINFO: Load server rules (done) | time=73msINFO: Base dir: /Users/liumiao/sonarINFO: Working dir: /Users/liumiao/sonar/.scannerworkINFO: Source paths: srcINFO: Source encoding: UTF-8, default locale: en_USINFO: Index filesINFO: 1 files indexedINFO: Quality profile for js: Sonar wayINFO: JaCoCoSensor: JaCoCo report not found : /Users/liumiao/sonar/target/jacoco.execINFO: JaCoCoItSensor: JaCoCo IT report not found: /Users/liumiao/sonar/target/jacoco-it.execINFO: Sensor Lines SensorINFO: Sensor Lines Sensor (done) | time=11msINFO: Sensor JavaScriptSquidSensorINFO: 1 source files to be analyzedINFO: Sensor JavaScriptSquidSensor (done) | time=200msINFO: 1/1 source files have been analyzedINFO: Sensor SCM SensorINFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.INFO: Sensor SCM Sensor (done) | time=0msINFO: Sensor org.sonar.plugins.javascript.lcov.UTCoverageSensorINFO: Sensor org.sonar.plugins.javascript.lcov.UTCoverageSensor (done) | time=0msINFO: Sensor org.sonar.plugins.javascript.lcov.ITCoverageSensorINFO: Sensor org.sonar.plugins.javascript.lcov.ITCoverageSensor (done) | time=0msINFO: Sensor Zero Coverage SensorINFO: Sensor Zero Coverage Sensor (done) | time=7msINFO: Sensor Code Colorizer SensorINFO: Sensor Code Colorizer Sensor (done) | time=0msINFO: Sensor CPD Block IndexerINFO: DefaultCpdBlockIndexer is used for jsINFO: Sensor CPD Block Indexer (done) | time=20msINFO: Calculating CPD for 1 filesINFO: CPD calculation finishedINFO: Analysis report generated in 53ms, dir size=13 KBINFO: Analysis reports compressed in 17ms, zip size=6 KBINFO: Analysis report uploaded in 29msINFO: ANALYSIS SUCCESSFUL, you can browse http://127.0.0.1:32003/dashboard/index/javascript-prjINFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis reportINFO: More about the report processing at http://127.0.0.1:32003/api/ce/task?id=AWcNw2JuTV5bsL-6UV7vINFO: ------------------------------------------------------------------------INFO: EXECUTION SUCCESSINFO: ------------------------------------------------------------------------INFO: Total time: 3.719sINFO: Final Memory: 19M/278MINFO: ------------------------------------------------------------------------liumiaocn:sonar liumiao$
新闻热点
疑难解答
图片精选
