我是靠谱客的博主 平常金毛,最近开发中收集的这篇文章主要介绍使用SonarTS创建进行typescript代码质量扫描SonarQube Server端设定客户端typescript前端示例工程Sonar-Scanner使用示例常见问题执行示例追记,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

SonarQube中提供SonarTS插件对前端的typescript代码进行质量扫描。这篇文章以SonarQube LTS 6.7为例整理进行一下typescript代码检查常见的问题与对应方法。

SonarQube Server端设定

  • SonarQube版本
    本文使用SonarQube LTS 6.7.1版本。

安装并升级SonarTS插件和SonarJS插件,本文示例所更新的插件版本如下所示:

  • SonarTS插件
    在这里插入图片描述
  • SonarJS插件
    在这里插入图片描述

设定方法
管理员账户登陆之后,在Administration页面的marketplace选项即可进行更新等操作

客户端

Sonar-Scanner设定方法

使用的Sonar-Scanner的版本为4.2,此版本中自带JRE。但是在Alpine的镜像中可能不好用,如果需要使用JAVA_HOME中指定的JRE或者JDK,vi手动修改sonar-scanner中的
use_embedded_jre=true改为use_embedded_jre=false即可。

/data/jenkins/workspace/angular-pipeline-job/demo # /usr/local/share/sonar/bin/sonar-scanner --version
INFO: Scanner configuration file: /usr/local/share/sonar/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 1.8.0_212 IcedTea (64-bit)
INFO: Linux 4.9.87-linuxkit-aufs amd64
/data/jenkins/workspace/angular-pipeline-job/demo # 

typescript前端示例工程

使用Angular创建一个demo应用,使用如下命令即可

执行命令:ng new demo --style less

在Jenkinsfile中创建前端应用的示例可参看:示例

Sonar-Scanner使用示例

使用user/password方式

示例如下所示

/usr/local/share/sonar/bin/sonar-scanner 
  -Dsonar.projectKey=angular 
  -Dsonar.sources=src 
  -Dsonar.host.url=http://192.168.31.242:9000 
  -Dsonar.login=admin 
  -Dsonar.password=admin

使用token方式

示例如下所示

/usr/local/share/sonar/bin/sonar-scanner 
  -Dsonar.projectKey=angular 
  -Dsonar.sources=src 
  -Dsonar.host.url=http://192.168.31.242:9000 
  -Dsonar.login=8b138774fb2d29e2e7bcdca249c7e09a2013740c

常见问题

profile被删空或者缺少相应插件

profile如果连sonar way都被删除的情况下,或者缺少检查对象文件相应的插件的安装(比如检查typescript文件没有安装SonarTS插件的情况下),可能会提示如下的错误信息。

ERROR: Error during SonarQube Scanner execution
ERROR: No quality profiles have been found, you probably don't have any language plugin installed.
ERROR:

SonarQube服务器端无法连接

基于网络或者SonarQube服务未正常启动等原因导致sonar-scanner无法连接服务器侧,此时经常会报出类似如下的错误信息

ERROR: Error during SonarQube Scanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
	at java.security.AccessController.doPrivileged(Native Method)
...省略

客户端未安装nodejs

客户端对typescript进行扫描时,一般情况下会调用本地的nodejs进行预解析,如果本地没有安装nodejs或者未正确设定执行时的搜索路径,一般会报出诸如如下的错误信息

ERROR: Error during SonarQube Scanner execution
java.lang.IllegalStateException: Failed to get Node.js version.No TypeScript files will be analyzed. You can exclude TypeScript files from analysis with 'sonar.exclusions' property.
	at org.sonar.plugin.typescript.ExternalTypescriptSensor.checkCompatibleNodeVersion(ExternalTypescriptSensor.java:163)
	at org.sonar.plugin.typescript.ExternalTypescriptSensor.analyze(ExternalTypescriptSensor.java:117)
	at org.sonar.plugin.typescript.ExternalTypescriptSensor.execute(ExternalTypescriptSensor.java:111)
	at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)
	at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:88)
	at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:82)
...省略

当然你也可以像提示说的那样在sonar.exclusions中设定让所有的ts文件都不作为扫描对象,显然这不是我们希望的解决方法。如果一般的环境直接安装nodejs即可,但是目前情况下,Alpine环境较为麻烦,最简单的方式是使用Alpine自带的包进行解决

/data/jenkins/workspace/angular-pipeline-job/demo # apk add nodejs
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
(1/4) Installing c-ares (1.15.0-r0)
(2/4) Installing http-parser (2.8.1-r0)
(3/4) Installing libuv (1.23.2-r0)
(4/4) Installing nodejs (10.14.2-r0)
Executing busybox-1.29.3-r10.trigger
OK: 373 MiB in 115 packages
/data/jenkins/workspace/angular-pipeline-job/demo # apk add npm
(1/1) Installing npm (10.14.2-r0)
Executing busybox-1.29.3-r10.trigger
OK: 397 MiB in 116 packages
/data/jenkins/workspace/angular-pipeline-job/demo #

执行示例

以下以Angular的demo应用为例,使用sonar-scanner进行扫描,执行日志如下所示

/data/jenkins/workspace/angular-pipeline-job/demo # /usr/local/share/sonar/bin/sonar-scanner 
>   -Dsonar.projectKey=angular 
>   -Dsonar.sources=src 
>   -Dsonar.host.url=http://192.168.31.242:9000 
>   -Dsonar.login=admin 
>   -Dsonar.password=admin
INFO: Scanner configuration file: /usr/local/share/sonar/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 1.8.0_212 IcedTea (64-bit)
INFO: Linux 4.9.87-linuxkit-aufs amd64
INFO: User cache: /root/.sonar/cache
INFO: SonarQube server 6.7.1
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Publish mode
INFO: Load global settings
INFO: Load global settings (done) | time=239ms
INFO: Server id: AW3nsip1zhnfoGaybxGb
INFO: User cache: /root/.sonar/cache
INFO: Load plugins index
INFO: Load plugins index (done) | time=140ms
INFO: Process project properties
INFO: Load project repositories
INFO: Load project repositories (done) | time=43ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=227ms
INFO: Load active rules
INFO: Load active rules (done) | time=837ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=73ms
WARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project.
INFO: Project key: angular
INFO: -------------  Scan angular
INFO: Load server rules
INFO: Load server rules (done) | time=96ms
INFO: Base dir: /data/jenkins/workspace/angular-pipeline-job/demo
INFO: Working dir: /data/jenkins/workspace/angular-pipeline-job/demo/.scannerwork
INFO: Source paths: src
INFO: Source encoding: UTF-8, default locale: en_US
INFO: Index files
INFO: 13 files indexed
INFO: Quality profile for ts: Sonar way
INFO: Sensor SonarTS [typescript]
INFO: Analyzing 8 typescript file(s) with the following configuration file /data/jenkins/workspace/angular-pipeline-job/demo/tsconfig.json
INFO: 8 files analyzed out of 8
INFO: Sensor SonarTS [typescript] (done) | time=16336ms
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=45ms
INFO: Sensor CPD Block Indexer
INFO: Sensor CPD Block Indexer (done) | time=2ms
INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
INFO: 5 files had no CPD blocks
INFO: Calculating CPD for 3 files
INFO: CPD calculation finished
INFO: Analysis report generated in 387ms, dir size=15 KB
INFO: Analysis reports compressed in 1878ms, zip size=14 KB
INFO: Analysis report uploaded in 772ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://192.168.31.242:9000/dashboard/index/angular
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://192.168.31.242:9000/api/ce/task?id=AW3uIXRZ5xxGRMjITaYs
INFO: Task total time: 26.987 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 30.227s
INFO: Final Memory: 8M/70M
INFO: ------------------------------------------------------------------------
/data/jenkins/workspace/angular-pipeline-job/demo #

执行结果如下所示

在这里插入图片描述
在这里插入图片描述

追记

后续发现,使用Sonar-Scanner 4.2 + SonarQuebe 6.7.1非常容易造成SonarQube服务的异常终止。所以SonarQube 6.7.1 仍建议使用Sonar-Scanner 3.2与之配合使用。详细可参看:

  • https://liumiaocn.blog.csdn.net/article/details/102772836

最后

以上就是平常金毛为你收集整理的使用SonarTS创建进行typescript代码质量扫描SonarQube Server端设定客户端typescript前端示例工程Sonar-Scanner使用示例常见问题执行示例追记的全部内容,希望文章能够帮你解决使用SonarTS创建进行typescript代码质量扫描SonarQube Server端设定客户端typescript前端示例工程Sonar-Scanner使用示例常见问题执行示例追记所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(60)

评论列表共有 0 条评论

立即
投稿
返回
顶部