We usually use OCLint tools to generate static code analysis reports and Slather to generate unit test coverage reports, but these reports are relatively simple. Sonar Qube shows the problems in the code in a visual way. This article will show how to use Sonar Qube to show O. CLint scanned report.
Installation software
This article takes Ubuntu 16.04 as an example to show how to install SonarQube. SonarQube runs on several things: JDK and MySQL, so you need to install these two things before installing SonarQube.
Install JDK and MySQL
Install JDK
- sudo add-apt-repository ppa:webupd8team/java
- sudo apt-get update
- sudo apt-get install oracle-java8-installer
After executing the above commands, enter java -version in the terminal. If the JDK version can be displayed properly, the installation will be successful.
Install MySQL
- sudo apt-get update
- sudo apt-get install mysql-server
- sudo mysql_secure_installation
After installation, input systemctl status mysql.service in the terminal. If you can output the following, the installation is successful:
Install SonarQube
Unzip the installation package to the installation directory
Installation package download address: https://www.sonarqube.org/downloads/
Create database and corresponding users
New database
- CREATE DATABASE sonar;
Create users and grant privileges
- CREATE USER 'sonar' IDENTIFIED BY 'sonar';
- GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
- GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
- FLUSH PRIVILEGES;
Configure database access parameters
Edit <install_directory>/conf/sonar.properties and configure the parameters according to the type of database used. MySQL database is selected here, so its user name, password and jdbc url need to be configured.
Configuring Web Server
Similarly edit <install_directory>/conf/sonar.properties to set the ip, port and access context of the Web Server host host.
sonar.web.host=192.0.0.1 sonar.web.port=80 sonar.web.context=/sonar
SonarQube can be started when the above configuration is complete:
- On Linux/Mac OS: bin/<YOUR OS>/sonar.sh start
- On Windows: bin/windows-x86-XX/StartSonar.bat
In practice, MySQL database can not be accessed. There are usually the following problems:
1. Users do not have permission, the weighted limit is enough.
mysql>GRANT ALL PRIVILEGES ON . TO 'sonar'@'%' IDENTIFIED BY 'sonar' WITH GRANT OPTION;
2. The default port 3306 only allows local access, modifying / etc/mysql/mysql.conf.d/mysqld.cnf
Note out bind-address = 127.0.0.1
After the above software is installed, SonarQube is built and entered into the browser. http://192.0.0.1/sonar SonarQube can be used to check code quality.
By default, SonarQube does not support scanning of Objective-C code quality. Official plug-ins require 3,000 euros per year, which is too expensive for ordinary developers. Github There are open source plug-ins. After downloading the source code, use Maven to compile and place the jar package in the <install_directory>/extensions/plugins directory. If you restart SonarQube, the installation will be successful if you can see the following in the system control panel.
Write scripts to generate OCLint reports and upload them to SonarQube
Software installation
Please refer to the software required by OCLint Static analysis of OCLint code The pmd files generated by OCLint need to be uploaded to SonarQube via sonar-scanner and downloaded at: https://github.com/SonarSource/sonar-scanner-cli/releases
To configure
sonar-project.properties
Add sonar-project.properties to the project root directory and configure it as follows:
########################## # Required configuration # ########################## sonar.projectKey=tztHuaTaiZLMobile sonar.projectName=tztHuaTaiZLMobile sonar.projectVersion=4.3.0 sonar.language=objc # Project description sonar.projectDescription=tztHuaTaiZLMobile # Path to source directories sonar.sources=tztHuaTaiZLMobile # Path to test directories (comment if no test) # sonar.tests=testSrcDir # Destination Simulator to run tests # As string expected in destination argument of xcodebuild command # Example = sonar.swift.simulator=platform=iOS Simulator,name=iPhone 6,OS=9.2 sonar.objectivec.simulator=iOS Simulator,name=iPhone 7,OS=10.3.1 # Xcode project configuration (.xcodeproj or .xcworkspace) # -> If you have a project: configure only sonar.objectivec.project # -> If you have a workspace: configure sonar.objectivec.workspace and sonar.objectivec.project # and use the later to specify which project(s) to include in the analysis (comma separated list) # sonar.objectivec.project=myApplication.xcodeproj sonar.objectivec.workspace=tztMobileApp_HTSC.xcworkspace # Scheme to build your application sonar.objectivec.appScheme=tztHuaTaiZLMobile # Scheme to build and run your tests (comment following line of you don't have any tests) # sonar.objectivec.testScheme=myApplicationTests ########################## # Optional configuration # ########################## # Encoding of the source code sonar.sourceEncoding=UTF-8 # JUnit report generated by run-sonar.sh is stored in sonar-reports/TEST-report.xml # Change it only if you generate the file on your own # The XML files have to be prefixed by TEST- otherwise they are not processed # sonar.junit.reportsPath=sonar-reports/ # Cobertura report generated by run-sonar.sh is stored in sonar-reports/coverage.xml # Change it only if you generate the file on your own # sonar.objectivec.coverage.reportPattern=sonar-reports/coverage*.xml # OCLint report generated by run-sonar.sh is stored in sonar-reports/oclint.xml # Change it only if you generate the file on your own sonar.objectivec.oclint.report=build/sonar-reports/oclint.xml # FauxPas report generated by run-sonar.sh is stored in sonar-reports/fauxpas.json # Change it only if you generate the file on your own # sonar.objectivec.fauxpas.report=sonar-reports/fauxpas.json # Paths to exclude from coverage report (tests, 3rd party libraries etc.) # sonar.objectivec.excludedPathsFromCoverage=pattern1,pattern2 sonar.objectivec.excludedPathsFromCoverage=.*Tests.*,.*Specs.* # Project SCM settings # sonar.scm.enabled=true # sonar.scm.url=scm:git:https://...
Write scripts to generate OCLint reports and upload SonarQube
Add the scripts directory to the project root directory and create new scripts under the directory. The scripts are as follows:
#!/bin/sh function testIsInstalled() { hash $1 2>/dev/null if [ $? -eq 1 ]; then echo >&2 "ERROR - $1 is not installed or not in your PATH"; exit 1; fi } echo "change to parent folder" cd .. echo "check xcodebuild, oclint installed is installed" testIsInstalled xcodebuild testIsInstalled xcpretty testIsInstalled oclint echo "xcodebuild clean" xcodebuild clean -workspace tztMobileApp_HTSC.xcworkspace \ -scheme tztHuaTaiZLMobile echo "xcodebuild analyze | tee xcodebuild.log | xcpretty --report json-compilation-database" xcodebuild -workspace tztMobileApp_HTSC.xcworkspace \ -configuration Debug \ -scheme tztHuaTaiZLMobile analyze | tee xcodebuild.log | \ xcpretty -r json-compilation-database echo "mv compilation_db.json compile_commands.json" mv ./build/reports/compilation_db.json ./compile_commands.json echo "check folder existence" if [ ! -d "build/sonar-reports" ]; then mkdir -p build/sonar-reports fi echo "oclint-json-compilation-database" oclint-json-compilation-database \ -v \ -- \ -report-type pmd -o build/sonar-reports/oclint.xml \ -max-priority-1=99999 -max-priority-2=99999 -max-priority-3=99999 \ -rc LONG_METHOD=300 \ -rc LONG_VARIABLE_NAME=50 \ -rc LONG_CLASS=3000 \ -rc NCSS_METHOD=300 \ -rc NESTED_BLOCK_DEPTH=8 \ echo "upload generated oclint report to sonar qube server" sonar-scanner -X echo "clean up" rm -rf .scannerwork rm -rf xcodebuild.log rm -rf compile_commands.json rm -rf build/sonar-reports/oclint.xml