OClint是针对C, C++及Objective C代码的静态扫描分析工具,而SonarQube是一个开源的代码质量管理平台。本文将实现将OClint的扫描结果导入到SonarQube中,已实现对Objective C代码质量的管理。
操作系统:
Mac OS X 10.9
所需工具:
- SonarQube : sonarqube-4.4 - http://www.sonarqube.org/downloads/
- Sonar Runner : sonar-runner-dist-2.4 - http://www.sonarqube.org/downloads/
- MySQL 5.x : 5.0.90 MySQL Community Server (GPL) - http://dev.mysql.com/downloads/mysql/
- OClint : oclint-0.9.dev.5f3418c - http://oclint.org/downloads.html选择mac os x或者darwin的包
- xcodebuild: Xcode 5.x - https://developer.apple.com/xcode/downloads/
所需组件:
Sonar Plugin for Objective C
可以直接下载sonar-objective-c-plugin-0.3.2-SNAPSHOT.jar
也可以在https://github.com/octo-technology/sonar-objective-c/tree/oclint 下载源码,并执行其中的build-and-deploy.sh编译
环境搭建:
- 下载并安装MySQL;
- 创建sonar数据库及用户;
CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'sonar' IDENTIFIED BY 'sonar';
GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
FLUSH PRIVILEGES;
3. 下载并解压SonarQube (例如:"/etc/sonarqube")
4. 将sonar-objective-c-plugin-0.3.2-SNAPSHOT.jar放到SonarQube的扩展插件目录下 (例如:"/etc/sonarqube/extensions/plugins")
5. 配置sonar.properties (例如:"/etc/sonarqube/conf")
|
1
2
3
4
5
6
7
|
# H2 embedded database server listening port, defaults to 9092#sonar.embeddedDatabase.port=9092#----- MySQL 5.x# Comment the embedded database and uncomment the following line to use MySQLsonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true |
6. 启动SonarQube服务器
$ /etc/sonarqube/bin/macosx-universal-64/sonar.sh console Running SonarQube... wrapper | --> Wrapper Started as Console wrapper | Launching a JVM... jvm 1 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved. jvm 1 | jvm 1 | 2014.09.06 14:45:53 INFO Web server is started
7. 测试SonarQube
http://localhost:9000/
8. 下载并解压Sonar Runner (例如:"/etc/sonar-runner")
9. 配置Sonar Runner下的sonar-runner.properties (例如:"/etc/sonar-runner/conf/ sonar-runner.properties")
#----- Default SonarQube server sonar.host.url=http://localhost:9000 #----- MySQL sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8 #----- Global database settings sonar.jdbc.username=sonar sonar.jdbc.password=sonar
10. 下载并解压OClint(例如:"/etc/oclint")
11. 测试OClint
$ /etc/oclint/bin/oclint oclint: Not enough positional command line arguments specified! Must specify at least 1 positional arguments: See: oclint -help
12. 测试xcodebuild
$ xcodebuild -version Xcode 5.0.2 Build version 5A3005
扫描代码:
- 在bash中进入代码目录(.xcodeproj文件所在目录), 执行 xcodebuild | tee xcodebuild.log
- 在bash中执行 oclint-xcodebuild xcodebuild.log
- 在bash中执行oclint-json-compilation-database -- -report-type pmd -o sonar-reports/oclint.xml。
- 将sonar-project.properties存放到代码目录中,根据具体情况编辑对应的项,需要特别注意其中的sonar.objectivec.project和sonar.objectivec.appScheme
########################## # Required configuration # ########################## sonar.projectKey=my-project sonar.projectName=My project sonar.projectVersion=1.0 sonar.language=objc # Project description sonar.projectDescription=Fake description # Path to source directories sonar.sources=srcDir1,srcDir2 # Xcode project configuration (.xcodeproj or .xcworkspace) # -> If you have a project: configure only sonar.objectivec.project # -> If you have a workspace: configure sonar.objectivec.workspace and sonar.objectivec.project # and use the later to specify which project(s) to include in the analysis (comma separated list) sonar.objectivec.project=myApplication.xcodeproj # sonar.objectivec.workspace=myApplication.xcworkspace # Scheme to build your application sonar.objectivec.appScheme=myApplication # Scheme to build and run your tests (comment following line of you don't have any tests) sonar.objectivec.testScheme=myApplicationTests ########################## # Optional configuration # ########################## # Encoding of the source code sonar.sourceEncoding=UTF-8 # JUnit report generated by run-sonar.sh is stored in sonar-reports/TEST-report.xml # Change it only if you generate the file on your own # The XML files have to be prefixed by TEST- otherwise they are not processed # sonar.junit.reportsPath=sonar-reports/ # Cobertura report generated by run-sonar.sh is stored in sonar-reports/coverage.xml # Change it only if you generate the file on your own # sonar.objectivec.coverage.reportPattern=sonar-reports/coverage*.xml # OCLint report generated by run-sonar.sh is stored in sonar-reports/oclint.xml # Change it only if you generate the file on your own # sonar.objectivec.oclint.report=sonar-reports/oclint.xml # Paths to exclude from coverage report (tests, 3rd party libraries etc.) # sonar.objectivec.excludedPathsFromCoverage=pattern1,pattern2 sonar.objectivec.excludedPathsFromCoverage=.*Tests.*
6. 在bash中执行Sonar Runner
/etc/sonar-runner/bin/sonar-runer.sh
7. 在SonarQube中查看结果
http://localhost:9000/
异常情况处理:
- 如果执行/etc/sonar-runner/bin/sonar-runer.sh 失败,提示错误:
RROR: Error during Sonar runner execution ERROR: Unable to execute Sonar ERROR: Caused by: You must install a plugin that supports the language 'objc' ERROR: ERROR: To see the full stack trace of the errors, re-run SonarQube Runner with the -e switch. ERROR: Re-run SonarQube Runner using the -X switch to enable full debug logging.
说明sonar-objective-c-plugin-0.3.2-SNAPSHOT.jar没有加载到/etc/sonarqube/extensions/plugins
2. 如果执行/etc/sonar-runner/bin/sonar-runer.sh 失败,提示错误:
ERROR: Error during Sonar runner execution ERROR: Unable to execute Sonar ERROR: Caused by: The rule 'OCLint:switch statements don't need default when fully covered' does not exist. ERROR: ERROR: To see the full stack trace of the errors, re-run SonarQube Runner with the -e switch. ERROR: Re-run SonarQube Runner using the -X switch to enable full debug logging.
错误提示 The rule ‘XXX’ does not exist说明Oclint扫描出来的问题在Sonar Plugin for Objective C(sonar-objective-c-plugin-0.3.2-SNAPSHOT.jar)的规则定义中不存在,这时候只能把规则追加到Sonar Plugin for Objective C中,并重新编译jar包。追加规则的方法为:
编辑sonar-objective-c-master/src/main/resources/org/sonar/plugins/oclint下的 profile-oclint.xml和rules.txt
例如上面的错误,将下面的代码加入profile-oclint.xml
<rule>
<repositoryKey>OCLint</repositoryKey>
<key>switch statements don't need default when fully covered</key>
</rule>
将下面的代码加入rules.txt(注意在0.3.2版本中Priority和Severity不能超过3,否则编译出来的jar包会造成SonarQube服务器无法启动)
switch statements don't need default when fully covered ---------- Summary: Priority: 3 Severity: 3 Category: OCLint
最后需要重启SonarQube服务器
/etc/sonarqube/bin/macosx-universal-64/sonar.sh restart
3. 如果执行/etc/sonarqube/bin/macosx-universal-64/sonar.sh console失败,提示错误:
wrapper | --> Wrapper Started as Console wrapper | Launching a JVM... jvm 1 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved. jvm 1 | wrapper | <-- Wrapper Stopped
同时在/etc/sonarqube/bin/macosx-universal-64/中生成wrapper.log文件,并提示无法找到配置文件,则由可能是追击规则后重新编译过的sonar-objective-c-plugin-0.3.2-SNAPSHOT.jar文件出错,特别是rules.txt 中某一项的Priority和Severity超过了3