当前位置:网站首页>Play sonar

Play sonar

2022-07-08 00:14:00 InfoQ

Reprinted from : https://taosha.club/topic/61c2c6e9d59b034e2c167a54

Sonar Introduce

Sonar  Is an open platform for code quality management . Through plug-in mechanism ,Sonar  Different test tools can be integrated , Code analysis tools , And continuous integration tools . Tools for continuous integration with ( for example  
Hudson/Jenkins  etc.
) Different ,Sonar  It's not about simply checking the results of different code checking tools ( for example  
FindBugs,PMD
  etc. ) Display directly in  Web  On the page , It reprocesses these results through different plug-ins , Measure changes in code quality in a quantitative way , Therefore, it is convenient to manage the code quality of different scale and types of projects .

In terms of support for other tools ,Sonar  It not only provides  
IDE
  Support for , Can be in  
Eclipse
and  
IntelliJ IDEA
  Check the results online in these tools ; meanwhile  Sonar  It also provides interface support for a large number of continuous integration tools , Easy to use in continuous integration  Sonar.

Besides ,Sonar  The plug-in of  
Java
  Support for programming languages other than , Good support for internationalization and report documentation .

A term is used to explain

See : https://docs.sonarqube.org/latest/user-guide/rules/

  • Code Smell (Maintainability domain)
  • Bug (Reliability domain)
  • Vulnerability (Security domain)
  • Security Hotspot (Security domain)


Local installation Sonar plug-in unit

idea install SonarLint plug-in unit ,  Rules and SonarQube On the platform jetbrains Plug-in address : https://plugins.jetbrains.com/plugin/7973-sonarlint

The system integration mode recommended by the official website

  • Developers' code is in their own IDE And use SonarLint Run partial analysis .
  • Developers push their code to their favorite supply chain management :GIT,SVN......
  • Continuous integration server triggers automatic build and SonarQube Scanner operation SonarQube Analyze the execution required .
  • The analysis report is sent to SonarQube The server does the processing .
  • SonarQube Server processing and storage analysis reports lead to SonarQube database , And show the results in UI in .
  • Developer review , Comment on , Challenge their management , And pass SonarQube UI Reduce their technical debt problems .
  • The development manager receives the analysis report . OPS Use API from SonarQube Automatically configure and extract data . OPS Use JMX To monitor SonarQube The server .

null

Q&A

  • Which branch does a project analyze , Can only administrators control , If multiple developers are developing multiple branches , Want to analyze different branches respectively , What to do ?
  • What is the current mechanism for submitting analysis ?
  • Is there a notification mechanism after successful submission ?
  • How to integrate the coverage of unit tests into SonarQube On ?
  • Is there any code that has no actual bad impact on the business , stay sonar Can we customize the rules , Remove these odors or display modifications
原网站

版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/189/202207072211457420.html

边栏推荐

猜你喜欢

随机推荐