搭建sonarqube分析golang代碼

準備postgres

爲何不使用Mysql呢，由於從7.9就不支持了

docker啓動postgres

docker run -d \
    --name sonar-postgres \
    -e POSTGRES_PASSWORD=postgres \
    -e PGDATA=/var/lib/postgresql/data/pgdata \
    -v /custom/mount:/var/lib/postgresql/data \
    postgres

安裝客戶端psql，經過yum安裝postgresql-server會附帶安裝psql。也能夠安裝pgAdmin。

yum install postgresql-server

鏈接到服務器

psql -h localhost -U postgres -W

建立數據庫

postgres=# CREATE DATABASE sonarqube WITH OWNER=postgres ENCODING='UTF8' CONNECTION LIMIT=-1;
CREATE DATABASE

postgres=# \l
                                 List of databases
   Name    |  Owner   | Encoding |  Collate   |   Ctype    |   Access privileges   
-----------+----------+----------+------------+------------+-----------------------
 postgres  | postgres | UTF8     | en_US.utf8 | en_US.utf8 | 
 sonarqube | postgres | UTF8     | en_US.utf8 | en_US.utf8 | 
 template0 | postgres | UTF8     | en_US.utf8 | en_US.utf8 | =c/postgres          +
           |          |          |            |            | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.utf8 | en_US.utf8 | =c/postgres          +
           |          |          |            |            | postgres=CTc/postgres
(4 rows)

docker啓動sonarqube

先建立幾個volume用於存儲數據

docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs

更改一些系統參數

sysctl -w vm.max_map_count=262144
sysctl -w fs.file-max=65536
ulimit -n 65536
ulimit -u 4096

若是不設置可能會出現錯誤：vm.max_map_count 65530 is too low

2020.07.09 10:33:43 INFO  es[][o.e.n.Node] initialized
2020.07.09 10:33:43 INFO  es[][o.e.n.Node] starting ...
2020.07.09 10:33:44 INFO  es[][o.e.t.TransportService] publish_address {127.0.0.1:9001}, bound_addresses {127.0.0.1:9001}
2020.07.09 10:33:44 INFO  es[][o.e.b.BootstrapChecks] explicitly enforcing bootstrap checks
ERROR: [1] bootstrap checks failed
[1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] stopping ...
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] stopped
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] closing ...
2020.07.09 10:33:44 INFO  es[][o.e.n.Node] closed

啓動sonarqube

docker run -d --name sonarqube \
    -p 9000:9000 \
    --link sonar-postgres \
    -e SONAR_JDBC_URL=jdbc:postgresql://sonar-postgres/sonarqube \
    -e SONAR_JDBC_USERNAME=postgres \
    -e SONAR_JDBC_PASSWORD=postgres \
    -v sonarqube_data:/opt/sonarqube/data \
    -v sonarqube_extensions:/opt/sonarqube/extensions \
    -v sonarqube_logs:/opt/sonarqube/logs \
    sonarqube:8.3.1-community

原本是要使用8.4的，可是是由於有個BUG就放棄了。該BUG會在8.4.1修改。

建立項目

訪問服務地址http://localhost:9000/，而後登陸界面，用戶名admin，密碼admin登陸。

安裝中文包

建立項目

建立令牌

使用golangci-lint分析代碼

golangci-lint聚合了不少工具，下面只是做爲演示，具體請查看官網。
在項目根目錄下新建文件.golangci.yml。具體示例可查看https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml

# example link : https://github.com/golangci/golangci-lint/blob/master/.golangci.example.yml
run:
  timeout: 1m
  skip-dirs-use-default: true

linters-settings:
  dupl:
    # tokens count to trigger issue, 150 by default
    threshold: 100

linters:
  enable:
    - dupl
    - golint

使用docker鏡像生成xml格式的分析文件，出處請見

$ mkdir sonar
$ docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.27.0 golangci-lint run -v --out-format checkstyle > sonar/golangcilint.xml
level=info msg="[config_reader] Config search paths: [./ /app /]"
level=info msg="[config_reader] Used config file .golangci.yml"
level=info msg="[lintersdb] Active 12 linters: [deadcode dupl errcheck golint gosimple govet ineffassign staticcheck structcheck typecheck unused varcheck]"
............
level=info msg="[runner] linters took 6.693839801s with stages: goanalysis_metalinter: 6.412033368s, unused: 267.37634ms"
level=info msg="File cache stats: 9 entries of total size 25.5KiB"
level=info msg="Memory: 145 samples, avg is 153.5MB, max is 339.1MB"
level=info msg="Execution took 14.475792265s"

sonar客戶端掃描

在項目根目錄新建一個名爲sonar-project.properties的文件

# must be unique in a given SonarQube instance
sonar.projectKey=test
sonar.projectName=test

sonar.host.url=http://localhost:9000

sonar.sources=.
sonar.exclusions=**/*_test.go,**/vendor/**

sonar.tests=.
sonar.test.inclusions=**/*_test.go
sonar.test.exclusions=**/vendor/**

sonar.sourceEncoding=UTF-8

sonar.go.golangci-lint.reportPaths=sonar/golangcilint.xml

docker執行掃描客戶端

$ docker run --rm -v $(pwd):/usr/src sonarsource/sonar-scanner-cli
......
INFO: Analysis total time: 4.980 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 8.382s
INFO: Final Memory: 13M/50M
INFO: ------------------------------------------------------------------------

查看分析結果

訪問 http://localhost:9000 查看test項目，就能夠看到有問題的代碼了。