Mac-Sonar系统配置可以参考Mac-Sonar系统配置

一、JS/Java代码扫描配置

1、在sonar创建项目


2、在项目根目录创建sonar-project.properties

2.1 js 的项目配置

js/sonar-project.properties

# 项目key配置sonar.projectKey=com.xx.jstest
# 项目工程名称sonar.projectName=jstest
# 工程版本号
sonar.projectVersion=1.0
# 需要扫描的目录,也可以是制定文件'src/person2.js,src/person3.js'
sonar.sources=src
# sonar地址,sonar-scanner中配置了就行,此处配不配置都行
#sonar.host.url=http://127.0.0.1:9000# 不设置则默认分析多种语言, 此处为js
sonar.language = js

2.2 Android 的项目配置

android/sonar-project.properties

# 项目key配置
sonar.projectKey=com.xx.android
# 项目名称
sonar.projectName=android
# 工程版本号
sonar.projectVersion=1.0# 需要扫描的目录,也可以是制定文件
sonar.sources=app/src/main/java/com/example/zw/androidlearndemo/MainActivity.java
# 二进制文件
sonar.java.binaries=app/build/intermediates# sonar地址,sonar-scanner中配置了就行,此处配不配置都行
#sonar.host.url=http://127.0.0.1:9000# 不设置则默认分析多种语言
sonar.language = java

3、进入项目根目录执行

sonar-scanner

二、 iOS 代码扫描配置

1、iOS 代码扫描需要一些工具

1.1、OCLint 的下载和安装(Issues-代码规则)

brew tap oclint/formulae
brew install oclint

1.2、xcpretty(Tests-测试)
xctool现已被xcodebuild和xcpretty取代
安装步骤如下

git clone [https://github.com/Backelite/xcpretty.git](https://github.com/Backelite/xcpretty.git)  --找一个文件夹存放xcpretty的源码
cd xcpretty
git checkout fix/duration_of_failed_tests_workaround
gem build xcpretty.gemspec
sudo gem install --both xcpretty-0.2.2.gem

1.3、slather (Code coverage-代码覆盖率)
要求安装版本高于 2.1.0 (Xcode7之前的版本使用gcovr,Xcode7以后选用 slather
)

gem install slather --如果ruby版本低于2.1.0,则需要更新ruby

1.4、lizard(Complexity-复杂性)
lizard(ci上的版本1.12.15)

sudo pip install lizard

2、 iOS 的项目配置

ios/sonar-project.properties

# 目录名称最好和项目名称保持一致 Test -> Test.xcodeproj,否则会出现检测不出来问题代码的问题
sonar.projectKey=com.xx.ios
# 决定了在sonar服务器上显示的名称
sonar.projectName=ios
sonar.projectVersion=1.0
sonar.language=objc# Project description
sonar.projectDescription=Fake description# Path to source directories 工程文件目录, 也可以是制定文件
sonar.sources=ios/ViewController.h,ios/ViewController.m
# Path to test directories (comment if no test) 测试文件目录
#sonar.tests=#sonar.objectivec.simulator=platform=iOS Simulator,name=iPhone 6,OS=9.2# 二选一
sonar.objectivec.project=ios.xcodeproj
#sonar.objectivec.workspace=xx.xcworkspace# Scheme to build your application
sonar.objectivec.appScheme=ios
# Scheme to build and run your tests (comment following line of you don't have any tests)
sonar.objectivec.testScheme=iosTests# Encoding of the source code
sonar.sourceEncoding=UTF-8# JUnit report generated by run-sonar.sh is stored in sonar-reports/TEST-report.xml
# Change it only if you generate the file on your own
# The XML files have to be prefixed by TEST- otherwise they are not processed
# sonar.junit.reportsPath=sonar-reports/
#sonar.objectivec.junit.reportsPath=TEST-report.xml# Cobertura report generated by run-sonar.sh is stored in sonar-reports/coverage.xml
# Change it only if you generate the file on your own
#sonar.objectivec.coverage.reportPattern=sonar-reports/coverage.xml
#sonar.objectivec.cobertura.reportPath=sonar-reports/coverage-SuYun.xml# OCLint report generated by run-sonar.sh is stored in sonar-reports/oclint.xml
# Change it only if you generate the file on your own
#sonar.objectivec.oclint.reportPath=sonar-reports/oclint.xml
sonar.objectivec.oclint.report=build/sonar-reports/oclint.xml# Paths to exclude from coverage report (tests, 3rd party libraries etc.)
# sonar.objectivec.excludedPathsFromCoverage=pattern1,pattern2
# 排除的路径,使用正则匹配
sonar.objectivec.excludedPathsFromCoverage=.*Tests.*,.*Specs.*
#,*.plist,*.json,.*Specs.*# Project SCM settings
#sonar.scm.enabled=true
# sonar.scm.url=scm:git:https://...
# sonar地址,sonar-scanner中配置了就行,此处配不配置都行
#sonar.host.url=http://127.0.0.1:9000#sonar.scm.provider=svn

3、 执行检查

run-sonar.sh

#!/bin/bash
## INSTALLATION: script to copy in your Xcode project in the same directory as the .xcodeproj file
## USAGE: ./run-sonar.sh
## DEBUG: ./run-sonar.sh -v
## WARNING: edit your project parameters in sonar-project.properties rather than modifying this script
#trap "echo 'Script interrupted by Ctrl+C'; stopProgress; exit 1" SIGHUP SIGINT SIGTERMfunction startProgress() {while truedoecho -n "."sleep 5done
}function stopProgress() {if [ "$vflag" = "" -a "$nflag" = "" ]; thenkill $PROGRESS_PID &>/dev/nullfi
}function testIsInstalled() {hash $1 2>/dev/nullif [ $? -eq 1 ]; thenecho >&2 "ERROR - $1 is not installed or not in your PATH"; exit 1;fi
}function readParameter() {variable=$1shiftparameter=$1shifteval $variable="\"$(sed '/^\#/d' sonar-project.properties | grep $parameter | tail -n 1 | cut -d '=' -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')\""
}# Run a set of commands with logging and error handling
function runCommand() {# 1st arg: redirect stdout # 2nd arg: command to run# 3rd..nth arg: argsredirect=$1shiftcommand=$1shiftif [ "$nflag" = "on" ]; then# don't execute command, just echo itechoif [ "$redirect" = "/dev/stdout" ]; then    if [ "$vflag" = "on" ]; thenecho "+" $command "$@"elseecho "+" $command "$@" "> /dev/null"fielif [ "$redirect" != "no" ]; thenecho "+" $command "$@" "> $redirect"elseecho "+" $command "$@"fielif [ "$vflag" = "on" ]; thenechoif [ "$redirect" = "/dev/stdout" ]; then  set -x #echo on$command "$@"returnValue=$?  set +x #echo off           elif [ "$redirect" != "no" ]; thenset -x #echo on$command "$@" > $redirectreturnValue=$?    set +x #echo off           elseset -x #echo on$command "$@"returnValue=$?  set +x #echo off           fiif [[ $returnValue != 0 && $returnValue != 5 ]] ; thenstopProgressecho "ERROR - Command '$command $@' failed with error code: $returnValue"exit $returnValuefielseecho "--------------------------------"echo $commandecho "$@"if [ "$redirect" = "/dev/stdout" ]; then  $command "$@" > /dev/nullelif [ "$redirect" != "no" ]; then$command "$@" > $redirectelse$command "$@"fireturnValue=$?if [[ $returnValue != 0 && $returnValue != 5 ]] ; thenstopProgressecho "ERROR - Command '$command $@' failed with error code: $returnValue"exit $?fiecho   fi
}## COMMAND LINE OPTIONS
vflag=""
nflag=""
oclint="on"
while [ $# -gt 0 ]
docase "$1" in-v) vflag=on;;-n) nflag=on;;-nooclint) oclint="";;     --) shift; break;;-*)echo >&2 "Usage: $0 [-v]"exit 1;;*)   break;;     # terminate while loopesacshift
done# Usage OK
echo "Running run-sonar.sh..."## CHECK PREREQUISITES# xctool, gcovr and oclint installed
# testIsInstalled xctool
testIsInstalled xcpretty
#testIsInstalled gcovr
testIsInstalled oclint# sonar-project.properties in current directory
if [ ! -f sonar-project.properties ]; thenecho >&2 "ERROR - No sonar-project.properties in current directory"; exit 1;
fi## READ PARAMETERS from sonar-project.properties# Your .xcworkspace/.xcodeproj filename
workspaceFile=''; readParameter workspaceFile 'sonar.objectivec.workspace'
projectFile=''; readParameter projectFile 'sonar.objectivec.project'
# Source directories for .h/.m files
srcDirs=''; readParameter srcDirs 'sonar.sources'
# The name of your application scheme in Xcode
appScheme=''; readParameter appScheme 'sonar.objectivec.appScheme'# The name of your test scheme in Xcode
testScheme=''; readParameter testScheme 'sonar.objectivec.testScheme'
# The file patterns to exclude from coverage report
excludedPathsFromCoverage=''; readParameter excludedPathsFromCoverage 'sonar.objectivec.excludedPathsFromCoverage'if [ "$vflag" = "on" ]; thenecho "Xcode workspace file is: $workspaceFile"echo "Xcode project file is: $projectFile"echo "Xcode application scheme is: $appScheme"echo "Xcode test scheme is: $testScheme"echo "Excluded paths from coverage are: $excludedPathsFromCoverage"
fiif [[ $projectFile != "" ]]; then#statements# 设置XCode的签名方式为手动签名echo "-----设置自动签名, projectFile: $projectFile \n"sed -i "" "s%\ProvisioningStyle.*%\ProvisioningStyle = Manual;%g" "${projectFile}/project.pbxproj"# 删除TeamID设置sed -i "" "s%\DevelopmentTeam.*%\ %g" "${projectFile}/project.pbxproj"sed -i "" "s%\DEVELOPMENT_TEAM.*%\ %g" "${projectFile}/project.pbxproj"
fiif [[ "$workspaceFile" != "" ]] ; then# 17/03/01 修改: 将证书描述文件设置改成模拟器设置xcodebuildCmdPrefix="xcodebuild -workspace $workspaceFile -scheme ${appScheme} -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 6' ONLY_ACTIVE_ARCH=NO -configuration Release "
elsexcodebuildCmdPrefix="xcodebuild -project $projectFile -scheme ${appScheme} -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 6' ONLY_ACTIVE_ARCH=NO -configuration Release"
fi  # Check for mandatory parameters
if [ -z "$projectFile" -o "$projectFile" = " " ]; thenif [ ! -z "$workspaceFile" -a "$workspaceFile" != " " ]; thenecho >&2 "ERROR - sonar.objectivec.project parameter is missing in sonar-project.properties. You must specify which projects (comma-separated list) are application code within the workspace $workspaceFile."elseecho >&2 "ERROR - sonar.objectivec.project parameter is missing in sonar-project.properties (name of your .xcodeproj)"fiexit 1
fi
if [ -z "$srcDirs" -o "$srcDirs" = " " ]; thenecho >&2 "ERROR - sonar.sources parameter is missing in sonar-project.properties. You must specify which directories contain your .h/.m source files (comma-separated list)."exit 1
fi
if [ -z "$appScheme" -o "$appScheme" = " " ]; thenecho >&2 "ERROR - sonar.objectivec.appScheme parameter is missing in sonar-project.properties. You must specify which scheme is used to build your application."exit 1
fi## SCRIPT# Start progress indicator in the background
if [ "$vflag" = "" -a "$nflag" = "" ]; thenstartProgress &# Save PIDPROGRESS_PID=$!
fi# Create sonar-reports/ for reports output
if [[ ! (-d "build/sonar-reports") && ("$nflag" != "on") ]]; thenif [ "$vflag" = "on" ]; thenecho 'Creating directory sonar-reports/'fimkdir build/sonar-reportsif [[ $? != 0 ]] ; thenstopProgressexit $?fi
fi# Extracting project information needed later
echo -n 'Extracting Xcode project information'
#runCommand /dev/stdout $xctoolCmdPrefix -scheme "$appScheme" clean
#runCommand /dev/stdout $xctoolCmdPrefix -scheme "$appScheme" -reporter json-compilation-database:compile_commands.json build
#runCommand /dev/stdout $xcodebuildCmdPrefix cleanxcodebuild cleanexport LC_ALL="en_US.UTF-8"
if [[ "$workspaceFile" != "" ]] ; thenxcodebuild -workspace "${workspaceFile}" -scheme "${appScheme}" -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 6' ONLY_ACTIVE_ARCH=NO -configuration Release  build | tee xcodebuild.log | xcpretty -r json-compilation-database --output compile_commands.json
elseecho "${projectFile}--${appScheme}"xcodebuild -project "${projectFile}" -scheme "${appScheme}" -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 6' ONLY_ACTIVE_ARCH=NO -configuration Release  build | tee xcodebuild.log | xcpretty -r json-compilation-database --output compile_commands.json
fi#  ---- 单元测试 与 覆盖率 部分 ----
# Unit tests and coverage
# if [ "$testScheme" = "" ]; then
#   echo 'Skipping tests as no test scheme has been provided!'#   # Put default xml files with no tests and no coverage...
#   echo "<?xml version='1.0' encoding='UTF-8' standalone='yes'?><testsuites name='AllTestUnits'></testsuites>" > sonar-reports/TEST-report.xml
#   echo "<?xml version='1.0' ?><!DOCTYPE coverage SYSTEM 'http://cobertura.sourceforge.net/xml/coverage-03.dtd'><coverage><sources></sources><packages></packages></coverage>" > sonar-reports/coverage.xml
# else#     echo -n 'Running tests using xctool'
#   # runCommand sonar-reports/TEST-report.xml $xctoolCmdPrefix -scheme "$testScheme" -reporter junit GCC_GENERATE_TEST_COVERAGE_FILES=YES GCC_INSTRUMENT_PROGRAM_FLOW_ARCS=YES test
#   # ctf:这个命令出错, 用下面的命令代替
#   $xctoolCmdPrefix -scheme "$testScheme" -reporter junit:TEST-report.xml GCC_GENERATE_TEST_COVERAGE_FILES=YES GCC_INSTRUMENT_PROGRAM_FLOW_ARCS=YES test#  echo -n 'Computing coverage report'#  # We do it for every xcodeproject (in case of workspaces)#  # Extract the path to the .gcno/.gcda coverage files
#   echo $projectFile | sed -n 1'p' | tr ',' '\n' > tmpFileRunSonarSh
#   while read projectName; do#         coverageFilesPath=$(grep 'command' compile_commands.json | sed 's#^.*-o \\/#\/#;s#",##' | grep "${projectName%%.*}.build" | awk 'NR<2' | sed 's/\\\//\//g' | sed 's/\\\\//g' | xargs -0 dirname)
#       if [ "$vflag" = "on" ]; then
#           echo
#           echo "Path for .gcno/.gcda coverage files is: $coverageFilesPath"
#       fi#         # Build the --exclude flags
#       excludedCommandLineFlags=""
#       if [ ! -z "$excludedPathsFromCoverage" -a "$excludedPathsFromCoverage" != " " ]; then
#           echo $excludedPathsFromCoverage | sed -n 1'p' | tr ',' '\n' > tmpFileRunSonarSh2
#           while read word; do
#               excludedCommandLineFlags+=" --exclude $word"
#           done < tmpFileRunSonarSh2
#           rm -rf tmpFileRunSonarSh2
#       fi
#       if [ "$vflag" = "on" ]; then
#           echo "Command line exclusion flags for gcovr is:$excludedCommandLineFlags"
#       fi#         # Run gcovr with the right options
#       echo "coverageFilesPath is: $coverageFilesPath"
#       echo "excludedCommandLineFlags is: $excludedCommandLineFlags"
#       runCommand "sonar-reports/coverage-${projectName%%.*}.xml" gcovr -r . "$coverageFilesPath" $excludedCommandLineFlags --xml #    done < tmpFileRunSonarSh
#   rm -rf tmpFileRunSonarSh# fi#  ---- 单元测试 与 覆盖率 部分 ----  if [ "$oclint" = "on" ]; then# OCLintecho -n 'Running OCLint...'# Build the --include flagscurrentDirectory=${PWD##*/}includedCommandLineFlags=""echo "$srcDirs" | sed -n 1'p' | tr ',' '\n' > tmpFileRunSonarShwhile read word; doincludedCommandLineFlags+=" --include .*/${currentDirectory}/${word}"done < tmpFileRunSonarShrm -rf tmpFileRunSonarShif [ "$vflag" = "on" ]; thenechoecho -n "Path included in oclint analysis is:$includedCommandLineFlags"fi# Run OCLint with the right set of compiler optionsmaxPriority=10000# runCommand no oclint-json-compilation-database $includedCommandLineFlags -- -max-priority-1 $maxPriority -max-priority-2 $maxPriority -max-priority-3 $maxPriority -rc LONG_LINE=150 -report-type pmd -o sonar-reports/oclint.xmloclint-json-compilation-database \-v \-- \-report-type pmd -o build/sonar-reports/oclint.xml \-max-priority-1=10000 -max-priority-2=10000 -max-priority-3=10000 \-rc LONG_METHOD=300 \-rc LONG_VARIABLE_NAME=50 \-rc LONG_CLASS=3000 \-rc NCSS_METHOD=300 \-rc NESTED_BLOCK_DEPTH=8 \#oclint-json-compilation-database -e Pods -- -stats -verbose -report-type=html -o=oclint.html -max-priority-1=99999 -max-priority-2=99999 -max-priority-3=99999 -rc LONG_LINE=200 -rc LONG_METHOD=100 -rc LONG_VARIABLE_NAME=40 -disable-rule=BrokenOddnessCheck -disable-rule=VerifyProhibitedCall -disable-rule=VerifyProtectedMethod -disable-rule=SubclassMustImplement -disable-rule=BaseClassDestructorShouldBeVirtualOrProtected -disable-rule=DestructorOfVirtualClass -disable-rule=ParameterReassignment -disable-rule=AvoidDefaultArgumentsOnVirtualMethods -disable-rule=AvoidPrivateStaticMembers -disable-rule=TooManyParameterselseecho 'Skipping OCLint (test purposes only!)'
fi# SonarQube
echo -n 'Running SonarQube using sonar-scanner'
#runCommand /dev/stdout sonar-runner
sonar-scanner# Kill progress indicator
stopProgressexit 0

直接进入项目根目录执行 sh run-sonar.sh即可

最后感谢大佬的帮助: https://github.com/ChenTF/iOS-sonarShell

Mac-Sonar系统执行代码分析相关推荐

  1. 安全态势感知系统java_代码分析平台CodeQL学习手记(十三) - 嘶吼 RoarTalk – 回归最本质的信息安全,互联网安全新媒体,4hou.com...

    在前面的文章中,我们为读者详细介绍了如何通过CodeQL平台的Visual Studio Code插件,即CodeQL for VS Code在本地编写和运行查询,并直接在工作区中展示查询结果,以及如 ...

  2. C语言项目 电话查询系统 哈希表实现(项目要求 + 运行界面 + 代码分析 + 完整代码)

    电话查询系统 1. 项目要求 2. 数据样例 3. 运行界面 4. 代码分析 5. 完整代码 6. 项目报告 关注博主不迷路,博主带你码代码! 1. 项目要求 设每个记录有以下数据项:用户名.电话.地 ...

  3. 你不知道的常用 代码分析 规范

    visual studio有个功能,代码分析,一般开发完毕后,除了处理常规的"错误列表"显示的"错误"和"警告",我们更加应该注意的是,运行 ...

  4. REC代码及命令执行代码全解

    REC代码及命令执行代码全解 ​ 在Web应用中有时候程序员为了考虑灵活性.简洁性,会在代码调用代码或命令执行函数去处理.比如当应用在调用一些能将字符串转化成代码的函数时,没有考虑用户是否能控制这个字 ...

  5. 使用VS2010代码分析功能增强ASP.NET应“.NET研究”用程序安全

    任何从事ASP.NET开发的人都不得不承认,在其职业生涯中曾经遇到过应用程序安全问题,开发人员常常被迫尽快交付代码,平台的复杂性和各种配置选项让应用程序的安全总达不到预期,此外,调试和生产环境的配置要 ...

  6. vs 2015 C 语言,VS2015中C/C++代码分析

    VS2015中C/C++代码分析 03/31/2015 8 分钟可看完 本文内容 [原文发表时间]:2015/2/24 1:00 PM 来自 Joe Morris & Jim Springfi ...

  7. Android系统手机开机画面各个阶段代码执行流程分析(Part1)

    提到Android系统的UI,我们最先接触到的便是系统在启动过程中所出现的画面了.Android系统在启动的过程中,最多可以出现三个画面,每一个画面都用来描述一个不同的启动阶段.本文将详细分析这三个开 ...

  8. ecshop 解密index.php,ECShop 2.x 3.0代码执行漏洞分析

    0x00 前言 ECShop是一款B2C独立网店系统,适合企业及个人快速构建个性化网上商店.2.x版本跟3.0版本存在代码执行漏洞. 0x01 漏洞原理 ECShop 没有对 $GLOBAL['_SE ...

  9. cve-2018-7600 drupal核心远程代码执行漏洞分析

    0x01 漏洞介绍 Drupal是一个开源内容管理系统(CMS),全球超过100万个网站(包括政府,电子零售,企业组织,金融机构等)使用.两周前,Drupal安全团队披露了一个非常关键的漏洞,编号CV ...

最新文章

  1. 俄罗斯 Android 系统受限,或将转用 HarmonyOS!
  2. 实习生离职,HR恼羞成怒:我要全行业封杀你
  3. ajax+lucene pdf,基于Ajax/Lucene的站内搜索技术研究
  4. 简颢集团“风口”下的投资机会 新能源共享领域的机遇与挑战
  5. x265-common.h
  6. CCNA学习指南第二章
  7. 运动会加油稿计算机学院,信息工程学院运动会加油稿
  8. php中heredoc的使用方法
  9. apt-get install 时无法获得锁 /var/lib/dpkg/lock - open
  10. BAT与华为职级薪资股权大揭秘 网友看完后很酸表示“雨女无瓜”
  11. C# 简单日志文本输出
  12. JAVA内置注解 基本注解
  13. shell脚本监控cpu/内存使用率 转
  14. Good Bye 2016 //智商再次下线,边界爆炸.....
  15. 2022.10.3-10.8 AI行业周刊(第118期):AI训练营
  16. 多重背包二进制优化(wzk吃小鸡腿)
  17. java 6面骰子_掷6面骰子6000次每个点数出现的概率
  18. ubuntu 14.04版本更改文件夹背景色为草绿色
  19. 2021-05-03
  20. 【网络聊天室】——基于socket编程的TCP/UDP网络聊天服务器

热门文章

  1. Tomcat启动项目的三种方式
  2. 视觉SLAM十四讲 第3讲 三维空间刚体运动(相关知识点汇总)
  3. 爬虫基础(4)发送请求之requests库的使用
  4. 品牌林立的家装市场,缘何业主依旧没有安全感?
  5. [工具][原创]全屏找图点击工具网页找图工具使用教程
  6. orcal—Mybatis—梳理
  7. html的form标签的基本介绍及使用
  8. 【centOS】【xshell】xshell连接虚拟机上的centOS,操作途中突然断开连接,报错:connect closed by foreign host...
  9. 2023 个人简洁导航html源码
  10. 分类问题中的数据不平衡问题