整个包的类目录:

类文件并不是很多,主入口类ScannerBootstrapper

package org.sonarsource.scanner.maven.bootstrap;import java.io.IOException;
import java.util.List;
import java.util.Properties;
import org.apache.maven.artifact.versioning.ArtifactVersion;
import org.apache.maven.artifact.versioning.DefaultArtifactVersion;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.logging.Log;
import org.apache.maven.project.MavenProject;
import org.sonarsource.scanner.api.EmbeddedScanner;
import org.sonarsource.scanner.maven.ExtensionsFactory;/*** Configure properties and bootstrap using SonarQube scanner API*/
public class ScannerBootstrapper {private final Log log;private final MavenSession session;private final EmbeddedScanner scanner;private final MavenProjectConverter mavenProjectConverter;private final ExtensionsFactory extensionsFactory;private String serverVersion;private PropertyDecryptor propertyDecryptor;public ScannerBootstrapper(Log log, MavenSession session, EmbeddedScanner scanner, MavenProjectConverter mavenProjectConverter, ExtensionsFactory extensionsFactory,PropertyDecryptor propertyDecryptor) {this.log = log;this.session = session;this.scanner = scanner;this.mavenProjectConverter = mavenProjectConverter;this.extensionsFactory = extensionsFactory;this.propertyDecryptor = propertyDecryptor;}public void execute() throws IOException, MojoExecutionException {try {applyMasks();scanner.start();serverVersion = scanner.serverVersion();checkSQVersion();if (isVersionPriorTo5Dot2()) {// for these versions, global properties and extensions are only applied when calling runAnalisys()if (supportsNewDependencyProperty()) {scanner.addExtensions(extensionsFactory.createExtensionsWithDependencyProperty().toArray());} else {scanner.addExtensions(extensionsFactory.createExtensions().toArray());}}if (log.isDebugEnabled()) {scanner.setGlobalProperty("sonar.verbose", "true");}scanner.runAnalysis(collectProperties());scanner.stop();} catch (Exception e) {throw ExceptionHandling.handle(e, log);}}private void applyMasks() {// Exclude log implementation to not conflict with Maven 3.1 logging implscanner.mask("org.slf4j.LoggerFactory");// Include slf4j Logger that is exposed by some Sonar componentsscanner.unmask("org.slf4j.Logger");scanner.unmask("org.slf4j.ILoggerFactory");// MSONAR-122scanner.unmask("org.slf4j.Marker");// Exclude other slf4j classes// .unmask("org.slf4j.impl.")scanner.mask("org.slf4j.");// Exclude logbackscanner.mask("ch.qos.logback.");scanner.mask("org.sonar.");// Guava is not the same version in SonarQube classloaderscanner.mask("com.google.common");// Include everything else (we need to unmask all extensions that might be passed to the batch)scanner.unmask("");}private Properties collectProperties()throws MojoExecutionException {List<MavenProject> sortedProjects = session.getProjects();MavenProject topLevelProject = null;for (MavenProject project : sortedProjects) {if (project.isExecutionRoot()) {topLevelProject = project;break;}}if (topLevelProject == null) {throw new IllegalStateException("Maven session does not declare a top level project");}Properties props = mavenProjectConverter.configure(sortedProjects, topLevelProject, session.getUserProperties());props.putAll(propertyDecryptor.decryptProperties(props));return props;}private void checkSQVersion() {if (serverVersion != null) {log.info("SonarQube version: " + serverVersion);}if (isVersionPriorTo4Dot5()) {log.warn("With SonarQube prior to 4.5, it is recommended to use maven-sonar-plugin 2.6");}}boolean isVersionPriorTo4Dot5() {if (serverVersion == null) {return true;}ArtifactVersion artifactVersion = new DefaultArtifactVersion(serverVersion);if (artifactVersion.getMajorVersion() < 4) {return true;}return artifactVersion.getMajorVersion() == 4 && artifactVersion.getMinorVersion() < 5;}private boolean supportsNewDependencyProperty() {return !isVersionPriorTo5Dot0();}boolean isVersionPriorTo5Dot2() {if (serverVersion == null) {return true;}ArtifactVersion artifactVersion = new DefaultArtifactVersion(serverVersion);if (artifactVersion.getMajorVersion() < 5) {return true;}return artifactVersion.getMajorVersion() == 5 && artifactVersion.getMinorVersion() < 2;}boolean isVersionPriorTo5Dot0() {if (serverVersion == null) {return true;}ArtifactVersion artifactVersion = new DefaultArtifactVersion(serverVersion);return artifactVersion.getMajorVersion() < 5;}
}

maven-sonar-scanner-3.2 pom文件:

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>org.sonarsource.parent</groupId><artifactId>parent</artifactId><version>36</version><relativePath /></parent><groupId>org.sonarsource.scanner.maven</groupId><artifactId>sonar-maven-plugin</artifactId><version>3.2</version><packaging>maven-plugin</packaging><name>SonarQube Scanner for Maven</name><description>Trigger SonarQube analysis on Maven projects</description><inceptionYear>2009</inceptionYear><licenses><license><name>GNU LGPL 3</name><url>http://www.gnu.org/licenses/lgpl.txt</url><distribution>repo</distribution></license></licenses><developers><developer><id>olamy</id><name>Olivier Lamy</name><email>olamy@apache.org</email><timezone>+1</timezone></developer><developer><id>godin</id><name>Evgeny Mandrikov</name><email>mandrikov@gmail.com</email><timezone>+3</timezone></developer><developer><id>simon.brandhof</id><name>Simon Brandhof</name><email>simon.brandhof@gmail.com</email><timezone>+1</timezone></developer><developer><id>henryju</id><name>Julien Henry</name><email>henryju@yahoo.fr</email><timezone>+1</timezone></developer></developers><prerequisites><maven>3.0</maven></prerequisites><scm><connection>scm:git:https://github.com/SonarSource/sonar-scanner-maven.git</connection><developerConnection>scm:git:ssh://git@github.com/SonarSource/sonar-scanner-maven.git</developerConnection><url>https://github.com/SonarSource/sonar-scanner-maven</url><tag>3.2</tag></scm><issueManagement><system>JIRA</system><url>http://jira.sonarsource.com/browse/MSONAR</url></issueManagement><properties><mojo.java.target>1.7</mojo.java.target><mavenVersion>3.3.9</mavenVersion><sonar.exclusions>src/main/java/org/apache/maven/shared/dependency/tree/DependencyTreeResolutionListener.java,target/generated-sources/**/*</sonar.exclusions><gitRepositoryName>sonar-scanner-maven</gitRepositoryName></properties><dependencies><dependency><groupId>org.apache.maven</groupId><artifactId>maven-plugin-api</artifactId><version>${mavenVersion}</version><scope>provided</scope></dependency><dependency><groupId>org.apache.maven</groupId><artifactId>maven-model</artifactId><version>${mavenVersion}</version><scope>provided</scope></dependency><dependency><groupId>org.apache.maven</groupId><artifactId>maven-compat</artifactId><version>${mavenVersion}</version><scope>provided</scope></dependency><dependency><groupId>org.apache.maven</groupId><artifactId>maven-artifact</artifactId><version>${mavenVersion}</version><scope>provided</scope></dependency><dependency><groupId>org.apache.maven</groupId><artifactId>maven-core</artifactId><version>${mavenVersion}</version><scope>provided</scope></dependency><dependency><groupId>org.apache.maven.shared</groupId><artifactId>maven-dependency-tree</artifactId><version>2.2</version></dependency><dependency><groupId>org.sonatype.plexus</groupId><artifactId>plexus-sec-dispatcher</artifactId><version>1.4</version></dependency><!-- MSONAR-141 --><dependency><groupId>org.codehaus.plexus</groupId><artifactId>plexus-utils</artifactId><version>3.0.22</version></dependency><dependency><groupId>org.apache.maven.plugin-tools</groupId><artifactId>maven-plugin-annotations</artifactId><version>3.4</version><scope>provided</scope></dependency><dependency><groupId>org.sonarsource.scanner.api</groupId><artifactId>sonar-scanner-api</artifactId><version>2.8</version></dependency><dependency><groupId>commons-lang</groupId><artifactId>commons-lang</artifactId><version>2.6</version></dependency><dependency><groupId>com.google.code.findbugs</groupId><artifactId>jsr305</artifactId><version>2.0.3</version></dependency><dependency><groupId>junit</groupId><artifactId>junit</artifactId><version>4.12</version><scope>test</scope></dependency><dependency><groupId>org.mockito</groupId><artifactId>mockito-all</artifactId><version>1.9.5</version><scope>test</scope></dependency><dependency><groupId>org.assertj</groupId><artifactId>assertj-core</artifactId><version>2.3.0</version><scope>test</scope></dependency><dependency><groupId>org.skyscreamer</groupId><artifactId>jsonassert</artifactId><version>1.2.3</version><scope>test</scope></dependency><dependency><groupId>org.apache.maven.plugin-testing</groupId><artifactId>maven-plugin-testing-harness</artifactId><version>3.3.0</version><scope>test</scope></dependency><dependency><groupId>org.mortbay.jetty</groupId><artifactId>jetty</artifactId><version>6.1.25</version><scope>test</scope></dependency></dependencies><build><plugins><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-plugin-plugin</artifactId><configuration><!-- see http://jira.codehaus.org/browse/MNG-5346 --><skipErrorNoDescriptorsFound>true</skipErrorNoDescriptorsFound></configuration><executions><execution><id>mojo-descriptor</id><goals><goal>descriptor</goal></goals></execution><!-- if you want to generate help goal --><execution><id>help-goal</id><goals><goal>helpmojo</goal></goals></execution></executions></plugin>    <plugin><groupId>org.codehaus.plexus</groupId><artifactId>plexus-component-metadata</artifactId><version>1.7</version><executions><execution><goals><goal>generate-metadata</goal></goals></execution></executions></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-release-plugin</artifactId><configuration><goals>deploy site site:stage</goals></configuration></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-site-plugin</artifactId><version>3.4</version><executions><execution><id>stage-for-scm-publish</id><phase>post-site</phase><goals><goal>stage</goal></goals></execution></executions></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-scm-publish-plugin</artifactId><version>1.1</version><configuration><scmBranch>gh-pages</scmBranch></configuration><executions><execution><id>scm-publish</id><phase>site-deploy</phase><goals><goal>publish-scm</goal></goals></execution></executions></plugin></plugins></build><reporting><plugins><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-plugin-plugin</artifactId><version>3.4</version><configuration><requirements><jdk>${mojo.java.target}</jdk></requirements></configuration></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-project-info-reports-plugin</artifactId><version>2.8.1</version><reportSets><reportSet><reports><report>dependency-info</report><report>index</report><report>issue-tracking</report><report>project-team</report><report>scm</report><report>summary</report></reports></reportSet></reportSets></plugin></plugins></reporting><distributionManagement><site><id>github</id><name>GitHub</name><url>scm:git:git@github.com:SonarSource/sonar-scanner-maven.git</url></site></distributionManagement>
</project>

从上面的pom 依赖可以看到 maven-sonar-scanner 依赖于sonar-scanner-2.8!!!!

首先调用scanner.start(); ->private final EmbeddedScanner scanner;->org.sonarsource.scanner.api.EmbeddedScanner;

EmbeddedScanner来自sonar-scanner-api-2.8.jar

EmbeddedScanner 代码:

public class EmbeddedScanner {private final IsolatedLauncherFactory launcherFactory;private IsolatedLauncher launcher;private final LogOutput logOutput;private final Properties globalProperties = new Properties();private final List<Object> extensions = new ArrayList<>();private final Logger logger;private final Set<String> classloaderMask = new HashSet<>();private final Set<String> classloaderUnmask = new HashSet<>();EmbeddedScanner(IsolatedLauncherFactory bl, Logger logger, LogOutput logOutput) {this.logger = logger;this.launcherFactory = bl;this.logOutput = logOutput;this.classloaderUnmask.add("org.sonarsource.scanner.api.internal.batch.");}public static EmbeddedScanner create(final LogOutput logOutput) {Logger logger = new LoggerAdapter(logOutput);return new EmbeddedScanner(new IsolatedLauncherFactory(logger), logger, logOutput);}public Properties globalProperties() {Properties clone = new Properties();clone.putAll(globalProperties);return clone;}public EmbeddedScanner unmask(String fqcnPrefix) {checkLauncherDoesntExist();classloaderUnmask.add(fqcnPrefix);return this;}public EmbeddedScanner mask(String fqcnPrefix) {checkLauncherDoesntExist();classloaderMask.add(fqcnPrefix);return this;}/*** Declare Sonar properties, for example sonar.projectKey=foo.* These might be used at different stages (on {@link #start() or #runAnalysis(Properties)}, depending on the * property and SQ version.**/public EmbeddedScanner addGlobalProperties(Properties p) {globalProperties.putAll(p);return this;}/*** Declare a SonarQube property.* These might be used at different stages (on {@link #start() or #runAnalysis(Properties)}, depending on the * property and SQ version.** @see ScannerProperties* @see ScanProperties*/public EmbeddedScanner setGlobalProperty(String key, String value) {globalProperties.setProperty(key, value);return this;}public String globalProperty(String key, @Nullable String defaultValue) {return globalProperties.getProperty(key, defaultValue);}/*** User-agent used in the HTTP requests to the SonarQube server*/public EmbeddedScanner setApp(String app, String version) {setGlobalProperty(InternalProperties.SCANNER_APP, app);setGlobalProperty(InternalProperties.SCANNER_APP_VERSION, version);return this;}public String app() {return globalProperty(InternalProperties.SCANNER_APP, null);}/*** Add extensions to the batch's object container.* Only supported until SQ 5.1. For more recent versions, an exception is thrown * @param objs*/public EmbeddedScanner addExtensions(Object... objs) {checkLauncherExists();if (VersionUtils.isAtLeast52(launcher.getVersion())) {throw new IllegalStateException("not supported in current SonarQube version: " + launcher.getVersion());}extensions.addAll(Arrays.asList(objs));return this;}public String appVersion() {return globalProperty(InternalProperties.SCANNER_APP_VERSION, null);}/*** Launch an analysis.* Runner must have been started - see {@link #start()}.*/public void runAnalysis(Properties analysisProperties) {checkLauncherExists();Properties copy = new Properties();copy.putAll(analysisProperties);initAnalysisProperties(copy);doExecute(copy);}public void start() {initGlobalDefaultValues();doStart();}/*** Stops the batch.* Only supported starting in SQ 5.2. For older versions, this is a no-op.*/public void stop() {checkLauncherExists();doStop();}public String serverVersion() {checkLauncherExists();return launcher.getVersion();}/*** @deprecated since 2.5 use {@link #start()}, {@link #runAnalysis(Properties)} and then {@link #stop()}*/@Deprecatedpublic final void execute() {start();runAnalysis(new Properties());stop();}private void initGlobalDefaultValues() {setGlobalDefaultValue(ScannerProperties.HOST_URL, "http://localhost:9000");setGlobalDefaultValue(InternalProperties.SCANNER_APP, "SonarQubeScanner");setGlobalDefaultValue(InternalProperties.SCANNER_APP_VERSION, ScannerApiVersion.version());}private void initAnalysisProperties(Properties p) {initSourceEncoding(p);new Dirs(logger).init(p);}void initSourceEncoding(Properties p) {boolean onProject = Utils.taskRequiresProject(p);if (onProject) {String sourceEncoding = p.getProperty(ScanProperties.PROJECT_SOURCE_ENCODING, "");boolean platformDependent = false;if ("".equals(sourceEncoding)) {sourceEncoding = Charset.defaultCharset().name();platformDependent = true;p.setProperty(ScanProperties.PROJECT_SOURCE_ENCODING, sourceEncoding);}logger.info("Default locale: \"" + Locale.getDefault() + "\", source code encoding: \"" + sourceEncoding + "\""+ (platformDependent ? " (analysis is platform dependent)" : ""));}}private void setGlobalDefaultValue(String key, String value) {if (!globalProperties.containsKey(key)) {setGlobalProperty(key, value);}}protected void doStart() {checkLauncherDoesntExist();ClassloadRules rules = new ClassloadRules(classloaderMask, classloaderUnmask);launcher = launcherFactory.createLauncher(globalProperties(), rules);if (VersionUtils.isAtLeast52(launcher.getVersion())) {launcher.start(globalProperties(), (formattedMessage, level) -> logOutput.log(formattedMessage, LogOutput.Level.valueOf(level.name())));}}protected void doStop() {if (VersionUtils.isAtLeast52(launcher.getVersion())) {launcher.stop();launcher = null;}}protected void doExecute(Properties analysisProperties) {if (VersionUtils.isAtLeast52(launcher.getVersion())) {launcher.execute(analysisProperties);} else {Properties prop = new Properties();prop.putAll(globalProperties());prop.putAll(analysisProperties);launcher.executeOldVersion(prop, extensions);}}private void checkLauncherExists() {if (launcher == null) {throw new IllegalStateException("not started");}}private void checkLauncherDoesntExist() {if (launcher != null) {throw new IllegalStateException("already started");}}
}

这个EmbeddedScanner 中laucher 是IsolatedLauncher 这个类,这个类是一个类加载器类,用来加载下载的类文件

/*** Special {@link java.net.URLClassLoader} to execute batch, which restricts loading from parent.*/
class IsolatedClassloader extends URLClassLoader {private final ClassloadRules rules;/*** The parent classloader is used only for loading classes and resources in unmasked packages*/IsolatedClassloader(ClassLoader parent, ClassloadRules rules) {super(new URL[0], parent);this.rules = rules;}void addFiles(List<File> files) {try {for (File file : files) {addURL(file.toURI().toURL());}} catch (MalformedURLException e) {throw new IllegalStateException("Fail to create classloader", e);}}/*** Same behavior as in {@link java.net.URLClassLoader#loadClass(String, boolean)}, except loading from parent.*/@Overrideprotected synchronized Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundException {// First, check if the class has already been loadedClass<?> c = findLoadedClass(name);if (c == null) {try {// Load from parentif (getParent() != null && rules.canLoad(name)) {c = getParent().loadClass(name);} else {// Load from system// I don't know for other vendors, but for Oracle JVM :// - ClassLoader.getSystemClassLoader() is sun.misc.Launcher$AppClassLoader. It contains app classpath.// - ClassLoader.getSystemClassLoader().getParent() is sun.misc.Launcher$ExtClassLoader. It contains core JVMClassLoader systemClassLoader = getSystemClassLoader();if (systemClassLoader.getParent() != null) {systemClassLoader = systemClassLoader.getParent();}c = systemClassLoader.loadClass(name);}} catch (ClassNotFoundException e) {// If still not found, then invoke findClass in order// to find the class.c = findClass(name);}}if (resolve) {resolveClass(c);}return c;}/*** Unlike {@link java.net.URLClassLoader#getResource(String)} don't return resource from parent.* See http://jira.codehaus.org/browse/SONAR-2276*/@Overridepublic URL getResource(String name) {return findResource(name);}/*** Unlike {@link java.net.URLClassLoader#getResources(String)} don't return resources from parent.* See http://jira.codehaus.org/browse/SONAR-2276*/@Overridepublic Enumeration<URL> getResources(String name) throws IOException {return findResources(name);}}

这个类中使用了工厂模式:

public class IsolatedLauncherFactory {static final String ISOLATED_LAUNCHER_IMPL = "org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher";private final TempCleaning tempCleaning;private final String launcherImplClassName;private final Logger logger;/*** For unit tests*/IsolatedLauncherFactory(String isolatedLauncherClassName, TempCleaning tempCleaning, Logger logger) {this.tempCleaning = tempCleaning;this.launcherImplClassName = isolatedLauncherClassName;this.logger = logger;}public IsolatedLauncherFactory(Logger logger) {this(ISOLATED_LAUNCHER_IMPL, new TempCleaning(logger), logger);}private ClassLoader createClassLoader(List<File> jarFiles, ClassloadRules maskRules) {IsolatedClassloader classloader = new IsolatedClassloader(getClass().getClassLoader(), maskRules);classloader.addFiles(jarFiles);return classloader;}public IsolatedLauncher createLauncher(Properties props, ClassloadRules rules) {if (props.containsKey(InternalProperties.SCANNER_DUMP_TO_FILE) || props.containsKey(InternalProperties.SCANNER_DUMP_TO_FILE_DEPRECATED)) {String version = props.getProperty(InternalProperties.SCANNER_VERSION_SIMULATION);if (version == null) {version = "5.2";}return new SimulatedLauncher(version, logger);}ServerConnection serverConnection = ServerConnection.create(props, logger);JarDownloader jarDownloader = new JarDownloader(serverConnection, logger, props);return createLauncher(jarDownloader, rules);}IsolatedLauncher createLauncher(final JarDownloader jarDownloader, final ClassloadRules rules) {return AccessController.doPrivileged(new PrivilegedAction<IsolatedLauncher>() {@Overridepublic IsolatedLauncher run() {try {List<File> jarFiles = jarDownloader.download();logger.debug("Create isolated classloader...");ClassLoader cl = createClassLoader(jarFiles, rules);IsolatedLauncher objProxy = IsolatedLauncherProxy.create(cl, IsolatedLauncher.class, launcherImplClassName, logger);tempCleaning.clean();return objProxy;} catch (Exception e) {// Catch all other exceptions, which relates to reflectionthrow new ScannerException("Unable to execute SonarQube", e);}}});}
}

IsolatedLauncherProxy代理类:

public class IsolatedLauncherProxy implements InvocationHandler {private final Object proxied;private final ClassLoader cl;private final Logger logger;private IsolatedLauncherProxy(ClassLoader cl, Object proxied, Logger logger) {this.cl = cl;this.proxied = proxied;this.logger = logger;}public static <T> T create(ClassLoader cl, Class<T> interfaceClass, String proxiedClassName, Logger logger) throws ReflectiveOperationException {Object proxied = createProxiedObject(cl, proxiedClassName);// interfaceClass needs to be loaded with a parent ClassLoader (common to both ClassLoaders)// In addition, Proxy.newProxyInstance checks if the target ClassLoader sees the same class as the one givenClass<?> loadedInterfaceClass = cl.loadClass(interfaceClass.getName());return (T) create(cl, proxied, loadedInterfaceClass, logger);}public static <T> T create(ClassLoader cl, Object proxied, Class<T> interfaceClass, Logger logger) {Class<?>[] c = {interfaceClass};return (T) Proxy.newProxyInstance(cl, c, new IsolatedLauncherProxy(cl, proxied, logger));}@Overridepublic Object invoke(Object proxy, Method method, Object[] args) throws Throwable {ClassLoader initialContextClassLoader = Thread.currentThread().getContextClassLoader();try {Thread.currentThread().setContextClassLoader(cl);logger.debug("Execution " + method.getName());return method.invoke(proxied, args);} catch (UndeclaredThrowableException | InvocationTargetException e) {throw unwrapException(e);} finally {Thread.currentThread().setContextClassLoader(initialContextClassLoader);}}private static Throwable unwrapException(Throwable e) {Throwable cause = e;while (cause.getCause() != null) {if (cause instanceof UndeclaredThrowableException || cause instanceof InvocationTargetException) {cause = cause.getCause();} else {break;}}return cause;}private static Object createProxiedObject(ClassLoader cl, String proxiedClassName) throws ClassNotFoundException, InstantiationException, IllegalAccessException {Class<?> proxiedClass = cl.loadClass(proxiedClassName);return proxiedClass.newInstance();}
}

ClassloadRules类:

public class ClassloadRules {private final List<String> mask;private final List<String> unmask;public ClassloadRules(Set<String> maskRules, Set<String> unmaskRules) {this.mask = new ArrayList<>(maskRules);this.unmask = new ArrayList<>(unmaskRules);}public boolean canLoad(String className) {// if there is a tie -> block itreturn unmaskSize(className) > maskSize(className);}private int maskSize(String className) {return findBestMatch(mask, className);}private int unmaskSize(String className) {return findBestMatch(unmask, className);}private static int findBestMatch(List<String> list, String name) {// there can be a match of 0 ("")int bestMatch = -1;for (String s : list) {if (name.startsWith(s) && s.length() > bestMatch) {bestMatch = s.length();}}return bestMatch;}
}

jar类:

class Jars {private final FileCache fileCache;private final ServerConnection connection;private final JarExtractor jarExtractor;private final Logger logger;Jars(ServerConnection conn, JarExtractor jarExtractor, Logger logger, Properties props) {this.logger = logger;this.fileCache = new FileCacheBuilder(logger).setUserHome(props.getProperty("sonar.userHome")).build();this.connection = conn;this.jarExtractor = jarExtractor;}/*** For unit tests*/Jars(FileCache fileCache, ServerConnection conn, JarExtractor jarExtractor, Logger logger) {this.logger = logger;this.fileCache = fileCache;this.connection = conn;this.jarExtractor = jarExtractor;}/*** For unit tests*/FileCache getFileCache() {return fileCache;}List<File> download() {List<File> files = new ArrayList<>();logger.debug("Extract sonar-scanner-api-batch in temp...");files.add(jarExtractor.extractToTemp("sonar-scanner-api-batch").toFile());files.addAll(downloadFiles());return files;}private List<File> downloadFiles() {try {List<File> files = new ArrayList<>();logger.debug("Get bootstrap index...");String libs = connection.downloadString("/batch_bootstrap/index");logger.debug("Get bootstrap completed");String[] lines = libs.split("[\r\n]+");BatchFileDownloader batchFileDownloader = new BatchFileDownloader(connection);for (String line : lines) {line = line.trim();if (!"".equals(line)) {String[] libAndHash = line.split("\\|");String filename = libAndHash[0];String hash = libAndHash.length > 0 ? libAndHash[1] : "";files.add(fileCache.get(filename, hash, batchFileDownloader));}}return files;} catch (Exception e) {throw new IllegalStateException("Fail to download libraries from server", e);}}static class BatchFileDownloader implements FileCache.Downloader {private final ServerConnection connection;BatchFileDownloader(ServerConnection conn) {this.connection = conn;}@Overridepublic void download(String filename, File toFile) throws IOException {connection.downloadFile(format("/batch/%s", filename), toFile.toPath());}}
}

sonar分析阶段执行日志:

[INFO] --- sonar-maven-plugin:3.2:sonar (default-cli) @ pcaic-parent ---
[INFO] User cache: /root/.sonar/cache
5.475: [GC (Metadata GC Threshold) [PSYoungGen: 124155K->16378K(212992K)] 125048K->20534K(337920K), 0.0249154 secs] [Times: user=0.08 sys=0.00, real=0.03 secs]
5.500: [Full GC (Metadata GC Threshold) [PSYoungGen: 16378K->0K(212992K)] [ParOldGen: 4156K->19951K(172032K)] 20534K->19951K(385024K), [Metaspace: 20709K->20709K(1069056K)], 0.1078064 secs] [Times: user=0.46 sys=0.01, real=0.11 secs]
[INFO] Load global repositories
[INFO] Load global repositories (done) | time=143ms
[WARNING] Property 'sonar.jdbc.url' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database.
[WARNING] Property 'sonar.jdbc.username' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database.
[WARNING] Property 'sonar.jdbc.password' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database.
[INFO] User cache: /root/.sonar/cache
[INFO] Load plugins index
[INFO] Load plugins index (done) | time=2ms
[INFO] Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2.
[INFO] SonarQube version: 6.2
7.243: [GC (Allocation Failure) [PSYoungGen: 196608K->21479K(318976K)] 216559K->73599K(491008K), 0.0467409 secs] [Times: user=0.14 sys=0.04, real=0.05 secs]
[WARNING] Missing POM for com.suning.framework:snf-zk-client:jar:1.1.1
[WARNING] Missing POM for com.suning.framework:snf-zk-client:jar:1.1.1
8.358: [GC (Allocation Failure) [PSYoungGen: 318951K->25791K(394240K)] 371071K->77919K(566272K), 0.0259672 secs] [Times: user=0.11 sys=0.02, real=0.02 secs]
[INFO] artifact org.jxls:jxls: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:jquery: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:eonasdan-bootstrap-datetimepicker: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:moment: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:moment: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:bootstrap: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:jquery: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:bootstrap: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:jquery: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:codemirror: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:angular: checking for updates from suning_maven_repo
[INFO] artifact org.webjars.bower:js-xlsx: checking for updates from suning_maven_repo
10.054: [GC (Allocation Failure) [PSYoungGen: 378047K->29227K(494080K)] 430175K->81362K(666112K), 0.0336199 secs] [Times: user=0.21 sys=0.02, real=0.04 secs]
[INFO] Default locale: "zh_CN", source code encoding: "UTF-8"
[INFO] Process project properties
[INFO] Load project repositories
[INFO] Load project repositories (done) | time=305ms
11.048: [GC (Metadata GC Threshold) [PSYoungGen: 125853K->36969K(494592K)] 177989K->89113K(666624K), 0.0228080 secs] [Times: user=0.09 sys=0.02, real=0.02 secs]
11.071: [Full GC (Metadata GC Threshold) [PSYoungGen: 36969K->0K(494592K)] [ParOldGen: 52143K->75639K(318976K)] 89113K->75639K(813568K), [Metaspace: 34292K->34292K(1081344K)], 0.1395758 secs] [Times: user=0.60 sys=0.03, real=0.14 secs]
[INFO] Load quality profiles
[INFO] Load quality profiles (done) | time=22ms
[INFO] Load active rules
[INFO] Load active rules (done) | time=647ms
[INFO] Publish mode
[INFO] -------------  Scan suning's pcids caic common 20180509
[INFO] Language is forced to java
[INFO] Load server rules
[INFO] Load server rules (done) | time=142ms
[INFO] Initializer GenericCoverageSensor
[INFO] Initializer GenericCoverageSensor (done) | time=1ms
[INFO] Base dir: /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common
[INFO] Working dir: /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common/target/sonar
[INFO] Source paths: pom.xml, src/main/java
[INFO] Source encoding: UTF-8, default locale: zh_CN
[INFO] Index files
[INFO] 47 files indexed
[INFO] Quality profile for java: Sonarway54
[INFO] Sensor Lines Sensor
[INFO] Sensor Lines Sensor (done) | time=17ms
[INFO] Sensor JavaSquidSensor
[INFO] Configured Java source version (sonar.java.source): 8
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=13ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=3ms
[INFO] Java Main Files AST scan
[INFO] 47 source files to be analyzed
[WARNING] Metric 'lines' is an internal metric computed by SonarQube. Provided value is ignored.
16.331: [GC (Allocation Failure) [PSYoungGen: 452608K->28914K(606208K)] 528247K->104581K(925184K), 0.0573675 secs] [Times: user=0.20 sys=0.02, real=0.06 secs]
[INFO] [INFO] 47/47 source files have been analyzed
Java Main Files AST scan (done) | time=3857ms
[INFO] Java Test Files AST scan
[INFO] 0 source files to be analyzed
[INFO] Java Test Files AST scan (done) | time=0ms
[INFO] Sensor JavaSquidSensor (done) | time=4341ms
[INFO] [INFO] Sensor SCM Sensor
0/0 source files have been analyzed
[INFO] Sensor SCM Sensor (done) | time=9ms
[INFO] Sensor Coverage Report Import
[INFO] Sensor Coverage Report Import (done) | time=0ms
[INFO] Sensor Coverage Report Import
[INFO] Sensor Coverage Report Import (done) | time=0ms
[INFO] Sensor Unit Test Results Import
[INFO] Sensor Unit Test Results Import (done) | time=0ms
[INFO] Sensor FindBugs Sensor
18.146: [GC (Metadata GC Threshold) [PSYoungGen: 298260K->13640K(625152K)] 373927K->89315K(944128K), 0.0345552 secs] [Times: user=0.14 sys=0.01, real=0.04 secs]
18.181: [Full GC (Metadata GC Threshold) [PSYoungGen: 13640K->0K(625152K)] [ParOldGen: 75674K->81834K(407040K)] 89315K->81834K(1032192K), [Metaspace: 57175K->57175K(1099776K)], 0.3274191 secs] [Times: user=1.63 sys=0.02, real=0.33 secs]
[INFO] Findbugs output report: /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common/target/sonar/findbugs-result.xml
23.374: [GC (Allocation Failure) [PSYoungGen: 580096K->34117K(734208K)] 661930K->115976K(1141248K), 0.0345130 secs] [Times: user=0.14 sys=0.01, real=0.04 secs]
[INFO] Sensor FindBugs Sensor (done) | time=6416ms
[INFO] Sensor SurefireSensor
[INFO] parsing /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common/target/surefire-reports
[INFO] Sensor SurefireSensor (done) | time=1ms
[INFO] Sensor JaCoCoSensor
[INFO] JaCoCoSensor: JaCoCo report not found : /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common/target/jacoco.exec
[INFO] Sensor JaCoCoSensor (done) | time=0ms
[INFO] Sensor JaCoCoItSensor
[INFO] JaCoCoItSensor: JaCoCo IT report not found: /data/jenkinsslave/workspace/pcids_caic20180509/pcaic-common/target/jacoco-it.exec
[INFO] Sensor JaCoCoItSensor (done) | time=0ms
[INFO] Sensor JaCoCoOverallSensor
[INFO] Sensor JaCoCoOverallSensor (done) | time=1ms
[INFO] Sensor XmlFileSensor
[INFO] Sensor XmlFileSensor (done) | time=0ms
[INFO] Sensor Zero Coverage Sensor
[INFO] Sensor Zero Coverage Sensor (done) | time=38ms
[INFO] Sensor Code Colorizer Sensor
[INFO] Sensor Code Colorizer Sensor (done) | time=2ms
[INFO] Sensor CPD Block Indexer
[INFO] JavaCpdBlockIndexer is used for java
[INFO] Sensor CPD Block Indexer (done) | time=68ms

首先设置globalproperties:这是jenkins上配置的sonar 生成的:

jenkins上配置的这个sonar信息将要生成globalproperties

根据这个配置文件将要连接sonar web,然后将要在sonar上开启分析的线程(是web 进程中的一个线程还是 ce中的一个线程?有待于研究)

然后sonar 统计 scanner 准备就绪,然后scanner根据project中的sonar配置生成一个project properties

然后scanner 根据socket创建HTTPS连接,通过protocobuf协议和sonar engine 通信,下载,加载sonar 中engine工具类在jenkins上 scanner  jvm中执行。

sonar-scanner-2.8 pom文件:从pom中可见 scanner和sonar 中的代码并没有什么依赖关系,scanner只是网络下载 sonar web 中相关的类和 rule,然后在scanner中的类加载器上加载执行。

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>org.sonarsource.scanner.api</groupId><artifactId>sonar-scanner-api-parent</artifactId><version>2.8</version></parent><artifactId>sonar-scanner-api</artifactId><name>SonarQube Scanner API</name><dependencies><!-- Dependencies with scope "compile" are shaded and removed from transitive dependencies--><dependency><groupId>com.squareup.okhttp3</groupId><artifactId>okhttp</artifactId></dependency><dependency><groupId>com.eclipsesource.minimal-json</groupId><artifactId>minimal-json</artifactId></dependency><dependency><groupId>com.google.code.findbugs</groupId><artifactId>jsr305</artifactId><scope>provided</scope></dependency><dependency><groupId>${project.groupId}</groupId><artifactId>sonar-scanner-api-batch</artifactId><version>${project.version}</version><scope>provided</scope></dependency><dependency><groupId>${project.groupId}</groupId><artifactId>sonar-scanner-api-batch-interface</artifactId><version>${project.version}</version></dependency><!-- unit tests --><dependency><groupId>junit</groupId><artifactId>junit</artifactId><scope>test</scope></dependency><dependency><groupId>org.mockito</groupId><artifactId>mockito-all</artifactId><scope>test</scope></dependency><dependency><groupId>org.assertj</groupId><artifactId>assertj-core</artifactId><version>2.2.0</version><scope>test</scope></dependency><dependency><groupId>com.squareup.okhttp3</groupId><artifactId>mockwebserver</artifactId><scope>test</scope></dependency><dependency><groupId>commons-lang</groupId><artifactId>commons-lang</artifactId><scope>test</scope></dependency><dependency><!-- used to compare results --><groupId>commons-codec</groupId><artifactId>commons-codec</artifactId><scope>test</scope></dependency></dependencies><build><resources><resource><directory>src/main/resources</directory><filtering>true</filtering></resource></resources><plugins><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-dependency-plugin</artifactId><executions><execution><id>copy</id><phase>process-resources</phase><goals><goal>copy</goal></goals><configuration><artifactItems><artifactItem><groupId>${project.groupId}</groupId><artifactId>sonar-scanner-api-batch</artifactId><version>${project.version}</version><type>jar</type><overWrite>false</overWrite><outputDirectory>${project.build.outputDirectory}</outputDirectory><destFileName>sonar-scanner-api-batch.jar</destFileName></artifactItem></artifactItems><overWriteReleases>true</overWriteReleases><overWriteSnapshots>true</overWriteSnapshots></configuration></execution></executions></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-shade-plugin</artifactId><executions><execution><phase>package</phase><goals><goal>shade</goal></goals><configuration><createDependencyReducedPom>true</createDependencyReducedPom><minimizeJar>true</minimizeJar><relocations><relocation><pattern>okhttp3</pattern><shadedPattern>org.sonarsource.scanner.api.internal.shaded.okhttp</shadedPattern></relocation><relocation><pattern>okio</pattern><shadedPattern>org.sonarsource.scanner.api.internal.shaded.okio</shadedPattern></relocation><relocation><pattern>com.eclipsesource.json</pattern><shadedPattern>org.sonarsource.scanner.api.internal.shaded.minimaljson</shadedPattern></relocation></relocations></configuration></execution></executions></plugin></plugins></build>
</project>

————————————————————————————————————————————

对于sonar-scanner.jar/sonar-runner.jar 其外壳就是一个脚本执行jar, jar中有一个main类:

public class Main {private static final String SEPARATOR = "------------------------------------------------------------------------";private final Exit exit;private final Cli cli;private final Conf conf;private EmbeddedScanner runner;private ScannerFactory runnerFactory;private Logs logger;Main(Exit exit, Cli cli, Conf conf, ScannerFactory runnerFactory, Logs logger) {this.exit = exit;this.cli = cli;this.conf = conf;this.runnerFactory = runnerFactory;this.logger = logger;}public static void main(String[] args) {Logs logs = new Logs(System.out, System.err);Exit exit = new Exit();Cli cli = new Cli(exit, logs).parse(args);Main main = new Main(exit, cli, new Conf(cli, logs, System.getenv()), new ScannerFactory(logs), logs);main.execute();}void execute() {Stats stats = new Stats(logger).start();try {Properties p = conf.properties();checkSkip(p);configureLogging(p);init(p);runner.start();logger.info("SonarQube server " + runner.serverVersion());runAnalysis(stats, p);} catch (Exception e) {displayExecutionResult(stats, "FAILURE");showError("Error during SonarQube Scanner execution", e, cli.isDebugEnabled());exit.exit(Exit.ERROR);}runner.stop();exit.exit(Exit.SUCCESS);}private void checkSkip(Properties properties) {if ("true".equalsIgnoreCase(properties.getProperty(ScanProperties.SKIP))) {logger.info("SonarQube Scanner analysis skipped");exit.exit(Exit.SUCCESS);}}private void init(Properties p) throws IOException {SystemInfo.print(logger);if (cli.isDisplayVersionOnly()) {exit.exit(Exit.SUCCESS);}runner = runnerFactory.create(p);}private void configureLogging(Properties props) throws IOException {if ("true".equals(props.getProperty("sonar.verbose"))|| "DEBUG".equalsIgnoreCase(props.getProperty("sonar.log.level"))|| "TRACE".equalsIgnoreCase(props.getProperty("sonar.log.level"))) {logger.setDebugEnabled(true);}}private void runAnalysis(Stats stats, Properties p) {runner.runAnalysis(p);displayExecutionResult(stats, "SUCCESS");}private void displayExecutionResult(Stats stats, String resultMsg) {logger.info(SEPARATOR);logger.info("EXECUTION " + resultMsg);logger.info(SEPARATOR);stats.stop();logger.info(SEPARATOR);}private void showError(String message, Throwable e, boolean debug) {if (showStackTrace(e, debug)) {logger.error(message, e);} else {logger.error(message);logger.error(e.getMessage());String previousMsg = "";for (Throwable cause = e.getCause(); cause != null&& cause.getMessage() != null&& !cause.getMessage().equals(previousMsg); cause = cause.getCause()) {logger.error("Caused by: " + cause.getMessage());previousMsg = cause.getMessage();}}if (!cli.isDebugEnabled()) {logger.error("");suggestDebugMode();}}private static boolean showStackTrace(Throwable e, boolean debug) {// class not available at compile time (loaded by isolated classloader)return debug || !"org.sonar.api.utils.MessageException".equals(e.getClass().getName());}private void suggestDebugMode() {logger.error("Re-run SonarQube Scanner using the -X switch to enable full debug logging.");}}

独立于maven的,是jenkins的插件。主要的工作类仍是EmbeddedScanner,来自

 <groupId>org.sonarsource.scanner.cli</groupId><artifactId>sonar-scanner-cli</artifactId><version>2.8</version><packaging>jar</packaging><name>SonarQube Scanner</name><url>http://docs.sonarqube.org/display/SONAR/Analyzing+with+SonarQube+Scanner</url><inceptionYear>2011</inceptionYear>

直接集成的sonar-scanner-cli.jar,然后依靠脚本执行的jar

sonar-scanner-cli-2.8.jar就是上面的讲述的源代码,大同小异。

Sonar 质量扫描的输出日志--对应源码的跟踪(一){源码解析sonar-scanner-maven3.2}相关推荐

  1. Sonar 质量扫描的输出日志--对应源码的跟踪(二){sonar engine源码}

    一个project下面module完整的sonar分析日志: [INFO] --- sonar-maven-plugin:3.2:sonar (default-cli) @ pcaic-parent ...

  2. Docker、Jenkins 结合 SonarQube 和 Sonar scanner 进行代码质量扫描

    SonarQube是一个用于管理代码质量的开放平台,可以快速的定位代码中潜在的或者明显的错误.目前支持java,C#,C/C++,Python,PL/SQL,Cobol,JavaScrip,Groov ...

  3. DevOps之持续集成SonarQube代码质量扫描

          SonarQube是一个用于代码质量检测管理的开放平台,可以集成不同的检测工具,代码分析工具,以及持续集成工具.SonarQube 并不是简单地把不同的代码检查工具结果直接显示在 Web ...

  4. log4j 禁止类输出日志_SpringBoot统一日志处理原理

    阅读推荐 程序员跳槽时机已到,闲聊中面试官无意泄题 SpringBoot作为日常开发利器,开箱即用,大量的star等已经成为节省开发的重要框架之一,但是各个框架的star中引入的日志框架却不尽相同,有 ...

  5. Sonar代码扫描常见规则总结

    Sonar代码扫描常见规则 最近公司项目交付,交付前集成,功能,性能,安全种种测试工作就来了,由于测试离职,被抓壮丁,兼职起测试修改工作.小公司,平时敲(ctrl+c)代码(ctrl+v) 时,同事也 ...

  6. 看这里,全网最详细的Sonar代码扫描平台搭建教程

    01 Sonar安装 官网:https://www.sonarqube.org/ 1.sonar简介 sonar是一款静态代码质量分析工具,支持Java.Python.PHP.JavaScript.C ...

  7. 使用SonarTS创建进行typescript代码质量扫描

    SonarQube中提供SonarTS插件对前端的typescript代码进行质量扫描.这篇文章以SonarQube LTS 6.7为例整理进行一下typescript代码检查常见的问题与对应方法. ...

  8. 4j 禁止类输出日志_logback 日志详细讲解

    Logback介绍 Logback是一个开源日志组件,logback被分为3个组件,logback-core,logback-classic和logback-access. Logback是具体的日志 ...

  9. jenkins:集成sonar代码扫描+发送邮件

    前提: Jenkins JDK 目录: 1.安装sonar插件:SonarQube Scanner for Jenkins 2.安装SonarQube 3.安装sonar-scanner ++++++ ...

最新文章

  1. hdu 2063+hdu 1083(最大匹配数)
  2. 使用代码创建BRF ruleset
  3. mysql-5.7.24-linux_Linux下安装mysql-5.7.24
  4. CleanCodeHandbook Chapter 9: Binary Search(48-50)
  5. android 模拟器 3D 开发环境配置
  6. 拓端tecdat|R语言用有限混合模型(FMM,finite mixture model)创建衰退指标对股市SPY、ETF收益聚类和双坐标图可视化
  7. Bag-of-words模型、TF-IDF模型
  8. 2023年东北大学理学院数学考研必看成功上岸前辈复习经验分享
  9. matlab仿真界面设计,基于MATLAB图形用户界面GUI的电路仿真实验的制作
  10. ExtJs4(3)——带搜索和操作按钮的表
  11. VMware中建立共享文件夹 win7
  12. 这是一则招聘贴——招聘区块链系统开发实习生
  13. java 定时器 倒计时_Java:多种方式实现倒计时定时器
  14. Qt设置按钮背景图片,点击不显示背景
  15. Fatal error: Uncaught Error: Call to undefined function mysql_connect()问题解决
  16. 2012年CCS云计算高峰论坛
  17. java zip 压缩工具类
  18. 一览 A16z 在 2023 年重点关注的 Crypto 和 Web3 游戏想法
  19. wget 命令 简单使用
  20. 前端笔记-——空格、」、「符号的使用

热门文章

  1. TypeError at / __init__() takes exactly 1 argument (2 given)
  2. hexo博客修改博文中日期的颜色
  3. softmax with cross-entropy loss求导(转载+细节整理)
  4. 网易云出现undefined symbol: fribidi_get_par_embedding_levels_ex
  5. 通俗理解LightGBM并图解举例
  6. 刪除github上的一個repository
  7. C#异常--System.IO.FileLoadException:“混合模式程序集是针对“v2.0.50727”版的运行时生成的错误...
  8. Kafka 入门和 Spring Boot 集成
  9. 前端开发的模块化和组件化的定义,以及两者的关系
  10. iOS_9_scrollView分页