如何正确配置属性“声纳.java二进制文件”?

我们使用SonarQube 5.1.2,使用Ant runner 2.2和Java插件3.12进行分析。我可以成功地分析我的项目。我只是不断得到这个错误:

Java bytecode has not been made available to the analyzer. The org.sonar.java.bytecode.visitor.DependenciesVisitor@d678716, org.sonar.java.checks.unused.UnusedPrivateMethodCheck@58e28efd, CycleBetweenPackages rule are disabled.

所以我需要配置我的声纳.java.二进制文件和声纳.java测试.二进制文件属性(遵循 http://docs.sonarqube.org/display/PLUG/Java+Plugin+and+Bytecode)。

我认为我做对了:

<property name="project.dir" value="${basedir}/xalg.prj/h3_service_fo" />   
<property name="sonar.java.binaries" location="${project.build.dir}/classes/main" />
<property name="sonar.java.test.binaries" value="${project.build.dir}/classes/test" />

它解析为上述属性的以下有效目录:

basedir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj
project.dir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo
sonar.java.binaries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\xalg.prj\\h3_service_fo\\build\\classes\\main
sonar.java.test.binaries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/build/classes/test

但我不断得到:

Java bytecode has not been made available to the analyzer. The org.sonar.java.bytecode.visitor.DependenciesVisitor@d678716, org.sonar.java.checks.unused.UnusedPrivateMethodCheck@58e28efd, CycleBetweenPackages rule are disabled.

对于我的生活,我无法弄清楚我需要为声纳.java.二进制文件和声纳.java测试二进制文件属性提供什么值。我甚至尝试使用sonar.binaries,它给了我以下输出:

Binary dirs: xalg.prj/h3_service_fo/build/classes

我没有使用sonar.java.binaries或sonar.java.test.binaries。我还得到了:

JavaClasspath initialization...
sonar.binaries and sonar.libraries are deprecated since version 2.5 of sonar-java-plugin, please use sonar.java.binaries and sonar.java.libraries instead

对于已弃用的属性,这是预期的。但是使用sonar.java.binaries属性,我没有在日志中获得“二进制dirs”行。

使用声纳.java二进制文件:

Language is forced to java
Load rules
Load rules (done) | time=761ms
Code colorizer, supported languages: cs,plsql
Initializers : 
Base dir: D:\appl\BuildAgent\work\H3\src.prj\java.prj
Working dir: D:\appl\BuildAgent\work\H3\src.prj\java.prj\.sonar
Source paths: xalg.prj/h3_service_fo/src/main/java
Test paths: xalg.prj/h3_service_fo/src/test/java
Source encoding: windows-1252, default locale: en_US
Index files

与使用sonar.binaries相比:

Language is forced to java
Load rules
Load rules (done) | time=736ms
Code colorizer, supported languages: cs,plsql
Initializers : 
Base dir: D:\appl\BuildAgent\work\H3\src.prj\java.prj
Working dir: D:\appl\BuildAgent\work\H3\src.prj\java.prj\.sonar
Source paths: xalg.prj/h3_service_fo/src/main/java
Test paths: xalg.prj/h3_service_fo/src/test/java
Binary dirs: xalg.prj/h3_service_fo/build/classes
Source encoding: windows-1252, default locale: en_US
Index files

我还研究了SonarQube,SonarQube Java插件和SonarQube Scanner的源代码,以查找“Java字节码尚未提供给分析器”或sonar.java.binaries的实例。我在sonar.java.binaries上找到了很多,但是“Java字节码尚未提供给分析器”没有任何内容。所以我不知道什么条件会触发这个错误。

我还在声纳.java二进制文件上尝试了以下排列:

<property name="sonar.java.binaries" location="${project.build.dir}/classes" />
<property name="sonar.java.binaries" location="${project.build.dir}/classes/main/nl" />

但这也无济于事。

奇怪的是,Squid似乎可以很好地解析类路径:

----- Classpath analyzed by Squid:
D:\appl\BuildAgent\work\H3\src.prj\java.prj\xalg.prj\h3_service_fo\build\classes\main

那么,我错过了什么呢?我做错了什么?提前致谢。

2016-09-08更新
删除了整个日志,帖子变得很长。

具有(我认为)相关路径的子集:

project.build.dir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/build
project.dir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo
project.src.dir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/src

sonar.dir=D\:/appl/sonarqube-5.1.2
sonar.working.directory=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\.sonar
sonar.projectBaseDir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj

sonar.jacoco.reportPath=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/build/jacoco/test.exec
sonar.junit.reportsPath=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/build/test-results

sonar.sources=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/src/main/java
sonar.java.binaries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\xalg.prj\\h3_service_fo\\build\\classes\\main

sonar.java.libraries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_deploy/*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_repos/lib/*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_repos/provided/*.jar

sonar.tests=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/src/test/java
sonar.java.test.binaries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/xalg.prj/h3_service_fo/build/classes/test
sonar.java.test.libraries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_deploy/*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_repos/lib/*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj/_repos/provided/*.jar

这些路径的格式与我的帖子中完全相同。难道声纳蚂蚁跑者无法找出一条同时带有反斜杠和斜杠的路径吗?

2016-09-16更新
删除了整个日志,帖子变得很长。

具有(我认为)相关路径的子集:

project.build.dir=xalg.prj\\\\h3_service_fo\\\\build
project.dir=xalg.prj\\\\h3_service_fo
project.src.dir=xalg.prj\\\\h3_service_fo\\\\src

sonar.dir=D\:\\\\appl\\\\sonarqube-5.1.2
sonar.working.directory=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\.sonar
sonar.projectBaseDir=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj

sonar.jacoco.reportPath=xalg.prj\\\\h3_service_fo\\\\build\\\\jacoco/test.exec
sonar.junit.reportsPath=xalg.prj\\\\h3_service_fo\\\\build\\\\test-results

sonar.sources=xalg.prj\\\\h3_service_fo\\\\src\\\\main\\\\java
sonar.java.binaries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\xalg.prj\\h3_service_fo\\build\\classes\\main
sonar.java.libraries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_deploy\\\\*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_repos\\\\lib\\\\*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_repos\\\\provided\\\\*.jar

sonar.tests=xalg.prj\\\\h3_service_fo\\\\src\\\\test\\\\java
sonar.java.test.binaries=xalg.prj\\\\h3_service_fo\\\\build\\\\classes\\\\test
sonar.java.test.libraries=D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_deploy\\\\*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_repos\\\\lib\\\\*.jar,D\:\\appl\\BuildAgent\\work\\H3\\src.prj\\java.prj\\\\_repos\\\\provided\\\\*.jar

有些路径已经变得相对,但我认为这是因为TeamCity将Ant文件更改为SVN中的文件。声纳.java.二进制文件是绝对的,它绝对指向正确的目录。

但我仍然收到此错误:

09:17:52.299 INFO  - Java Main Files AST scan done: 1579 ms
09:17:52.301 INFO  - 2/2 source files have been analyzed
09:17:52.305 WARN  - Java bytecode has not been made available to the analyzer. The org.sonar.java.bytecode.visitor.DependenciesVisitor@757a48f9, org.sonar.java.checks.unused.UnusedPrivateMethodCheck@1adf492b, CycleBetweenPackages rule are disabled.

类路径仍然被很好地解释:

[sonar:sonar] 09:17:51.971 DEBUG - ----- Classpath analyzed by Squid:
[sonar:sonar] 09:17:51.972 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\xalg.prj\h3_service_fo\build\classes\main
[sonar:sonar] 09:17:51.973 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\batch.daemon.jar
[sonar:sonar] 09:17:51.974 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\buildinfo.jar
[sonar:sonar] 09:17:51.975 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h2_shared.jar
[sonar:sonar] 09:17:51.975 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_generator.jar
[sonar:sonar] 09:17:51.976 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_loadtest.jar
[sonar:sonar] 09:17:51.977 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_common.jar
[sonar:sonar] 09:17:51.977 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xalg.jar
[sonar:sonar] 09:17:51.978 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xalg_dao.jar
[sonar:sonar] 09:17:51.979 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xalg_mappers.jar
[sonar:sonar] 09:17:51.979 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xalg_procedures.jar
[sonar:sonar] 09:17:51.980 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xcare.jar
[sonar:sonar] 09:17:51.981 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xcare_dao.jar
[sonar:sonar] 09:17:51.982 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xcare_mappers.jar
[sonar:sonar] 09:17:51.982 DEBUG - D:\appl\BuildAgent\work\H3\src.prj\java.prj\_deploy\h3_model_xcare_procedures.jar

声纳蚂蚁跑者会不会对逃脱的后斜线有问题?


答案 1

这就是我使用的,它的工作原理。

sonar-scanner -Dsonar.projectKey=projectName
-Dsonar.gitlab.commit_sha=$CI_BUILD_REF
-Dsonar.gitlab.ref_name=$CI_BUILD_REF_NAME -Dsonar.sources=directory\src\
-Dsonar.java.binaries=.build\libs\

您需要将 sonar.java.binaries 指向包含 jar 的目录。我不会试图用通配符和文件扩展名来获得花哨,这不是一回事。您需要一个目录作为参数,而不是文件的正则表达式。

我不了解声纳扫描仪的一切,但我的配置有效。

将我的例子放在上下文中,我在gitlab运行器管道中使用它。您的双反斜杠应该没问题,但您始终可以在配置文件中用它们替换正斜杠。


答案 2

以下是 Gradle 多项目的一些选项。我在CI(Jenkins)中运行,但原则适用。

选项:

  1. 手动维护硬编码的条目,例如:(等)sonar.java.binariessonar.java.binaries=subproject1/build/classes,subproject2/build/classes,

  2. 将其设置为项目的顶级目录:

    sonar.java.binaries=.

  3. 使用脚本在运行时生成您自己的 props 文件,例如:

    cat > sonar-project.properties <<EOF
    sonar.projectKey=XXXX
    sonar.projectVersion=YYYY
    sonar.sources=$(find . -path '*/src/main' | xargs | tr ' ' ',')
    sonar.java.binaries=$(find . -path '*/build/classes/java' | xargs | tr ' ' ',')
    EOF
    

请注意,上述内容也适用于 ,并且可能需要与 同步。显然,如果你的源值太宽泛(即包括测试等),你会得到更多的噪音。使用脚本的优点是,您可以根据自己的喜好自定义这些启发式方法。sonar.sourcessonar.java.binaries


推荐