本文共 7228 字，大约阅读时间需要 24 分钟。

SonarQube中提供SonarTS插件对前端的typescript代码进行质量扫描。这篇文章以SonarQube LTS 6.7为例整理进行一下typescript代码检查常见的问题与对应方法。

SonarQube Server端设定

• SonarQube版本
  本文使用SonarQube LTS 6.7.1版本。

安装并升级SonarTS插件和SonarJS插件，本文示例所更新的插件版本如下所示：

• SonarTS插件
  
• SonarJS插件
  

设定方法

管理员账户登陆之后，在Administration页面的marketplace选项即可进行更新等操作

客户端

Sonar-Scanner设定方法

使用的Sonar-Scanner的版本为4.2，此版本中自带JRE。但是在Alpine的镜像中可能不好用，如果需要使用JAVA_HOME中指定的JRE或者JDK，vi手动修改sonar-scanner中的

/data/jenkins/workspace/angular-pipeline-job/demo # /usr/local/share/sonar/bin/sonar-scanner --versionINFO: Scanner configuration file: /usr/local/share/sonar/conf/sonar-scanner.propertiesINFO: Project root configuration file: NONEINFO: SonarQube Scanner 4.2.0.1873INFO: Java 1.8.0_212 IcedTea (64-bit)INFO: Linux 4.9.87-linuxkit-aufs amd64/data/jenkins/workspace/angular-pipeline-job/demo #

typescript前端示例工程

使用Angular创建一个demo应用，使用如下命令即可

执行命令：ng new demo --style less

在Jenkinsfile中创建前端应用的示例可参看：

Sonar-Scanner使用示例

使用user/password方式

示例如下所示

/usr/local/share/sonar/bin/sonar-scanner \  -Dsonar.projectKey=angular \  -Dsonar.sources=src \  -Dsonar.host.url=http://192.168.31.242:9000 \  -Dsonar.login=admin \  -Dsonar.password=admin

使用token方式

示例如下所示

/usr/local/share/sonar/bin/sonar-scanner \  -Dsonar.projectKey=angular \  -Dsonar.sources=src \  -Dsonar.host.url=http://192.168.31.242:9000 \  -Dsonar.login=8b138774fb2d29e2e7bcdca249c7e09a2013740c

常见问题

profile被删空或者缺少相应插件

profile如果连sonar way都被删除的情况下，或者缺少检查对象文件相应的插件的安装（比如检查typescript文件没有安装SonarTS插件的情况下），可能会提示如下的错误信息。

ERROR: Error during SonarQube Scanner executionERROR: No quality profiles have been found, you probably don't have any language plugin installed.ERROR:

SonarQube服务器端无法连接

基于网络或者SonarQube服务未正常启动等原因导致sonar-scanner无法连接服务器侧，此时经常会报出类似如下的错误信息

ERROR: Error during SonarQube Scanner executionorg.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)	at java.security.AccessController.doPrivileged(Native Method)...省略

客户端未安装nodejs

客户端对typescript进行扫描时，一般情况下会调用本地的nodejs进行预解析，如果本地没有安装nodejs或者未正确设定执行时的搜索路径，一般会报出诸如如下的错误信息

ERROR: Error during SonarQube Scanner executionjava.lang.IllegalStateException: Failed to get Node.js version.No TypeScript files will be analyzed. You can exclude TypeScript files from analysis with 'sonar.exclusions' property.	at org.sonar.plugin.typescript.ExternalTypescriptSensor.checkCompatibleNodeVersion(ExternalTypescriptSensor.java:163)	at org.sonar.plugin.typescript.ExternalTypescriptSensor.analyze(ExternalTypescriptSensor.java:117)	at org.sonar.plugin.typescript.ExternalTypescriptSensor.execute(ExternalTypescriptSensor.java:111)	at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)	at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:88)	at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:82)...省略

当然你也可以像提示说的那样在sonar.exclusions中设定让所有的ts文件都不作为扫描对象，显然这不是我们希望的解决方法。如果一般的环境直接安装nodejs即可，但是目前情况下，Alpine环境较为麻烦，最简单的方式是使用Alpine自带的包进行解决

/data/jenkins/workspace/angular-pipeline-job/demo # apk add nodejsfetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gzfetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz(1/4) Installing c-ares (1.15.0-r0)(2/4) Installing http-parser (2.8.1-r0)(3/4) Installing libuv (1.23.2-r0)(4/4) Installing nodejs (10.14.2-r0)Executing busybox-1.29.3-r10.triggerOK: 373 MiB in 115 packages/data/jenkins/workspace/angular-pipeline-job/demo # apk add npm(1/1) Installing npm (10.14.2-r0)Executing busybox-1.29.3-r10.triggerOK: 397 MiB in 116 packages/data/jenkins/workspace/angular-pipeline-job/demo #

执行示例

以下以Angular的demo应用为例，使用sonar-scanner进行扫描，执行日志如下所示

/data/jenkins/workspace/angular-pipeline-job/demo # /usr/local/share/sonar/bin/sonar-scanner \>   -Dsonar.projectKey=angular \>   -Dsonar.sources=src \>   -Dsonar.host.url=http://192.168.31.242:9000 \>   -Dsonar.login=admin \>   -Dsonar.password=adminINFO: Scanner configuration file: /usr/local/share/sonar/conf/sonar-scanner.propertiesINFO: Project root configuration file: NONEINFO: SonarQube Scanner 4.2.0.1873INFO: Java 1.8.0_212 IcedTea (64-bit)INFO: Linux 4.9.87-linuxkit-aufs amd64INFO: User cache: /root/.sonar/cacheINFO: SonarQube server 6.7.1INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)INFO: Publish modeINFO: Load global settingsINFO: Load global settings (done) | time=239msINFO: Server id: AW3nsip1zhnfoGaybxGbINFO: User cache: /root/.sonar/cacheINFO: Load plugins indexINFO: Load plugins index (done) | time=140msINFO: Process project propertiesINFO: Load project repositoriesINFO: Load project repositories (done) | time=43msINFO: Load quality profilesINFO: Load quality profiles (done) | time=227msINFO: Load active rulesINFO: Load active rules (done) | time=837msINFO: Load metrics repositoryINFO: Load metrics repository (done) | time=73msWARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project.INFO: Project key: angularINFO: -------------  Scan angularINFO: Load server rulesINFO: Load server rules (done) | time=96msINFO: Base dir: /data/jenkins/workspace/angular-pipeline-job/demoINFO: Working dir: /data/jenkins/workspace/angular-pipeline-job/demo/.scannerworkINFO: Source paths: srcINFO: Source encoding: UTF-8, default locale: en_USINFO: Index filesINFO: 13 files indexedINFO: Quality profile for ts: Sonar wayINFO: Sensor SonarTS [typescript]INFO: Analyzing 8 typescript file(s) with the following configuration file /data/jenkins/workspace/angular-pipeline-job/demo/tsconfig.jsonINFO: 8 files analyzed out of 8INFO: Sensor SonarTS [typescript] (done) | time=16336msINFO: Sensor Zero Coverage SensorINFO: Sensor Zero Coverage Sensor (done) | time=45msINFO: Sensor CPD Block IndexerINFO: Sensor CPD Block Indexer (done) | time=2msINFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.INFO: 5 files had no CPD blocksINFO: Calculating CPD for 3 filesINFO: CPD calculation finishedINFO: Analysis report generated in 387ms, dir size=15 KBINFO: Analysis reports compressed in 1878ms, zip size=14 KBINFO: Analysis report uploaded in 772msINFO: ANALYSIS SUCCESSFUL, you can browse http://192.168.31.242:9000/dashboard/index/angularINFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis reportINFO: More about the report processing at http://192.168.31.242:9000/api/ce/task?id=AW3uIXRZ5xxGRMjITaYsINFO: Task total time: 26.987 sINFO: ------------------------------------------------------------------------INFO: EXECUTION SUCCESSINFO: ------------------------------------------------------------------------INFO: Total time: 30.227sINFO: Final Memory: 8M/70MINFO: ------------------------------------------------------------------------/data/jenkins/workspace/angular-pipeline-job/demo #

执行结果如下所示

追记

后续发现，使用Sonar-Scanner 4.2 + SonarQuebe 6.7.1非常容易造成SonarQube服务的异常终止。所以SonarQube 6.7.1 仍建议使用Sonar-Scanner 3.2与之配合使用。详细可参看：

• https://liumiaocn.blog.csdn.net/article/details/102772836

转载地址：https://liumiaocn.blog.csdn.net/article/details/102670480 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！