Skip to content

Instantly share code, notes, and snippets.

@greenstevester
Last active October 6, 2018 06:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save greenstevester/e56e8bbcae5e26f1c2d708a183d45498 to your computer and use it in GitHub Desktop.
Save greenstevester/e56e8bbcae5e26f1c2d708a183d45498 to your computer and use it in GitHub Desktop.
How to run bitcoin source through sonar
First, you have to download and build the Bitcoin Core
------------------------
1. Clone the bitcoin source code and cd into `bitcoin`
git clone https://github.com/bitcoin/bitcoin
cd bitcoin
2. Build bitcoin-core:
Configure and build the headless bitcoin binaries as well as the GUI (if Qt is found).
You can disable the GUI build by passing `--without-gui` to configure.
./autogen.sh
./configure
make
Next you have to create a sonar account, perform the scan locally and upload it.
------------------------
3. Navigate to https://sonarcloud.io/projects
4. Click on "Analyse New Project" button
5. Generate a new token
6. Choose "C C++" as the language (this does not work on sonarcloud.io currently, waiting to hear back from sonarcloud 10.02.018).
NOTE: if you don't add -Dsonar.language=c ...then the scanner defaults to java. But of course this only scans the c files, missing all the cpp files which is crap.
7. Follow the prompts and download the scanner for your O/S
8. Open your terminal and run:
/Applications/sonarcubeScanner/build-wrapper-macosx-x86 --out-dir bw-output make clean all
... wait... then run:
/Applications/sonarcubeScanner/sonar-scanner-3.0.3.778-macosx/bin/sonar-scanner \
-Dsonar.projectKey=<the project key> \
-Dsonar.organization=bitcoin \
-Dsonar.cfamily.build-wrapper-output=bw-output \
-Dsonar.sources=./src \
-Dsonar.exclusions=**/*.py \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.login=<the key they generate> -X
9. View the project at https://sonarcloud.io/dashboard?id=<the project key>
Unfortunately, this is what happens:
-------------------------------------
/Users/me/crypo_projects/bitcoin
==> /Applications/sonarcubeScanner/sonar-scanner-3.0.3.778-macosx/bin/sonar-scanner \
> -Dsonar.projectKey=bitcoin-3 \
> -Dsonar.organization=bitcoin \
> -Dsonar.sources=./src \
> -Dsonar.cfamily.build-wrapper-output=bw-output \
> -Dsonar.host.url=https://sonarcloud.io \
> -Dsonar.login=836ea26d7e08a0738a6e45305fe745bb22c593ba
INFO: Scanner configuration file: /Applications/sonarcubeScanner/sonar-scanner-3.0.3.778-macosx/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 3.0.3.778
INFO: Java 1.8.0_121 Oracle Corporation (64-bit)
INFO: Mac OS X 10.12.6 x86_64
INFO: User cache: /Users/me/.sonar/cache
INFO: Publish mode
INFO: Load global settings
INFO: Load global settings (done) | time=773ms
INFO: Server id: AVdllfqQ9IFRWI6U49y8
INFO: User cache: /Users/me/.sonar/cache
INFO: Load plugins index
INFO: Load plugins index (done) | time=171ms
INFO: Load/download plugins
INFO: Load/download plugins (done) | time=127ms
INFO: SonarQube server 7.1.0
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Process project properties
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=1ms
INFO: Load project repositories
INFO: Load project repositories (done) | time=183ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=1ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=165ms
INFO: Load active rules
INFO: Load active rules (done) | time=3269ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=161ms
INFO: Project key: bitcoin-3
INFO: Organization key: bitcoin
INFO: ------------- Scan bitcoin-3
INFO: Load server rules
INFO: Load server rules (done) | time=590ms
INFO: Base dir: /Users/me/crypo_projects/bitcoin
INFO: Working dir: /Users/me/crypo_projects/bitcoin/.scannerwork
INFO: Source paths: src
INFO: Source encoding: UTF-8, default locale: en_US
WARN: Property 'sonar.php.file.suffixes' is not declared as multi-values/property set but was read using 'getStringArray' method. The SonarQube plugin declaring this property should be updated.
INFO: Index files
INFO: 1652 files indexed
INFO: Quality profile for c: Sonar way
INFO: Quality profile for cpp: Sonar way
INFO: Quality profile for java: Sonar way
INFO: Quality profile for ts: Sonar way
INFO: Quality profile for web: Sonar way
INFO: Sensor JavaSquidSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 9.974s
INFO: Final Memory: 76M/445M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
org.sonar.squidbridge.api.AnalysisException: Please provide compiled classes of your project with sonar.java.binaries property
at org.sonar.java.JavaClasspath.init(JavaClasspath.java:58)
at org.sonar.java.AbstractJavaClasspath.getElements(AbstractJavaClasspath.java:280)
at org.sonar.java.SonarComponents.getJavaClasspath(SonarComponents.java:134)
at org.sonar.java.JavaSquid.<init>(JavaSquid.java:89)
at org.sonar.plugins.java.JavaSquidSensor.execute(JavaSquidSensor.java:90)
at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)
at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:88)
@greenstevester
Copy link
Author

When I run with -Dsonar.language=c it works, but naturally skips all cpp files

@bellingard
Copy link

Looks like there are some Java files - which need to be compiled to be properly analysed. Instead of specifying -Dsonar.language=c to include inly C files, simply exclude the Java one with -Dsonar.exclusions=**/*.java.

@greenstevester
Copy link
Author

Thanks @bellingard, that worked a charm!

@Eleanorbai
Copy link

That's really worked!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment