【发布时间】:2023-03-15 05:04:01
【问题描述】:
我正在使用 sonar 8.2(build 32929)检查团队 CI 管道中的代码,Java 项目有 1440 个文件和 78K Loc。
我想从声纳扫描中获取新的代码覆盖率和重复信息,并且不需要错误、漏洞、代码异味。所以我将java规则设置为空以减少时间成本。
但是,使用空规则进行声纳扫描也会花费太多时间。这是日志:
14:11:58 + mvn -U clean package sonar:sonar
14:16:51 [INFO] test and package done.
14:16:58 [INFO] --- sonar-maven-plugin:3.8.0.2131:sonar (default-cli) @ project
14:16:59 [INFO] SonarQube version: 8.2.0
14:17:03 [INFO] 1448 files indexed
14:17:05 [INFO] Load project repositories (done) | time=157ms
14:19:01 [INFO] 951/951 source files have been analyzed
14:19:01 [INFO] Java Main Files AST scan (done) | time=115457ms
14:19:19 [INFO] 150/150 source files have been analyzed
14:19:19 [INFO] Java Test Files AST scan (done) | time=18692ms
14:19:19 [INFO] Sensor JavaSquidSensor [java] (done) | time=134323ms
14:19:39 [INFO] Sensor FindBugs Sensor [findbugs]
14:20:49 [INFO] Sensor FindBugs Sensor [findbugs] (done) | time=62128ms
14:21:01 [INFO] Analysis report uploaded in 714ms
14:21:01 [INFO] ANALYSIS SUCCESSFUL, you can browse https://my.sonar.url
14:21:01 [INFO] Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
14:21:01 [INFO] More about the report processing at https://my.sonar.url
14:21:02 [INFO] Analysis total time: 4:02.695 s
它显示 java AST 扫描大约需要 2 分钟(用于重复信息并且需要它),Sensor JavaSquidSensor 需要 2+ 分钟和 Sensor FindBugs 需要 1 分钟。
因为我将项目的java质量配置文件设置为空,所以我认为在声纳扫描期间不需要JavaSquidSensor和FindBugsSensor。
那么如何跳过或禁用 JavaSquidSensor 和 FindBugs Sensor 进行声纳扫描?
谢谢!
【问题讨论】:
标签: java maven continuous-integration sonarqube sonarqube-scan