静态代码扫描)
- 主要内容:
- Tscancode 报告解析插件使用
- 1.Tscancode linux使用命令介绍
- 2.插件jar包
- 3.tscancode扫描生成的文件
- 4.解析报告插件执行方式与参数说明
- 5.解析后生成报告样式
- CPPCHECK报告解析
- 1.cppcheck 代码扫描linux命令
- 2.解析报告插件使用
- 报告解析插件代码
- Jenkins 构建
主要内容:
1.tscancode插件使用
2.cppcheck插件使用
3.解析两个插件报告文件为html的代码编写
4.jenkins流水线搭建
Tscancode 报告解析插件使用
1.Tscancode linux使用命令介绍
常用使用命令
–xml 将xml格式的结果写入错误流
-q, --quiet 不显示进度报告。
-h, --help 打印帮助信息
执行文件 从github下载最新代码包 下载地址https://github.com/Tencent/TscanCode,如下为下好的代码
暂时无法在飞书文档外展示此内容
Tscancode 扫描示例代码C++代码路径为 \tscancode-master\samples
可执行文件 /tscancode/tscancode-master/release/linux/TscanCodeV2.14.2395.linux/tscancode
#生成分析报告并导出到result.xml 命令
./tscancode /home/soft/tscancode/tscancode-master --xml 2> result.xml
2.插件jar包
code-scan-util.jar 见附件
3.tscancode扫描生成的文件
见附件
4.解析报告插件执行方式与参数说明
目前 code-scan-util.jar 三个必输参数
–stage :执行目标,目前只有两个选项
tscanreport 解析tscancode的报告
cppreport 解析cppcheck的报告
–basePath: 要解析的日志文件名全路径
–savePath: 解析后报告的存放路径(仅路径,名称默认为report or cppreport)
示例命令
java -jar code-scan-util.jar --stage=tscanreport --basePath=/home/soft/tscancode/tscancode-master/release/linux/TscanCodeV2.14.2395.linux/result.xml --savePath=./
5.解析后生成报告样式
report .html
下载用浏览器打开
CPPCHECK报告解析
1.cppcheck 代码扫描linux命令
cppcheck -q /home/soft/tscancode/tscancode-master/samples/cpp --xml 2>result.xml --enable=all
2.解析报告插件使用
java -jar '/automation/scripts/code-scan-util.jar' --stage=cppreport --basePath='/automation/report/cppcheck/result.xml' --savePath='/automation/report/cppcheck/analyse'
解析后报告
cppReport.html
报告解析插件代码
https://gitee.com/burebaobao/demo-work-space
Jenkins 构建
jenkins 脚本
def CustomizeRepos = ''
def Baseline = 'false'
def VersionInfo=''
def testMessage=''
def Pr_CustomizeRepos = ""
pipeline {
agent {
label 'le-node'
}
parameters {
string(name: 'BRANCHNAME', defaultValue: 'develop', description: '代码分支名称')
}
environment {
JENKINS_NODE_COOKIE = 'dontKillMe'
project_path = '/automation/code/'
pipeline_git_tool = '/automation/scripts/build_gitclone.sh'
url = 'https://gitee.com/burebaobao/tscancode-master.git'
code_scan_util = '/automation/scripts/code-scan-util.jar'
tscancode_path = '/home/soft/tscancode/tscancode-master/release/linux/TscanCodeV2.14.2395.linux'
tscan_report = '/automation/report/tscancode/result.xml'
savePath_tscan = '/automation/report/tscancode/analyse'
cppcheck_report = '/automation/report/cppcheck/result.xml'
savePath_cppcheck = '/automation/report/cppcheck/analyse'
}
stages {
stage("任务参数检测") {
steps {
println "JobName: " + env.JOB_NAME
println "BuildNumber: " + env.BUILD_NUMBER
script {
echo "任务参数检测"
}
}
}
stage("清理测试环境") {
steps {
script {
echo "删除之前代码库代码"
sh "cd ${project_path}"
sh "rm -rf /automation/code/*"
echo "删除之前测试报告"
sh "rm -rf /automation/report/tscancode/result.xml"
sh "rm -rf /automation/report/tscancode/analyse/*"
sh "rm -rf /automation/report/cppcheck/result.xml"
sh "rm -rf /automation/report/cppcheck/analyse/*"
}
}
}
stage("下载平台代码") {
steps {
script {
echo "开始克隆代码"
sh "cd ${project_path}"
def git_clone="git clone -b ${BRANCHNAME} --single-branch https://gitee.com/burebaobao/tscancode-master.git"
echo "${git_clone}"
sh "${env.pipeline_git_tool} '${project_path}' '${BRANCHNAME}' '${url}'"
}
}
}
stage("tscancode扫描并解析报告") {
steps {
script {
echo "tscancode扫描...."
sh "'${tscancode_path}'/tscancode '${project_path}'/tscancode-master --xml 2> '${tscan_report}'"
echo "tscancode扫描报告解析...."
sh "java -jar '${code_scan_util}' --stage=tscanreport --basePath='${tscan_report}' --savePath='${savePath_tscan}'"
}
}
post {
success{
script{
publishHTML(target: [
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: "${env.savePath_tscan}",
reportFiles: 'report.html',
reportName: "TSCANCODE-Report"
])
}
}
}
}
stage("cppcheck扫描并解析报告") {
steps {
script {
echo "cppcheck扫描...."
sh "cppcheck '${project_path}'/tscancode-master/samples --xml 2>'${cppcheck_report}' --enable=all"
echo "cppcheck扫描报告解析...."
sh "java -jar '${code_scan_util}' --stage=cppreport --basePath='${cppcheck_report}' --savePath='${savePath_cppcheck}'"
}
}
post {
success{
script{
publishHTML(target: [
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: "${env.savePath_cppcheck}",
reportFiles: 'cppReport.html',
reportName: "CPPCHECK-Report"
])
}
}
}
}
}
}
git操作的shell脚本
#!/bin/bash
#########################################
#代码clone脚本
#参数:
# path 代码存储路径
# branch 代码分支名
# url 地址
#########################################
#参数判断
if [ $# != 3 ]; then
echo "参数输入错误,输入必须包括path、Branch、url参数!"
exit -1
fi
path=$1
branch=$2
url=$3
echo "开始"
echo "切换路径到 $path"
cd ${path}
echo "克隆的代码分支为 ${branch}"
mcd="git clone -b ${branch} --single-branch https://gitee.com/burebaobao/tscancode-master.git"
git clone -b ${branch} --single-branch ${url}
