SonarQube āĻšāĻ˛ āĻāĻāĻāĻŋ āĻāĻĒā§āĻ¨ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄ āĻā§āĻ¯āĻŧāĻžāĻ˛āĻŋāĻāĻŋ āĻ ā§āĻ¯āĻžāĻ¸ā§āĻ°ā§āĻ¨ā§āĻ¸ āĻĒā§āĻ˛ā§āĻ¯āĻžāĻāĻĢāĻ°ā§āĻŽ āĻ¯āĻž āĻŦāĻŋāĻ¸ā§āĻ¤ā§āĻ¤ āĻĒā§āĻ°ā§āĻā§āĻ°āĻžāĻŽāĻŋāĻ āĻāĻžāĻˇāĻž āĻ¸āĻŽāĻ°ā§āĻĨāĻ¨ āĻāĻ°ā§ āĻāĻŦāĻ āĻā§āĻĄ āĻĄā§āĻĒā§āĻ˛āĻŋāĻā§āĻļāĻ¨, āĻā§āĻĄāĻŋāĻ āĻ¸ā§āĻā§āĻ¯āĻžāĻ¨ā§āĻĄāĻžāĻ°ā§āĻĄ āĻāĻŽāĻĒā§āĻ˛āĻžāĻ¯āĻŧā§āĻ¨ā§āĻ¸, āĻā§āĻ¸ā§āĻ āĻāĻāĻžāĻ°ā§āĻ, āĻā§āĻĄ āĻāĻāĻŋāĻ˛āĻ¤āĻž, āĻ¸āĻŽā§āĻāĻžāĻŦā§āĻ¯ āĻŦāĻžāĻ āĻāĻŦāĻ āĻāĻ°āĻ āĻ āĻ¨ā§āĻ āĻāĻŋāĻā§āĻ° āĻŽāĻ¤ā§ āĻŽā§āĻā§āĻ°āĻŋāĻā§āĻ¸ā§āĻ° āĻ°āĻŋāĻĒā§āĻ°ā§āĻāĻŋāĻ āĻĒā§āĻ°āĻĻāĻžāĻ¨ āĻāĻ°ā§āĨ¤ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦ āĻ¸ā§āĻŦāĻŋāĻ§āĻžāĻāĻ¨āĻāĻāĻžāĻŦā§ āĻŦāĻŋāĻļā§āĻ˛ā§āĻˇāĻŖā§āĻ° āĻĢāĻ˛āĻžāĻĢāĻ˛āĻā§āĻ˛āĻŋ āĻāĻ˛ā§āĻĒāĻ¨āĻž āĻāĻ°ā§ āĻāĻŦāĻ āĻāĻĒāĻ¨āĻžāĻā§ āĻ¸āĻŽāĻ¯āĻŧā§āĻ° āĻ¸āĻžāĻĨā§ āĻ¸āĻžāĻĨā§ āĻĒā§āĻ°āĻāĻ˛ā§āĻĒā§āĻ° āĻŦāĻŋāĻāĻžāĻļā§āĻ° āĻāĻ¤āĻŋāĻļā§āĻ˛āĻ¤āĻž āĻā§āĻ°ā§āĻ¯āĻžāĻ āĻāĻ°āĻžāĻ° āĻ āĻ¨ā§āĻŽāĻ¤āĻŋ āĻĻā§āĻ¯āĻŧāĨ¤
āĻāĻĻā§āĻĻā§āĻļā§āĻ¯: āĻĄā§āĻā§āĻ˛āĻĒāĻžāĻ°āĻĻā§āĻ° āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄā§āĻ° āĻŽāĻžāĻ¨ āĻ¨āĻŋāĻ¯āĻŧāĻ¨ā§āĻ¤ā§āĻ°āĻŖā§āĻ° āĻ āĻŦāĻ¸ā§āĻĨāĻž āĻĻā§āĻāĻžāĻ¨āĨ¤
āĻĻā§āĻāĻŋ āĻ¸āĻŽāĻžāĻ§āĻžāĻ¨ āĻāĻā§:
- SonarQube-āĻ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄ āĻā§āĻ¯āĻŧāĻžāĻ˛āĻŋāĻāĻŋ āĻāĻ¨ā§āĻā§āĻ°ā§āĻ˛ āĻ¸ā§āĻā§āĻ¯āĻžāĻāĻžāĻ¸ āĻā§āĻ āĻāĻ°āĻ¤ā§ āĻāĻāĻāĻŋ āĻ¸ā§āĻā§āĻ°āĻŋāĻĒā§āĻ āĻāĻžāĻ˛āĻžāĻ¨āĨ¤ āĻ¯āĻĻāĻŋ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄā§āĻ° āĻŽāĻžāĻ¨ āĻ¨āĻŋāĻ¯āĻŧāĻ¨ā§āĻ¤ā§āĻ°āĻŖ āĻĒāĻžāĻ¸ āĻ¨āĻž āĻšāĻ¯āĻŧ, āĻ¤āĻžāĻšāĻ˛ā§ āĻ¸āĻŽāĻžāĻŦā§āĻļ āĻŦā§āĻ¯āĻ°ā§āĻĨ āĻšāĻ¯āĻŧāĨ¤
- āĻŽā§āĻ˛ āĻĒā§āĻ°āĻāĻ˛ā§āĻĒā§āĻ° āĻĒā§āĻˇā§āĻ āĻžāĻ¯āĻŧ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄā§āĻ° āĻŽāĻžāĻ¨ āĻ¨āĻŋāĻ¯āĻŧāĻ¨ā§āĻ¤ā§āĻ°āĻŖā§āĻ° āĻ
āĻŦāĻ¸ā§āĻĨāĻž āĻĻā§āĻāĻžāĻ¨āĨ¤
āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻž āĻšāĻā§āĻā§
rpm āĻĒā§āĻ¯āĻžāĻā§āĻ āĻĨā§āĻā§ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻ¤ā§, āĻāĻŽāĻ°āĻž āĻ¸āĻāĻā§āĻ°āĻšāĻ¸ā§āĻĨāĻ˛ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°āĻŦ
āĻāĻ¸ā§āĻ¨ CentOS 7 āĻāĻ° āĻāĻ¨ā§āĻ¯ āĻ¸āĻāĻā§āĻ°āĻšāĻ¸ā§āĻĨāĻ˛ā§āĻ° āĻ¸āĻžāĻĨā§ āĻĒā§āĻ¯āĻžāĻā§āĻāĻāĻŋ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻŋāĨ¤
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
āĻāĻŽāĻ°āĻž āĻ¨āĻŋāĻā§āĻ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻŋāĨ¤
yum install -y sonarqube
āĻāĻ¨āĻ¸ā§āĻāĻ˛ā§āĻļāĻ¨ā§āĻ° āĻ¸āĻŽāĻ¯āĻŧ, āĻŦā§āĻļāĻŋāĻ°āĻāĻžāĻ āĻĒā§āĻ˛āĻžāĻāĻāĻ¨ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻž āĻšāĻŦā§, āĻ¤āĻŦā§ āĻāĻĒāĻ¨āĻžāĻā§ findbugs āĻāĻŦāĻ pmd āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻ¤ā§ āĻšāĻŦā§
yum install -y sonarqube-findbugs sonarqube-pmd
āĻĒāĻ°āĻŋāĻˇā§āĻŦāĻžāĻāĻŋ āĻāĻžāĻ˛ā§ āĻāĻ°ā§āĻ¨ āĻāĻŦāĻ āĻāĻāĻŋāĻā§ āĻ¸ā§āĻāĻžāĻ°ā§āĻāĻāĻĒā§ āĻ¯ā§āĻā§āĻ¤ āĻāĻ°ā§āĻ¨
systemctl start sonarqube
systemctl enable sonarqube
āĻ¯āĻĻāĻŋ āĻ˛ā§āĻĄ āĻšāĻ¤ā§ āĻ āĻ¨ā§āĻ āĻ¸āĻŽāĻ¯āĻŧ āĻ˛āĻžāĻā§, āĻ¤āĻžāĻšāĻ˛ā§ sonar.web.javaOpts āĻŦāĻŋāĻāĻ˛ā§āĻĒā§āĻ° āĻļā§āĻˇā§ āĻāĻāĻāĻŋ āĻ°ā§āĻ¯āĻžāĻ¨ā§āĻĄāĻŽ āĻ¨āĻŽā§āĻŦāĻ° āĻā§āĻ¨āĻžāĻ°ā§āĻāĻ° /dev/./urandom āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨āĨ¤
sonar.web.javaOpts=Đ´ŅŅĐŗиĐĩ ĐŋĐ°ŅĐ°ĐŧĐĩŅŅŅ -Djava.security.egd=file:/dev/urandom
SonarQube-āĻ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄ āĻŽāĻžāĻ¨ āĻ¨āĻŋāĻ¯āĻŧāĻ¨ā§āĻ¤ā§āĻ°āĻŖā§āĻ° āĻ¸ā§āĻĨāĻŋāĻ¤āĻŋ āĻĒāĻ°ā§āĻā§āĻˇāĻž āĻāĻ°āĻ¤ā§ āĻāĻāĻāĻŋ āĻ¸ā§āĻā§āĻ°āĻŋāĻĒā§āĻ āĻāĻžāĻ˛āĻžāĻ¨ā§ āĻšāĻā§āĻā§āĨ¤
āĻĻā§āĻ°ā§āĻāĻžāĻā§āĻ¯āĻŦāĻļāĻ¤, āĻ¸ā§āĻ¨āĻžāĻ°-āĻŦā§āĻ°ā§āĻ-āĻŽāĻžāĻā§āĻ¨-āĻĒā§āĻ˛āĻžāĻāĻāĻ¨ āĻĒā§āĻ˛āĻžāĻāĻāĻ¨āĻāĻŋ āĻĻā§āĻ°ā§āĻāĻĻāĻŋāĻ¨ āĻ§āĻ°ā§ āĻāĻĒāĻĄā§āĻ āĻāĻ°āĻž āĻšāĻ¯āĻŧāĻ¨āĻŋāĨ¤ āĻ¤āĻžāĻ āĻāĻ¸ā§āĻ¨ āĻāĻŽāĻžāĻĻā§āĻ° āĻ¨āĻŋāĻā§āĻ° āĻ¸ā§āĻā§āĻ°āĻŋāĻĒā§āĻ āĻ˛āĻŋāĻāĻŋ.
āĻĒāĻ°ā§āĻā§āĻˇāĻžāĻ° āĻāĻ¨ā§āĻ¯ āĻāĻŽāĻ°āĻž āĻ¸āĻāĻā§āĻ°āĻšāĻ¸ā§āĻĨāĻ˛ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ° āĻāĻ°āĻŦ
āĻāĻŋāĻāĻ˛ā§āĻ¯āĻžāĻŦā§ āĻāĻŽāĻĻāĻžāĻ¨āĻŋ āĻāĻ°āĻž āĻšāĻā§āĻā§āĨ¤ .gitlab-ci.yml āĻĢāĻžāĻāĻ˛ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # ĐģĐžĐŗиĐŊ sonarqube
PASSWORD: "admin" # ĐŋĐ°ŅĐžĐģŅ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
.gitlab-ci.yml āĻĢāĻžāĻāĻ˛āĻāĻŋ āĻ¨āĻŋāĻā§āĻāĻ¤ āĻ¨āĻ¯āĻŧāĨ¤ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§ āĻ¸ā§āĻā§āĻ¯āĻžāĻ¨ āĻāĻ°āĻžāĻ° āĻāĻžāĻāĻā§āĻ˛āĻŋ āĻ¸ā§āĻā§āĻ¯āĻžāĻāĻžāĻ¸ āĻĻāĻŋāĻ¯āĻŧā§ āĻļā§āĻˇ āĻšāĻ˛ā§ āĻĒāĻ°ā§āĻā§āĻˇāĻž āĻāĻ°āĻž āĻšāĻ¯āĻŧā§āĻā§: "āĻ¸āĻžāĻĢāĻ˛ā§āĻ¯"ā§ˇ āĻāĻāĻ¨ āĻĒāĻ°ā§āĻ¯āĻ¨ā§āĻ¤ āĻ āĻ¨ā§āĻ¯ āĻā§āĻ¨ āĻ¸ā§āĻā§āĻ¯āĻžāĻāĻžāĻ¸ āĻ¨ā§āĻ. āĻ¯āĻ¤ āĻ¤āĻžāĻĄāĻŧāĻžāĻ¤āĻžāĻĄāĻŧāĻŋ āĻ āĻ¨ā§āĻ¯āĻžāĻ¨ā§āĻ¯ āĻ¸ā§āĻā§āĻ¯āĻžāĻāĻžāĻ¸ āĻāĻā§, āĻāĻŽāĻŋ āĻāĻ āĻĒā§āĻ¸ā§āĻā§ .gitlab-ci.yml āĻ¸āĻāĻļā§āĻ§āĻ¨ āĻāĻ°āĻŦāĨ¤
āĻŽā§āĻ˛ āĻĒā§āĻ°āĻāĻ˛ā§āĻĒā§āĻ° āĻĒā§āĻˇā§āĻ āĻžāĻ¯āĻŧ āĻ¸ā§āĻ°ā§āĻ¸ āĻā§āĻĄā§āĻ° āĻŽāĻžāĻ¨ āĻ¨āĻŋāĻ¯āĻŧāĻ¨ā§āĻ¤ā§āĻ°āĻŖā§āĻ° āĻ āĻŦāĻ¸ā§āĻĨāĻž āĻĒā§āĻ°āĻĻāĻ°ā§āĻļāĻ¨ āĻāĻ°āĻž āĻšāĻā§āĻā§
āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§āĻ° āĻāĻ¨ā§āĻ¯ āĻĒā§āĻ˛āĻžāĻāĻāĻ¨ āĻāĻ¨āĻ¸ā§āĻāĻ˛ āĻāĻ°āĻž āĻšāĻā§āĻā§
yum install -y sonarqube-qualinsight-badges
āĻāĻŽāĻ°āĻž SonarQube āĻ āĻ¯āĻžāĻ
āĻāĻāĻāĻŋ āĻ¨āĻŋāĻ¯āĻŧāĻŽāĻŋāĻ¤ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ°āĻāĻžāĻ°ā§ āĻ¤ā§āĻ°āĻŋ āĻāĻ°ā§āĻ¨, āĻāĻĻāĻžāĻšāĻ°āĻŖāĻ¸ā§āĻŦāĻ°ā§āĻĒ "āĻŦā§āĻ¯āĻžāĻ"āĨ¤
āĻāĻ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ°āĻāĻžāĻ°ā§āĻ° āĻ
āĻ§ā§āĻ¨ā§ āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§ āĻ˛āĻ āĻāĻ¨ āĻāĻ°ā§āĻ¨āĨ¤
"āĻāĻŽāĻžāĻ° āĻ ā§āĻ¯āĻžāĻāĻžāĻāĻ¨ā§āĻ" āĻ āĻ¯āĻžāĻ¨, āĻāĻāĻāĻŋ āĻ¨āĻ¤ā§āĻ¨ āĻā§āĻā§āĻ¨ āĻ¤ā§āĻ°āĻŋ āĻāĻ°ā§āĻ¨, āĻāĻĻāĻžāĻšāĻ°āĻŖāĻ¸ā§āĻŦāĻ°ā§āĻĒ "read_all_repository" āĻ¨āĻžāĻŽā§ āĻāĻŦāĻ "āĻā§āĻ¨āĻžāĻ°ā§āĻ āĻāĻ°ā§āĻ¨" āĻ āĻā§āĻ˛āĻŋāĻ āĻāĻ°ā§āĻ¨āĨ¤
āĻāĻŽāĻ°āĻž āĻĻā§āĻāĻ¤ā§ āĻĒāĻžāĻ āĻ¯ā§ āĻāĻāĻāĻŋ āĻā§āĻā§āĻ¨ āĻāĻĒāĻ¸ā§āĻĨāĻŋāĻ¤ āĻšāĻ¯āĻŧā§āĻā§āĨ¤ āĻ¤āĻŋāĻ¨āĻŋ āĻŽāĻžāĻ¤ā§āĻ° 1 āĻŦāĻžāĻ° āĻšāĻžāĻāĻŋāĻ° āĻšāĻŦā§āĻ¨āĨ¤
āĻĒā§āĻ°āĻļāĻžāĻ¸āĻ āĻšāĻŋāĻ¸āĻžāĻŦā§ āĻ˛āĻāĻāĻ¨ āĻāĻ°ā§āĻ¨āĨ¤
āĻāĻ¨āĻĢāĻŋāĻāĻžāĻ°ā§āĻļāĻ¨ -> SVG āĻŦā§āĻ¯āĻžāĻ-āĻ āĻ¯āĻžāĻ¨
āĻāĻ āĻā§āĻā§āĻ¨āĻāĻŋ "āĻ ā§āĻ¯āĻžāĻā§āĻāĻŋāĻāĻŋāĻāĻŋ āĻŦā§āĻ¯āĻžāĻ āĻā§āĻā§āĻ¨" āĻĢāĻŋāĻ˛ā§āĻĄā§ āĻāĻĒāĻŋ āĻāĻ°ā§āĻ¨ āĻāĻŦāĻ āĻ¸ā§āĻ āĻŦā§āĻ¤āĻžāĻŽā§ āĻā§āĻ˛āĻŋāĻ āĻāĻ°ā§āĻ¨āĨ¤
āĻĒā§āĻ°āĻļāĻžāĻ¸āĻ¨ -> āĻ¨āĻŋāĻ°āĻžāĻĒāĻ¤ā§āĻ¤āĻž -> āĻ āĻ¨ā§āĻŽāĻ¤āĻŋ āĻā§āĻŽāĻĒā§āĻ˛ā§āĻ -> āĻĄāĻŋāĻĢāĻ˛ā§āĻ āĻā§āĻŽāĻĒā§āĻ˛ā§āĻ (āĻāĻŦāĻ āĻāĻĒāĻ¨āĻžāĻ° āĻāĻžāĻā§ āĻĨāĻžāĻāĻž āĻ āĻ¨ā§āĻ¯āĻžāĻ¨ā§āĻ¯ āĻā§āĻŽāĻĒā§āĻ˛ā§āĻ) āĻ āĻ¯āĻžāĻ¨āĨ¤
āĻŦā§āĻ¯āĻžāĻ āĻŦā§āĻ¯āĻŦāĻšāĻžāĻ°āĻāĻžāĻ°ā§āĻ° āĻ āĻŦāĻļā§āĻ¯āĻ "āĻŦā§āĻ°āĻžāĻāĻ" āĻā§āĻāĻŦāĻā§āĻ¸ā§ āĻāĻŋāĻ āĻāĻŋāĻšā§āĻ¨ āĻĻā§āĻāĻ¯āĻŧāĻž āĻĨāĻžāĻāĻ¤ā§ āĻšāĻŦā§āĨ¤
āĻā§āĻ¸ā§āĻāĻŋāĻāĨ¤
āĻāĻĻāĻžāĻšāĻ°āĻŖāĻ¸ā§āĻŦāĻ°ā§āĻĒ, āĻĒā§āĻ°āĻāĻ˛ā§āĻĒāĻāĻŋ āĻ§āĻ°āĻž āĻ¯āĻžāĻ
āĻāĻ¸ā§āĻ¨ āĻāĻ āĻĒā§āĻ°āĻāĻ˛ā§āĻĒāĻāĻŋ āĻāĻŽāĻĻāĻžāĻ¨āĻŋ āĻāĻ°āĻŋāĨ¤
āĻ¨āĻŋāĻŽā§āĻ¨āĻ˛āĻŋāĻāĻŋāĻ¤ āĻŦāĻŋāĻˇāĻ¯āĻŧāĻŦāĻ¸ā§āĻ¤ā§ āĻ¸āĻš āĻĒā§āĻ°āĻā§āĻā§āĻ āĻ°ā§āĻā§ .gitlab-ci.yml āĻĢāĻžāĻāĻ˛ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨āĨ¤
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # ĐģĐžĐŗиĐŊ sonarqube
PASSWORD: "admin" # ĐŋĐ°ŅĐžĐģŅ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦā§ āĻĒā§āĻ°āĻāĻ˛ā§āĻĒāĻāĻŋ āĻĻā§āĻāĻ¤ā§ āĻāĻāĻ°āĻāĻŽ āĻšāĻŦā§:
README.md-āĻ āĻŦā§āĻ¯āĻžāĻ āĻ¯ā§āĻ āĻāĻ°ā§āĻ¨ āĻāĻŦāĻ āĻ¸ā§āĻā§āĻ˛āĻŋ āĻĻā§āĻāĻ¤ā§ āĻāĻ°āĻāĻŽ āĻšāĻŦā§:
āĻŦā§āĻ¯āĻžāĻ āĻĒā§āĻ°āĻĻāĻ°ā§āĻļāĻ¨ āĻā§āĻĄ āĻāĻ āĻŽāĻ¤ āĻĻā§āĻāĻžāĻ¯āĻŧ:
āĻŦā§āĻ¯āĻžāĻ āĻĒā§āĻ°āĻĻāĻ°ā§āĻļāĻ¨ āĻ¸ā§āĻā§āĻ°āĻŋāĻ āĻĒāĻžāĻ°ā§āĻ¸āĻŋāĻ:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ĐаСваĐŊиĐĩ](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-ĐŋŅĐžĐĩĐēŅĐ°)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ĐаСваĐŊиĐĩ ĐĐĩŅŅиĐēи](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=ĐĐĐĸĐ ĐĐĐ)](http://172.26.9.115:9000/dashboard?id=id-ĐŋŅĐžĐĩĐēŅĐ°)
āĻĒā§āĻ°ā§āĻā§āĻā§āĻ āĻā§ āĻāĻŦāĻ āĻĒā§āĻ°ā§āĻā§āĻā§āĻ āĻāĻāĻĄāĻŋ āĻā§āĻĨāĻžāĻ¯āĻŧ āĻĒāĻžāĻŦā§āĻ¨/āĻā§āĻ āĻāĻ°āĻŦā§āĻ¨āĨ¤
āĻĒā§āĻ°āĻā§āĻā§āĻ āĻā§ āĻ¨ā§āĻā§ āĻĄāĻžāĻ¨āĻĻāĻŋāĻā§ āĻ°āĻ¯āĻŧā§āĻā§āĨ¤ āĻāĻāĻāĻ°āĻāĻ˛ā§ āĻĒā§āĻ°ā§āĻā§āĻā§āĻ āĻāĻāĻĄāĻŋ āĻ°āĻ¯āĻŧā§āĻā§āĨ¤
āĻŽā§āĻā§āĻ°āĻŋāĻā§āĻ¸ āĻĒā§āĻ°āĻžāĻĒā§āĻ¤āĻŋāĻ° āĻāĻ¨ā§āĻ¯ āĻŦāĻŋāĻāĻ˛ā§āĻĒ āĻšāĻ¤ā§ āĻĒāĻžāĻ°ā§
āĻāĻ¨ā§āĻ¨āĻ¤āĻŋ, āĻŦāĻžāĻ āĻ¸āĻāĻļā§āĻ§āĻ¨ā§āĻ° āĻāĻ¨ā§āĻ¯ āĻ¸āĻŽāĻ¸ā§āĻ¤ āĻĒā§āĻ˛ āĻ
āĻ¨ā§āĻ°ā§āĻ§
āĻ¸ā§āĻ¨āĻžāĻ°āĻāĻŋāĻāĻŦ āĻ¸āĻŽā§āĻĒāĻ°ā§āĻā§ āĻā§āĻ˛āĻŋāĻā§āĻ°āĻžāĻŽ āĻā§āĻ¯āĻžāĻ
DevSecOps āĻ¸āĻŽā§āĻĒāĻ°ā§āĻā§ āĻā§āĻ˛āĻŋāĻā§āĻ°āĻžāĻŽ āĻā§āĻ¯āĻžāĻ - āĻ¸ā§āĻ°āĻā§āĻˇāĻŋāĻ¤ DevOps
āĻāĻ¤ā§āĻ¸: www.habr.com