SonarQube shine dandamalin tabbatar da ingancin lambar tushe mai buɗewa wanda ke tallafawa nau'ikan yarukan shirye-shirye kuma yana ba da rahoto kan awo kamar kwafin lamba, bin ƙa'idodin ƙididdigewa, ɗaukar hoto, ɗaukar hoto, ƙayyadaddun lambar, yuwuwar kwari, da ƙari. SonarQube ya dace yana hango sakamakon bincike kuma yana ba ku damar bin hanyoyin haɓaka ayyukan akan lokaci.
Makasudi: Nuna masu haɓaka matsayin sarrafa ingancin lambar tushe a cikin SonarQube.
Akwai mafita guda biyu:
- Gudanar da rubutun don bincika matsayin ingancin lambar tushe a cikin SonarQube. Idan ingancin lambar tushe a cikin SonarQube bai wuce ba, to kasa taron.
- Nuna matsayin ingancin lambar tushe akan babban shafin aikin.
Shigar da SonarQube
Don shigar da sonarqube daga fakitin rpm, za mu yi amfani da ma'ajiyar
Bari mu shigar da kunshin tare da maajiyar CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Mun shigar sonarqube kanta.
yum install -y sonarqube
Yayin shigarwa, yawancin plugins za a shigar, amma kuna buƙatar shigar da findbugs da pMD
yum install -y sonarqube-findbugs sonarqube-pmd
Kaddamar da sabis ɗin kuma ƙara shi zuwa farawa
systemctl start sonarqube
systemctl enable sonarqube
Idan ya ɗauki lokaci mai tsawo don ɗauka, to ƙara janareta na lamba bazuwar /dev/./urandom zuwa ƙarshen zaɓuɓɓukan sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandom
Gudanar da rubutun don bincika matsayin sarrafa ingancin lambar tushe a cikin SonarQube.
Abin takaici, ba a sabunta plugin ɗin sonar-break-maven-plugin na dogon lokaci ba. Don haka bari mu rubuta rubutun namu.
Don gwaji za mu yi amfani da ma'ajiyar
Ana shigo da shi cikin Gitlab. Ƙara fayil ɗin .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
Fayil ɗin .gitlab-ci.yml bai cika ba. An gwada idan ayyukan dubawa a sonarqube sun ƙare tare da matsayi: "NASARA". Ya zuwa yanzu babu wasu matsayi. Da zarar an sami wasu matsayi, zan gyara .gitlab-ci.yml a cikin wannan sakon.
Nuna matsayin ingancin lambar tushe akan babban shafin aikin
Shigar da plugin ɗin don SonarQube
yum install -y sonarqube-qualinsight-badges
Muna zuwa SonarQube a
Ƙirƙiri mai amfani na yau da kullun, misali "alamomi".
Shiga SonarQube a ƙarƙashin wannan mai amfani.
Je zuwa "Asusuna", ƙirƙirar sabon alama, misali tare da sunan "read_all_repository" kuma danna "Ƙirƙiri".
Mun ga cewa alamar ta bayyana. Zai bayyana sau 1 kawai.
Shiga azaman mai gudanarwa.
Je zuwa Kanfigareshan -> Bajis na SVG
Kwafi wannan alamar a cikin filin "Ayyukan alamar alama" kuma danna maɓallin ajiyewa.
Je zuwa Gudanarwa -> Tsaro -> Samfuran Izini -> Samfurin tsoho (da sauran samfuran da zaku samu).
Dole ne mai amfani da bajoji ya sami rajistan akwati "Bincike".
Gwaji.
Misali, bari mu dauki aikin
Mu shigo da wannan aikin.
Ƙara fayil ɗin .gitlab-ci.yml zuwa tushen aikin tare da abun ciki mai zuwa.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
A cikin SonarQube aikin zai yi kama da haka:
Ƙara jakunkuna zuwa README.md kuma za su yi kama da haka:
Lambar nunin baji yayi kama da haka:
Fassara kirtani nunin baji:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-проекта)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название Метрики](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=МЕТРИКА)](http://172.26.9.115:9000/dashboard?id=id-проекта)
Inda za a samu/duba Maɓallin Project da id ɗin aikin.
Makullin aikin yana ƙasa dama. URL ɗin ya ƙunshi id ɗin aikin.
Zaɓuɓɓuka don samun ma'auni na iya zama
Duk buƙatun ja don ingantawa, gyaran kwaro
Tattaunawa ta Telegram game da SonarQube
Tattaunawa ta Telegram game da DevSecOps - amintaccen DevOps
source: www.habr.com