ʻO SonarQube kahi kahua hōʻoia maikaʻi o ka code open source e kākoʻo ana i kahi ākea o nā ʻōlelo papahana a hāʻawi i ka hōʻike ʻana i nā metric e like me ke kope kope ʻana, ka hoʻokō ʻana i nā kūlana coding, ka uhi hoʻāʻo, ka paʻakikī o nā code, nā pōpoki hiki, a me nā mea hou aku. ʻIke maʻalahi ʻo SonarQube i nā hopena loiloi a hiki iā ʻoe ke nānā i ka dynamics o ka hoʻomohala ʻana i ka papahana i ka manawa.
Pahuhopu: E hōʻike i nā mea hoʻomohala i ke kūlana o ka mana o ka maikaʻi kumu kumu ma SonarQube.
ʻElua mau hoʻonā:
- E holo i kahi ʻatikala e nānā i ke kūlana mana o ke kumu kumu ma SonarQube. Inā ʻaʻole i hala ka mana maikaʻi o ke kumu kumu ma SonarQube, a laila hāʻule ka hui.
- Hōʻike i ke kūlana hoʻomalu maikaʻi ma ka ʻaoʻao papahana nui.
Ke hoʻokomo nei iā SonarQube
E hoʻokomo i ka sonarqube mai nā pūʻolo rpm, e hoʻohana mākou i ka waihona .
E hoʻokomo i ka pūʻolo me ka waihona no CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmHoʻokomo mākou i ka sonarqube ponoʻī.
yum install -y sonarqubeI ka wā o ka hoʻokomo ʻana, e hoʻokomo ʻia ka hapa nui o nā plugins, akā pono ʻoe e hoʻokomo i ka findbugs a me ka pmd
yum install -y sonarqube-findbugs sonarqube-pmdE hoʻomaka i ka lawelawe a hoʻohui i ka hoʻomaka
systemctl start sonarqube
systemctl enable sonarqubeInā lōʻihi ka manawa e hoʻouka ai, a laila e hoʻohui i kahi mea hoʻopuka helu random /dev/./urandom i ka hopena o nā koho sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandomKe holo nei i kahi palapala no ka nānā ʻana i ke kūlana o ka mana o ke kumu kumu kumu ma SonarQube.
ʻO ka mea pōʻino, ʻaʻole i hoʻonui ʻia ka sonar-break-maven-plugin plugin no ka manawa lōʻihi. No laila e kākau kāua i kā mākou palapala ponoʻī.
No ka hoʻāʻo ʻana e hoʻohana mākou i ka waihona .
Ke lawe ʻia nei i loko o Gitlab. Hoʻohui i ka faila .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerʻAʻole kūpono ka faila .gitlab-ci.yml. Hoʻāʻo ʻia inā pau nā hana scanning ma sonarqube me ke kūlana: "SUCCESS". I kēia manawa ʻaʻohe kūlana ʻē aʻe. Ke loaʻa koke nā kūlana ʻē aʻe, e hoʻoponopono wau i ka .gitlab-ci.yml i kēia pou.
Ke hōʻike ʻana i ke kūlana hoʻomalu maikaʻi kumu kumu ma ka ʻaoʻao papahana nui
Ke kau nei i ka plugin no SonarQube
yum install -y sonarqube-qualinsight-badgesHele mākou i SonarQube ma
E hana i mea hoʻohana maʻamau, no ka laʻana "badges".
E komo i SonarQube ma lalo o kēia mea hoʻohana.
E hele i "My account", e hana i kahi hōʻailona hou, no ka laʻana me ka inoa "read_all_repository" a kaomi "Genereate".
ʻIke mākou ua ʻike ʻia kahi hōʻailona. E hōʻike wale ʻia ʻo ia i 1 manawa.
E komo ma ke ano he luna hooponopono.
E hele i ka Configuration -> SVG Badges
E kope i kēia hōʻailona i loko o ke kahua "Activity badge token" a kaomi i ke pihi mālama.
E hele i ka Administration -> Security -> Permission Templates -> Default template (a me nā ʻano hana ʻē aʻe āu e loaʻa ai).
Pono ka mea hoʻohana ʻino i ka pahu kaha "Browse".
Hoʻoponopono
Eia kekahi laʻana, e lawe kākou i ka papahana .
E lawe mai kākou i kēia papahana.
Hoʻohui i ka faila .gitlab-ci.yml i ke kumu o ka papahana me kēia ʻike.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerMa SonarQube e like me kēia ka papahana:
E hoʻohui i nā ʻeke i README.md a e like lākou me kēia:
Penei ke ʻano o nā code hōʻike badges:
Ke kāʻili ʻana i ke kaula hōʻike hōʻike hōʻailona:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)Ma hea e kiʻi ai/e nānā i ka Project Key a me ka id papahana.
Aia ʻo Project Key ma ka ʻaoʻao ʻākau. Aia ma ka URL ka id papahana.
ʻO nā koho no ka loaʻa ʻana o nā ana .
ʻO nā noi huki āpau no ka hoʻomaikaʻi ʻana, hoʻoponopono bug .
Kūkākūkā Telegram e pili ana iā SonarQube
Kūkākūkā Telegram e pili ana iā DevSecOps - palekana DevOps
Source: www.habr.com