SonarQube bụ ikpo okwu mmesi obi ike nke koodu mepere emepe nke na-akwado ọtụtụ asụsụ mmemme ma na-enye akụkọ gbasara metrik dị ka mbiputegharị koodu, nnabata koodu nnabata, mkpuchi nnwale, mgbagwoju koodu, ahụhụ nwere ike na ndị ọzọ. SonarQube na-egosipụta nke ọma nsonaazụ nyocha ma na-enye gị ohere soro usoro mmepe nke oru ngo ka oge na-aga.
Ebumnuche: Gosi ndị nrụpụta ọkwa njikwa njirimara koodu isi mmalite na SonarQube.
Enwere ngwọta abụọ:
- Gbaa edemede iji lelee ọkwa njikwa koodu isi mmalite na SonarQube. Ọ bụrụ na njikwa njirimara koodu isi na SonarQube agaghị agafe, wee daa mgbakọ ahụ.
- Gosi ọkwa njikwa njirimara koodu isi mmalite na ibe ọrụ ọrụ.
Ịwụnye SonarQube
Iji tinye sonarqube site na ngwugwu rpm, anyị ga-eji ebe nchekwa ahụ
Ka anyị tinye ngwungwu na ebe nchekwa maka CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Anyị wụnye sonarqube n'onwe ya.
yum install -y sonarqube
N'oge echichi, a ga-etinye ọtụtụ plugins, mana ịkwesịrị ịwụnye Findbugs na pMD
yum install -y sonarqube-findbugs sonarqube-pmd
Mwepụta ọrụ ma tinye ya na mmalite
systemctl start sonarqube
systemctl enable sonarqube
Ọ bụrụ na ọ na-ewe ogologo oge iji buru ibu, tinyezie generator nọmba random /dev/./urandom na njedebe nke nhọrọ sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandom
Na-eme edemede iji lelee ọkwa njikwa njirimara koodu isi na SonarQube.
Ọ dị nwute na emelitebeghị ngwa mgbakwunye sonar-break-maven-plugin ruo ogologo oge. Ya mere, ka anyị dee edemede nke anyị.
Maka ule anyị ga-eji ebe nchekwa
Na-ebubata na Gitlab. Tinye faịlụ .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
Faịlụ .gitlab-ci.yml ezughị oke. A nwalere ma ọ bụrụ na nyocha ọrụ na sonarqube kwụsịrị na ọnọdụ: "Ịga nke ọma". Ruo ugbu a, enwebeghị ọkwa ndị ọzọ. Ozugbo enwere ọnọdụ ndị ọzọ, m ga-edozi .gitlab-ci.yml na post a.
Na-egosiputa ọkwa njikwa njirimara koodu isi na ibe oru ngo
Ịwụnye ngwa mgbakwunye maka SonarQube
yum install -y sonarqube-qualinsight-badges
Anyị na-aga SonarQube na
Mepụta onye ọrụ oge niile, dịka ọmụmaatụ "baajị".
Banye na SonarQube n'okpuru onye ọrụ a.
Gaa na "Akaụntụ m", mepụta akara ọhụrụ, dịka ọmụmaatụ na aha "read_all_repository" wee pịa "Mepụta".
Anyị na-ahụ na a token apụtala. Ọ ga-apụta naanị otu ugboro.
Nbanye dị ka onye nchịkwa.
Gaa na nhazi -> baajị SVG
Detuo akara ngosi a n'ime oghere "baajị ọrụ" wee pịa bọtịnụ nchekwa.
Gaa na nchịkwa -> Nchekwa -> Ndebiri ikike -> ndebiri ndabara (na ndebiri ndị ọzọ ị ga-enwe).
Onye ọrụ baajị ga-enwerịrị igbe nlele "Chọgharịa".
Ule.
Dịka ọmụmaatụ, ka anyị were ọrụ ahụ
Ka anyị bubata ọrụ a.
Tinye faịlụ .gitlab-ci.yml na mgbọrọgwụ ọrụ yana ọdịnaya ndị a.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
Na SonarQube oru ngo ga-adị ka nke a:
Tinye akpa na README.md ha ga-adị ka nke a:
Koodu ngosi baajị dị ka nke a:
Ịtụle eriri ngosi baajị:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-проекта)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название Метрики](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=МЕТРИКА)](http://172.26.9.115:9000/dashboard?id=id-проекта)
Ebe ị ga-enweta/ lelee igodo Project na id oru ngo.
Igodo Project dị na ala aka nri. URL ahụ nwere id oru ngo.
Nhọrọ maka inweta metrik nwere ike ịbụ
Arịrịọ niile dọkpụrụ maka ndozi, ndozi ahụhụ
Mkparịta ụka Telegram gbasara SonarQube
Mkparịta ụka Telegram gbasara DevSecOps - DevOps echekwara
isi: www.habr.com