Na-egosi ndị nrụpụta ọkwa njikwa koodu isi mmalite na SonarQube

SonarQube bụ ikpo okwu mmesi obi ike nke koodu mepere emepe nke na-akwado ọtụtụ asụsụ mmemme ma na-enye akụkọ gbasara metrik dị ka mbiputegharị koodu, nnabata koodu nnabata, mkpuchi nnwale, mgbagwoju koodu, ahụhụ nwere ike na ndị ọzọ. SonarQube na-egosipụta nke ọma nsonaazụ nyocha ma na-enye gị ohere soro usoro mmepe nke oru ngo ka oge na-aga.

Ebumnuche: Gosi ndị nrụpụta ọkwa njikwa njirimara koodu isi mmalite na SonarQube.

Enwere ngwọta abụọ:

• Gbaa edemede iji lelee ọkwa njikwa koodu isi mmalite na SonarQube. Ọ bụrụ na njikwa njirimara koodu isi na SonarQube agaghị agafe, wee daa mgbakọ ahụ.
• Gosi ọkwa njikwa njirimara koodu isi mmalite na ibe ọrụ ọrụ.

Ịwụnye SonarQube

Iji tinye sonarqube site na ngwugwu rpm, anyị ga-eji ebe nchekwa ahụ https://harbottle.gitlab.io/harbottle-main.

Ka anyị tinye ngwungwu na ebe nchekwa maka CentOS 7.

yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm

Anyị wụnye sonarqube n'onwe ya.

yum install -y sonarqube

N'oge echichi, a ga-etinye ọtụtụ plugins, mana ịkwesịrị ịwụnye Findbugs na pMD

yum install -y sonarqube-findbugs sonarqube-pmd

Mwepụta ọrụ ma tinye ya na mmalite

systemctl start sonarqube
systemctl enable sonarqube

Ọ bụrụ na ọ na-ewe ogologo oge iji buru ibu, tinyezie generator nọmba random /dev/./urandom na njedebe nke nhọrọ sonar.web.javaOpts

sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandom

Na-eme edemede iji lelee ọkwa njikwa njirimara koodu isi na SonarQube.

Ọ dị nwute na emelitebeghị ngwa mgbakwunye sonar-break-maven-plugin ruo ogologo oge. Ya mere, ka anyị dee edemede nke anyị.

Maka ule anyị ga-eji ebe nchekwa https://github.com/uweplonus/spotbugs-examples.

Na-ebubata na Gitlab. Tinye faịlụ .gitlab-ci.yml:

variables:
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
  SONAR_HOST_URL: "http://172.26.9.226:9000"
  LOGIN: "admin" # логин sonarqube
  PASSWORD: "admin" # пароль sonarqube

cache:
  paths:
    - .m2/repository

build:
  image: maven:3.3.9-jdk-8
  stage: build
  script:
    - apt install -y jq || true
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
    - export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
    - echo $URL
    - |
      while : ;do
          curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
          export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
          echo $status
          if [ ${status} == "SUCCESS" ];then
            echo "SONAR ANALYSIS SUCCESS";
            break
          fi
          sleep 5
      done
    - curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
    - export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
    - export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
    - |
      if [ "$status" == "SUCCESS" ]; then
        echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
        curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
        export result=$(cat result.txt | jq -r '.projectStatus.status');

        if [ "$result" == "ERROR" ];then
          echo -e "91mSONAR RESULTS FAILED";
          echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
          exit 1 #breaks the build for violations
        else
          echo -e "SONAR RESULTS SUCCESSFUL";
          echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
          exit 0
        fi
      else
          echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
          exit 1 #breaks the build for failure in Step2
      fi
  tags:
    - docker

Faịlụ .gitlab-ci.yml ezughị oke. A nwalere ma ọ bụrụ na nyocha ọrụ na sonarqube kwụsịrị na ọnọdụ: "Ịga nke ọma". Ruo ugbu a, enwebeghị ọkwa ndị ọzọ. Ozugbo enwere ọnọdụ ndị ọzọ, m ga-edozi .gitlab-ci.yml na post a.

Na-egosiputa ọkwa njikwa njirimara koodu isi na ibe oru ngo

Ịwụnye ngwa mgbakwunye maka SonarQube

yum install -y sonarqube-qualinsight-badges

Anyị na-aga SonarQube na http://172.26.9.115:9000/
Mepụta onye ọrụ oge niile, dịka ọmụmaatụ "baajị".
Banye na SonarQube n'okpuru onye ọrụ a.

Gaa na "Akaụntụ m", mepụta akara ọhụrụ, dịka ọmụmaatụ na aha "read_all_repository" wee pịa "Mepụta".

Anyị na-ahụ na a token apụtala. Ọ ga-apụta naanị otu ugboro.

Nbanye dị ka onye nchịkwa.

Gaa na nhazi -> baajị SVG

Detuo akara ngosi a n'ime oghere "baajị ọrụ" wee pịa bọtịnụ nchekwa.

Gaa na nchịkwa -> Nchekwa -> Ndebiri ikike -> ndebiri ndabara (na ndebiri ndị ọzọ ị ga-enwe).

Onye ọrụ baajị ga-enwerịrị igbe nlele "Chọgharịa".

Ule.

Dịka ọmụmaatụ, ka anyị were ọrụ ahụ https://github.com/jitpack/maven-simple.

Ka anyị bubata ọrụ a.

Tinye faịlụ .gitlab-ci.yml na mgbọrọgwụ ọrụ yana ọdịnaya ndị a.

variables:
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
  SONAR_HOST_URL: "http://172.26.9.115:9000"
  LOGIN: "admin" # логин sonarqube
  PASSWORD: "admin" # пароль sonarqube

cache:
  paths:
    - .m2/repository

build:
  image: maven:3.3.9-jdk-8
  stage: build
  script:
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
  tags:
    - docker

Na SonarQube oru ngo ga-adị ka nke a:

Tinye akpa na README.md ha ga-adị ka nke a:

Koodu ngosi baajị dị ka nke a:

Ịtụle eriri ngosi baajị:

[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-проекта)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название Метрики](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=МЕТРИКА)](http://172.26.9.115:9000/dashboard?id=id-проекта)

Ebe ị ga-enweta/ lelee igodo Project na id oru ngo.

Igodo Project dị na ala aka nri. URL ahụ nwere id oru ngo.

Nhọrọ maka inweta metrik nwere ike ịbụ lee ebe a.

Arịrịọ niile dọkpụrụ maka ndozi, ndozi ahụhụ nyefee n'aka ebe nchekwa a.

Mkparịta ụka Telegram gbasara SonarQube https://t.me/sonarqube_ru
Mkparịta ụka Telegram gbasara DevSecOps - DevOps echekwara https://t.me/sec_devops

isi: www.habr.com