SonarQube minangka platform jaminan kualitas kode sumber terbuka sing ndhukung macem-macem basa pamrograman lan menehi laporan babagan metrik kayata duplikasi kode, kepatuhan standar kode, jangkoan tes, kerumitan kode, bug potensial, lan liya-liyane. SonarQube kanthi gampang nggambarake asil analisis lan ngidini sampeyan nglacak dinamika pangembangan proyek sajrone wektu.
Sasaran: Nuduhake pangembang status kontrol kualitas kode sumber ing SonarQube.
Ana rong solusi:
- Jalanake skrip kanggo mriksa status kontrol kualitas kode sumber ing SonarQube. Yen kontrol kualitas kode sumber ing SonarQube ora pass, banjur gagal DΓ©wan.
- Tampilake status kontrol kualitas kode sumber ing kaca proyek utama.
Nginstal SonarQube
Kanggo nginstal sonarqube saka paket rpm, kita bakal nggunakake repositori
Ayo instal paket karo repositori kanggo CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Kita nginstal sonarqube dhewe.
yum install -y sonarqube
Sajrone instalasi, umume plugin bakal diinstal, nanging sampeyan kudu nginstal findbugs lan pmd
yum install -y sonarqube-findbugs sonarqube-pmd
Bukak layanan lan tambahake menyang wiwitan
systemctl start sonarqube
systemctl enable sonarqube
Yen njupuk wektu dawa kanggo mbukak, banjur nambah generator nomer acak /dev/./urandom kanggo mburi opsi sonar.web.javaOpts
sonar.web.javaOpts=Π΄ΡΡΠ³ΠΈΠ΅ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΡ -Djava.security.egd=file:/dev/urandom
Mlaku skrip kanggo mriksa status kontrol kualitas kode sumber ing SonarQube.
Sayange, plugin sonar-break-maven-plugin wis suwe ora dianyari. Dadi ayo nulis naskah dhewe.
Kanggo nguji kita bakal nggunakake repositori
Ngimpor menyang Gitlab. Tambah file .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
File .gitlab-ci.yml ora sampurna. Dites yen tugas mindhai ing sonarqube rampung kanthi status: "SUKSES". Nganti saiki durung ana status liyane. Sanalika ana status liyane, Aku bakal mbenerake .gitlab-ci.yml ing kirim iki.
Nampilake status kontrol kualitas kode sumber ing kaca proyek utama
Nginstal plugin kanggo SonarQube
yum install -y sonarqube-qualinsight-badges
We menyang SonarQube ing
Nggawe pangguna biasa, contone "lencana".
Mlebu menyang SonarQube ing pangguna iki.
Pindhah menyang "Akunku", nggawe token anyar, contone kanthi jeneng "read_all_repository" lan klik "Genereate".
Kita weruh yen token wis muncul. Dheweke bakal katon mung 1 wektu.
Login minangka administrator.
Pindhah menyang Konfigurasi -> Lencana SVG
Salin token iki menyang kolom "Token lencana aktivitas" lan klik tombol simpen.
Pindhah menyang Administrasi -> Keamanan -> Cithakan Idin -> Cithakan Default (lan cithakan liyane sing bakal sampeyan duwe).
Pangguna lencana kudu mriksa kothak "Browse".
Tes.
Contone, ayo njupuk proyek kasebut
Ayo ngimpor proyek iki.
Tambah file .gitlab-ci.yml menyang ROOT project karo isi ing ngisor iki.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
Ing SonarQube proyek bakal katon kaya iki:
Tambah tas menyang README.md lan bakal katon kaya iki:
Kode tampilan lencana katon kaya iki:
Parsing string tampilan lencana:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅ ΠΠ΅ΡΡΠΈΠΊΠΈ](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=ΠΠΠ’Π ΠΠΠ)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
Where kanggo njaluk / mriksa Project Key lan project id.
Project Key ana ing sisih tengen ngisor. URL kasebut ngemot id proyek.
Pilihan kanggo entuk metrik bisa
Kabeh panjaluk narik kanggo dandan, koreksi bug
Telegram chatting babagan SonarQube
Telegram chatting babagan DevSecOps - aman DevOps
Source: www.habr.com