Ko te SonarQube he turanga whakapumautanga o te kounga o te waehere puna tuwhera e tautoko ana i te whānuitanga o nga reo hötaka me te tuku purongo mo nga inenga penei i te taaruatanga o te waehere, te tutukitanga o nga paerewa whakawaehere, te kapinga whakamatautau, te uauatanga o te waehere, nga pepeke pea, me etahi atu. He maamaa te tirohanga a SonarQube ki nga hua tātaritanga ka taea e koe te whai i nga hihiko o te whanaketanga kaupapa i roto i te waa.
Whainga: Whakaatuhia ki nga kaiwhakawhanake te mana o te mana kounga o te waehere puna i SonarQube.
E rua nga otinga:
- Whakahaerehia he tuhinga hei tirotiro i te mana whakahaere kounga o te waehere puna i SonarQube. Mena kaore te mana o te kounga o te waehere puna i SonarQube e paahi, ka hinga te huihuinga.
- Whakaatuhia te mana mana kounga o te waehere puna ki te wharangi kaupapa matua.
Tāuta SonarQube
Hei whakauru i te sonarqube mai i nga kete rpm, ka whakamahia e matou te putunga .
Me whakauru te kete me te putunga mo CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmKa whakauruhia e matou te sonarqube ake.
yum install -y sonarqubeI te wa o te whakaurunga, ka whakauruhia te nuinga o nga mono, engari me whakauru e koe nga findbugs me te pmd
yum install -y sonarqube-findbugs sonarqube-pmdWhakarewahia te ratonga ka taapiri atu ki te tiimata
systemctl start sonarqube
systemctl enable sonarqubeMena he roa te wa ki te uta, katahi ka taapirihia he kaihanga tau matapōkere /dev/./urandom ki te mutunga o nga whiringa sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandomTe whakahaere i te tuhinga hei tirotiro i te mana o te mana kounga o te waehere puna i SonarQube.
Ko te mea pouri, ko te sonar-break-maven-plugin mono kaore ano kia whakahoutia mo te wa roa. Na me tuhi ta tatou ake tuhinga.
Mo te whakamatautau ka whakamahia e matou te putunga .
Te kawemai ki Gitlab. Tāpirihia te kōnae .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerKo te kōnae .gitlab-ci.yml kaore i te tino pai. I whakamatauria mena ka mutu nga mahi matawai i te sonarqube me te mana: "MANUTANGA". I tenei wa kaore ano etahi atu mana. Ina tae mai etahi atu mana, ka whakatikahia e au te .gitlab-ci.yml i tenei pou.
Te whakaatu i te mana mana kounga o te waehere puna ki te wharangi kaupapa matua
Te whakauru i te mono mo SonarQube
yum install -y sonarqube-qualinsight-badgesKa haere matou ki SonarQube i
Waihangatia he kaiwhakamahi auau, hei tauira "tohu".
Takiuru ki SonarQube i raro i tenei kaiwhakamahi.
Haere ki "Taku kaute", hangahia he tohu hou, hei tauira me te ingoa "read_all_repository" ka paato i te "Hanga".
Ka kite tatou kua puta he tohu. Ka puta ia 1 anake te wa.
Takiuru hei kaiwhakahaere.
Haere ki te Whirihoranga -> Tohu SVG
Tāruahia tēnei tohu ki roto i te āpure "Token tohu mahi" ka paato i te paatene tiaki.
Haere ki te Whakahaere -> Haumarutanga -> Tauira Whakaaetanga -> Tauira Taunoa (me etahi atu tauira ka whai koe).
Ko te kaiwhakamahi tohu me tohu te pouakataki "Tirotiro".
Whakamatau.
Hei tauira, me tango te kaupapa .
Me kawemai tenei kaupapa.
Tāpirihia te kōnae .gitlab-ci.yml ki te pakiaka kaupapa me nga ihirangi e whai ake nei.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerI SonarQube ka penei te ahua o te kaupapa:
Taapirihia nga putea ki README.md ka penei te ahua:
He penei te ahua o nga tohu tohu tohu:
Werohia nga tohu tohu aho:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)Kei hea te tiki/taki Kaupapa Kaupapa me te id kaupapa.
Ko te Kī Kaupapa kei te taha matau o raro. Kei roto i te URL te id kaupapa.
Ko nga whiringa mo te whiwhi inenga ka taea .
Nga tono kume katoa mo nga whakapainga, whakatika iro .
Te korerorero a Telegram mo SonarQube
Te korerorero Telegram mo DevSecOps - haumaru DevOps
Source: will.com