Ko te SonarQube he turanga whakapumautanga o te kounga o te waehere puna tuwhera e tautoko ana i te whānuitanga o nga reo hötaka me te tuku purongo mo nga inenga penei i te taaruatanga o te waehere, te tutukitanga o nga paerewa whakawaehere, te kapinga whakamatautau, te uauatanga o te waehere, nga pepeke pea, me etahi atu. He maamaa te tirohanga a SonarQube ki nga hua tātaritanga ka taea e koe te whai i nga hihiko o te whanaketanga kaupapa i roto i te waa.
Whainga: Whakaatuhia ki nga kaiwhakawhanake te mana o te mana kounga o te waehere puna i SonarQube.
E rua nga otinga:
- Whakahaerehia he tuhinga hei tirotiro i te mana whakahaere kounga o te waehere puna i SonarQube. Mena kaore te mana o te kounga o te waehere puna i SonarQube e paahi, ka hinga te huihuinga.
- Whakaatuhia te mana mana kounga o te waehere puna ki te wharangi kaupapa matua.
Tāuta SonarQube
Hei whakauru i te sonarqube mai i nga kete rpm, ka whakamahia e matou te putunga
Me whakauru te kete me te putunga mo CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Ka whakauruhia e matou te sonarqube ake.
yum install -y sonarqube
I te wa o te whakaurunga, ka whakauruhia te nuinga o nga mono, engari me whakauru e koe nga findbugs me te pmd
yum install -y sonarqube-findbugs sonarqube-pmd
Whakarewahia te ratonga ka taapiri atu ki te tiimata
systemctl start sonarqube
systemctl enable sonarqube
Mena he roa te wa ki te uta, katahi ka taapirihia he kaihanga tau matapōkere /dev/./urandom ki te mutunga o nga whiringa sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandom
Te whakahaere i te tuhinga hei tirotiro i te mana o te mana kounga o te waehere puna i SonarQube.
Ko te mea pouri, ko te sonar-break-maven-plugin mono kaore ano kia whakahoutia mo te wa roa. Na me tuhi ta tatou ake tuhinga.
Mo te whakamatautau ka whakamahia e matou te putunga
Te kawemai ki Gitlab. Tāpirihia te kōnae .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
Ko te kōnae .gitlab-ci.yml kaore i te tino pai. I whakamatauria mena ka mutu nga mahi matawai i te sonarqube me te mana: "MANUTANGA". I tenei wa kaore ano etahi atu mana. Ina tae mai etahi atu mana, ka whakatikahia e au te .gitlab-ci.yml i tenei pou.
Te whakaatu i te mana mana kounga o te waehere puna ki te wharangi kaupapa matua
Te whakauru i te mono mo SonarQube
yum install -y sonarqube-qualinsight-badges
Ka haere matou ki SonarQube i
Waihangatia he kaiwhakamahi auau, hei tauira "tohu".
Takiuru ki SonarQube i raro i tenei kaiwhakamahi.
Haere ki "Taku kaute", hangahia he tohu hou, hei tauira me te ingoa "read_all_repository" ka paato i te "Hanga".
Ka kite tatou kua puta he tohu. Ka puta ia 1 anake te wa.
Takiuru hei kaiwhakahaere.
Haere ki te Whirihoranga -> Tohu SVG
Tāruahia tēnei tohu ki roto i te āpure "Token tohu mahi" ka paato i te paatene tiaki.
Haere ki te Whakahaere -> Haumarutanga -> Tauira Whakaaetanga -> Tauira Taunoa (me etahi atu tauira ka whai koe).
Ko te kaiwhakamahi tohu me tohu te pouakataki "Tirotiro".
Whakamatau.
Hei tauira, me tango te kaupapa
Me kawemai tenei kaupapa.
Tāpirihia te kōnae .gitlab-ci.yml ki te pakiaka kaupapa me nga ihirangi e whai ake nei.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
I SonarQube ka penei te ahua o te kaupapa:
Taapirihia nga putea ki README.md ka penei te ahua:
He penei te ahua o nga tohu tohu tohu:
Werohia nga tohu tohu aho:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-проекта)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![Название Метрики](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=МЕТРИКА)](http://172.26.9.115:9000/dashboard?id=id-проекта)
Kei hea te tiki/taki Kaupapa Kaupapa me te id kaupapa.
Ko te Kī Kaupapa kei te taha matau o raro. Kei roto i te URL te id kaupapa.
Ko nga whiringa mo te whiwhi inenga ka taea
Nga tono kume katoa mo nga whakapainga, whakatika iro
Te korerorero a Telegram mo SonarQube
Te korerorero Telegram mo DevSecOps - haumaru DevOps
Source: will.com