SonarQube ndi nsanja yotseguka yotsimikizira zamtundu wa ma code yomwe imathandizira zilankhulo zingapo zamapulogalamu ndipo imapereka malipoti azinthu monga kubwereza ma code, kutsata miyezo ya ma code, kuphimba mayeso, zovuta zama code, nsikidzi, ndi zina zambiri. SonarQube ikuwona bwino zotsatira zowunikira ndikukulolani kuti muzitha kuyang'anira momwe polojekiti ikuyendera pakapita nthawi.
Cholinga: Onetsani Madivelopa momwe mungawongolere ma code code ku SonarQube.
Pali njira ziwiri:
- Thamangani script kuti muwone momwe ma gwero amawongolera khalidwe labwino ku SonarQube. Ngati kuwongolera kwamakasitomala ku SonarQube sikudutsa, ndiye kuti kulephera kusonkhana.
- Onetsani zomwe zili patsamba lalikulu la polojekiti.
Kukhazikitsa SonarQube
Kuyika sonarqube kuchokera pamaphukusi a rpm, tidzagwiritsa ntchito posungira .
Tiyeni tiyike phukusilo ndi chosungira cha CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmTimayika sonarqube yokha.
yum install -y sonarqubePakukhazikitsa, mapulagini ambiri adzayikidwa, koma muyenera kukhazikitsa findbugs ndi pmd
yum install -y sonarqube-findbugs sonarqube-pmdYambitsani ntchito ndikuyiwonjezera poyambira
systemctl start sonarqube
systemctl enable sonarqubeNgati zitenga nthawi yayitali kuti mutsegule, yonjezerani nambala yachisawawa /dev/./urandom kumapeto kwa zosankha sonar.web.javaOpts
sonar.web.javaOpts=Π΄ΡΡΠ³ΠΈΠ΅ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΡ -Djava.security.egd=file:/dev/urandomKuyendetsa script kuti muwone momwe ma code code alili mu SonarQube.
Tsoka ilo, pulogalamu yowonjezera ya sonar-break-maven-plugin sinasinthidwe kwa nthawi yayitali. Ndiye tiyeni tilembe script yathu.
Poyesa tidzagwiritsa ntchito posungira .
Kulowetsa mu Gitlab. Onjezani fayilo ya .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerFayilo ya .gitlab-ci.yml ndiyabwino. Kuyesedwa ngati kupanga sikani ntchito mu sonarqube kunatha ndi udindo: "BWINO". Pakadali pano palibe ma status ena. Pakangopezeka ma status ena, ndikonza .gitlab-ci.yml mu positi iyi.
Kuwonetsa gwero la kasamalidwe kabwino katsamba patsamba lalikulu la polojekiti
Kuyika pulogalamu yowonjezera ya SonarQube
yum install -y sonarqube-qualinsight-badgesTimapita ku SonarQube ku
Pangani wogwiritsa ntchito nthawi zonse, mwachitsanzo "mabaji".
Lowani ku SonarQube pansi pa wosuta uyu.
Pitani ku "Akaunti yanga", pangani chizindikiro chatsopano, mwachitsanzo ndi dzina lakuti "read_all_repository" ndikudina "Pangani".
Ife tikuwona kuti chizindikiro chawonekera. Adzawonekera nthawi imodzi yokha.
Lowani ngati woyang'anira.
Pitani ku Configuration -> SVG Badges
Koperani chizindikirochi mugawo la "Activity badge token" ndikudina batani losunga.
Pitani ku Administration -> Security -> Permission Templates -> Default template (ndi ma templates ena omwe mudzakhala nawo).
Wogwiritsa mabaji akuyenera kukhala ndi bokosi la "Sakatulani".
Kuyesa.
Mwachitsanzo, tiyeni titenge polojekitiyi .
Tiyeni titenge pulojekitiyi.
Onjezani fayilo ya .gitlab-ci.yml ku mizu ya polojekiti ndi izi.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerKu SonarQube polojekitiyi idzawoneka motere:
Onjezani zikwama ku README.md ndipo ziziwoneka motere:
Mawonekedwe a baji amawoneka motere:
Kupanga mawonekedwe a mawonekedwe:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)Komwe mungapeze / onani Kiyi ya Project ndi ID ya projekiti.
Project Key ili pansi kumanja. URL ili ndi id ya polojekiti.
Zosankha zopezera ma metric zitha kukhala .
Zopempha zonse zokoka kuti ziwonjezeke, kukonza zolakwika .
Telegraph kucheza za SonarQube
Telegraph kucheza za DevSecOps - otetezedwa DevOps
Source: www.habr.com