SonarQube ndeye yakavhurika sosi kodhi yemhando yekusimbisa chikuva inotsigira mitauro yakawanda yekuronga uye inopa mishumo pamametrics akadai sekodhi kudzokorora, kodhi mazinga kutevedza, bvunzo yekuvhara, kuomarara kwekodhi, zvingangoita tsikidzi, nezvimwe. SonarQube inonyatso kuona mhedzisiro yekuongorora uye inobvumidza iwe kuti utarise masimba ekuvandudza chirongwa nekufamba kwenguva.
Chinangwa: Ratidza vanogadzira mamiriro eiyo source code quality control muSonarQube.
Pane mhinduro mbiri:
- Mhanya script kuti utarise sosi kodhi yemhando yekudzora mamiriro muSonarQube. Kana iyo yemhando yekutonga kweiyo sosi kodhi muSonarQube ikasapfuura, saka kutadza musangano.
- Ratidza kwakabva kodhi yemhando yekudzora mamiriro pane hombe peji peji.
Kuisa SonarQube
Kuisa sonarqube kubva rpm mapakeji, isu tichashandisa repository
Ngatiisei pasuru ine repository yeCentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Isu tinoisa sonarqube pachayo.
yum install -y sonarqube
Panguva yekuisa, akawanda plugins anozoiswa, asi iwe unofanirwa kuisa findbugs uye pmd
yum install -y sonarqube-findbugs sonarqube-pmd
Tangisa sevhisi uye woiwedzera kune yekutanga
systemctl start sonarqube
systemctl enable sonarqube
Kana zvichitora nguva yakareba kuti itakure, wobva wawedzera nhamba isina kujairika jenareta /dev/./urandom kusvika kumagumo esarudzo sonar.web.javaOpts
sonar.web.javaOpts=Π΄ΡΡΠ³ΠΈΠ΅ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΡ -Djava.security.egd=file:/dev/urandom
Kumhanyisa script kutarisa mamiriro eiyo source code quality control muSonarQube.
Nehurombo, iyo sonar-break-maven-plugin plugin haina kuvandudzwa kwenguva yakareba. Saka ngatinyorei zvedu script.
Pakuedza isu tichashandisa repository
Kupinza muGitlab. Wedzera iyo .gitlab-ci.yml faira:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
Iyo .gitlab-ci.yml faira haina kukwana. Yakaedzwa kana kuongorora mabasa mu sonarqube kwakapera nechimiro: "SUCCESS". Parizvino hapasati pave nemamwe mastatus. Pakangoita mamwe mastatus, ndichagadzirisa .gitlab-ci.yml mune ino post.
Ichiratidza iyo source code quality control status pane main project peji
Kuisa iyo plugin yeSonarQube
yum install -y sonarqube-qualinsight-badges
Isu tinoenda kuSonarQube pa
Gadzira mushandisi wenguva dzose, semuenzaniso "mabheji".
Pinda kuSonarQube pasi pemushandisi uyu.
Enda ku "Akaunti yangu", gadzira chiratidzo chitsva, semuenzaniso nezita "read_all_repository" uye tinya "Gadzira".
Tinoona kuti chiratidzo chaonekwa. Achaonekwa ka1 chete.
Login semutungamiri.
Enda kuKugadzirisa -> SVG Mabheji
Kopa chiratidzo ichi muchikamu che "Chiitiko bheji chiratidzo" uye tinya bhatani rekuchengetedza.
Enda kuKutonga -> Chengetedzo -> Mvumo Matemplate -> Default template (uye mamwe matemplate auchave nawo).
Mushandisi wemabheji anofanira kunge aine "Bhurawuza" bhokisi rekutarisa.
Kuedzwa.
Semuenzaniso, ngatitorei chirongwa
Ngatitorei kunze kwenyika chirongwa ichi.
Wedzera iyo .gitlab-ci.yml faira kumudzi weprojekiti ine zvinotevera zvirimo.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
MuSonarQube chirongwa chichataridzika seizvi:
Wedzera mabhegi ku README.md uye anozotaridzika seizvi:
Mabheji anoratidza kodhi inoita seizvi:
Kupatsanura mabheji tambo yekuratidzira:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅ ΠΠ΅ΡΡΠΈΠΊΠΈ](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=ΠΠΠ’Π ΠΠΠ)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
Kwaunowana / kutarisa Kiyi yeProjekiti uye id yeprojekiti.
Project Key iri pazasi kurudyi. Iyo URL ine id yeprojekiti.
Sarudzo dzekuwana metrics dzinogona kuva
Zvese zvekudhonza zvikumbiro zvekuvandudzwa, bug kugadzirisa
Teregiramu kutaura nezve SonarQube
Teregiramu chat nezve DevSecOps - yakachengeteka DevOps
Source: www.habr.com