SonarQube ke sethala sa netefatso ea boleng ba khoutu e bulehileng e ts'ehetsang lipuo tse fapaneng tsa mananeo mme e fana ka tlaleho ka metrics joalo ka ho pheta-pheta khoutu, ho latela melao ea likhoutu, ts'ireletso ea liteko, ho rarahana ha khoutu, liphoso tse ka bang teng, le tse ling. SonarQube e bona liphetho tsa tlhahlobo habonolo mme e u lumella ho lekola matla a nts'etsopele ea projeke ha nako e ntse e ea.
Sepheo: Bontša ba ntlafatsang boemo ba taolo ea boleng ba khoutu ea mohloli ho SonarQube.
Ho na le litharollo tse peli:
- Etsa sengoloa ho lekola boemo ba taolo ea boleng ba khoutu ea mohloli ho SonarQube. Haeba taolo ea boleng ba khoutu ea mohloli ho SonarQube e sa fete, joale u hloleha kopano.
- Hlahisa boemo ba taolo ea boleng ba khoutu ea mohloli leqepheng le ka sehloohong la morero.
Ho kenya SonarQube
Ho kenya sonarqube ho tsoa liphutheloana tsa rpm, re tla sebelisa polokelo .
Ha re kenye sephutheloana ka polokelo ea CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmRe kenya sonarqube ka boeona.
yum install -y sonarqubeNakong ea ho kenya, li-plugins tse ngata li tla kenngoa, empa u hloka ho kenya findbugs le pmd
yum install -y sonarqube-findbugs sonarqube-pmdQala tšebeletso 'me u e kenye ho qala
systemctl start sonarqube
systemctl enable sonarqubeHaeba ho nka nako e telele ho kenya, joale eketsa jenereithara ea nomoro e sa reroang /dev/./urandom qetellong ea likhetho sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandomHo tsamaisa sengoloa ho lekola boemo ba taolo ea boleng ba khoutu ea mohloli ho SonarQube.
Ka bomalimabe, plugin ea sonar-break-maven-plugin ha e so ntlafatsoe nako e telele. Kahoo ha re ingoleng mongolo oa rona.
Ho etsa liteko re tla sebelisa polokelo .
Ho kenya Gitlab. Kenya faele ea .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerFaele ea .gitlab-ci.yml ha e ea nepahala. E lekoa haeba mesebetsi ea ho hlahloba ka sonarqube e felile ka boemo: "KATLEHO". Ho fihlela joale ha ho so be le maemo a mang. Hang ha ho na le li-status tse ling, ke tla lokisa .gitlab-ci.yml posong ena.
E bonts'a boemo ba taolo ea boleng ba khoutu ea mohloli leqepheng le ka sehloohong la morero
Ho kenya plugin bakeng sa SonarQube
yum install -y sonarqube-qualinsight-badgesRe ea ho SonarQube ho
Etsa mosebelisi ea tloaelehileng, mohlala "beche".
Kena ho SonarQube tlasa mosebelisi enoa.
E-ea ho "Ak'haonte ea ka", etsa letšoao le lecha, ka mohlala ka lebitso "read_all_repository" 'me u tobetse "Hlahisa".
Re bona hore letshwao le hlahile. O tla hlaha hang feela.
Kena joalo ka molaoli.
Eya ho Configuration -> Libeche tsa SVG
Kopitsa lets'oao lena tšimong ea "Activity bedge token" ebe o tobetsa konopo ea ho boloka.
Eya ho Tsamaiso -> Ts'ireletso -> Lithempleite tsa Tumello -> Sebopeho sa kamehla (le litempele tse ling tseo u tla ba le tsona).
Mosebelisi oa libeche o tlameha ho khetha lebokose la "Browse" le tšoailoeng.
Teko.
Ka mohlala, ha re nke morero .
Ha re tlise projeke ena kantle ho naha.
Kenya faele ea .gitlab-ci.yml motsong oa morero ka litaba tse latelang.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerHo SonarQube projeke e tla shebahala tjena:
Kenya mekotla ho README.md 'me e tla shebahala tjena:
Khoutu e bonts'ang libeche e shebahala tjena:
Ho hlophisa libeche thapo e bontšang:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)Moo u ka fumanang / hlahloba Senotlolo sa Morero le id ea morero.
Project Key e ka tlase ka ho le letona. URL e na le id ea morero.
Likhetho tsa ho fumana metrics li ka ba .
Likopo tsohle tsa ho hula bakeng sa ntlafatso, ho lokisoa ha liphoso .
Puisano ea thelekramo ka SonarQube
Puisano ea thelekramo ka DevSecOps - DevOps e sireletsehileng
Source: www.habr.com