SonarQube ni jukwaa huria la uthibitisho wa ubora wa msimbo ambalo linaauni anuwai ya lugha za upangaji na hutoa ripoti kuhusu vipimo kama vile kurudia msimbo, utiifu wa viwango vya usimbaji, chanjo ya majaribio, utata wa misimbo, hitilafu zinazowezekana na zaidi. SonarQube inatoa taswira ya matokeo ya uchanganuzi kwa urahisi na hukuruhusu kufuatilia mienendo ya ukuzaji wa mradi kwa wakati.
Lengo: Onyesha wasanidi programu hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube.
Kuna suluhisho mbili:
- Tekeleza hati ili kuangalia hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube. Ikiwa udhibiti wa ubora wa msimbo wa chanzo katika SonarQube haupiti, basi ushindwe kukusanyika.
- Onyesha hali ya udhibiti wa ubora wa msimbo wa chanzo kwenye ukurasa mkuu wa mradi.
Inasakinisha SonarQube
Ili kufunga sonarqube kutoka kwa vifurushi vya rpm, tutatumia hazina
Wacha tusakinishe kifurushi na hazina ya CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm
Sisi kufunga sonarqube yenyewe.
yum install -y sonarqube
Wakati wa usakinishaji, programu-jalizi nyingi zitasakinishwa, lakini unahitaji kusakinisha findbugs na pmd
yum install -y sonarqube-findbugs sonarqube-pmd
Anzisha huduma na uiongeze kwenye kuanza
systemctl start sonarqube
systemctl enable sonarqube
Iwapo itachukua muda mrefu kupakia, basi ongeza jenereta ya nambari nasibu /dev/./urandom hadi mwisho wa chaguzi sonar.web.javaOpts
sonar.web.javaOpts=Π΄ΡΡΠ³ΠΈΠ΅ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΡ -Djava.security.egd=file:/dev/urandom
Kuendesha hati ili kuangalia hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube.
Kwa bahati mbaya, programu-jalizi ya sonar-break-maven-plugin haijasasishwa kwa muda mrefu. Kwa hivyo wacha tuandike hati yetu wenyewe.
Kwa majaribio tutatumia hazina
Inaingiza kwenye Gitlab. Ongeza faili ya .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- docker
Faili ya .gitlab-ci.yml si kamilifu. Ilijaribiwa ikiwa kazi za kuchanganua katika sonarqube zilimalizika kwa hali: "SUCCESS". Hadi sasa hakujawa na hadhi zingine. Mara tu kunapokuwa na hali zingine, nitasahihisha .gitlab-ci.yml katika chapisho hili.
Inaonyesha hali ya udhibiti wa ubora wa msimbo wa chanzo kwenye ukurasa mkuu wa mradi
Inasakinisha programu-jalizi ya SonarQube
yum install -y sonarqube-qualinsight-badges
Tunaenda kwa SonarQube kwa
Unda mtumiaji wa kawaida, kwa mfano "beji".
Ingia kwa SonarQube chini ya mtumiaji huyu.
Nenda kwenye "Akaunti Yangu", unda ishara mpya, kwa mfano kwa jina "soma_all_repository" na ubofye "Tengeneza".
Tunaona kwamba ishara imeonekana. Atatokea mara 1 tu.
Ingia kama msimamizi.
Nenda kwa Usanidi -> Beji za SVG
Nakili tokeni hii kwenye sehemu ya "Tokeni ya beji ya Shughuli" na ubofye kitufe cha kuhifadhi.
Nenda kwa Utawala -> Usalama -> Violezo vya Ruhusa -> Kiolezo chaguo-msingi (na violezo vingine ambavyo utakuwa navyo).
Mtumiaji wa beji lazima awe na kisanduku tiki cha "Vinjari".
Upimaji.
Kwa mfano, hebu tuchukue mradi huo
Hebu tuagize mradi huu.
Ongeza faili ya .gitlab-ci.yml kwenye mzizi wa mradi na maudhui yafuatayo.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- docker
Katika SonarQube mradi utaonekana kama hii:
Ongeza mifuko kwenye README.md na itaonekana kama hii:
Nambari ya kuonyesha beji inaonekana kama hii:
Kuchanganua mfuatano wa kuonyesha beji:
[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ΠΠ°Π·Π²Π°Π½ΠΈΠ΅ ΠΠ΅ΡΡΠΈΠΊΠΈ](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=ΠΠΠ’Π ΠΠΠ)](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
Mahali pa kupata/angalia Ufunguo wa Mradi na kitambulisho cha mradi.
Ufunguo wa Mradi uko chini kulia. URL ina kitambulisho cha mradi.
Chaguo za kupata vipimo zinaweza kuwa
Maombi yote ya kuboreshwa, kurekebishwa kwa hitilafu
Soga ya Telegraph kuhusu SonarQube
Gumzo la Telegraph kuhusu DevSecOps - DevOps salama
Chanzo: mapenzi.com