SonarQube ni jukwaa huria la uthibitisho wa ubora wa msimbo ambalo linaauni anuwai ya lugha za upangaji na hutoa ripoti kuhusu vipimo kama vile kurudia msimbo, utiifu wa viwango vya usimbaji, chanjo ya majaribio, utata wa misimbo, hitilafu zinazowezekana na zaidi. SonarQube inatoa taswira ya matokeo ya uchanganuzi kwa urahisi na hukuruhusu kufuatilia mienendo ya ukuzaji wa mradi kwa wakati.
Lengo: Onyesha wasanidi programu hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube.
Kuna suluhisho mbili:
- Tekeleza hati ili kuangalia hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube. Ikiwa udhibiti wa ubora wa msimbo wa chanzo katika SonarQube haupiti, basi ushindwe kukusanyika.
- Onyesha hali ya udhibiti wa ubora wa msimbo wa chanzo kwenye ukurasa mkuu wa mradi.
Inasakinisha SonarQube
Ili kufunga sonarqube kutoka kwa vifurushi vya rpm, tutatumia hazina .
Wacha tusakinishe kifurushi na hazina ya CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmSisi kufunga sonarqube yenyewe.
yum install -y sonarqubeWakati wa usakinishaji, programu-jalizi nyingi zitasakinishwa, lakini unahitaji kusakinisha findbugs na pmd
yum install -y sonarqube-findbugs sonarqube-pmdAnzisha huduma na uiongeze kwenye kuanza
systemctl start sonarqube
systemctl enable sonarqubeIwapo itachukua muda mrefu kupakia, basi ongeza jenereta ya nambari nasibu /dev/./urandom hadi mwisho wa chaguzi sonar.web.javaOpts
sonar.web.javaOpts=Π΄ΡΡΠ³ΠΈΠ΅ ΠΏΠ°ΡΠ°ΠΌΠ΅ΡΡΡ -Djava.security.egd=file:/dev/urandomKuendesha hati ili kuangalia hali ya udhibiti wa ubora wa msimbo wa chanzo katika SonarQube.
Kwa bahati mbaya, programu-jalizi ya sonar-break-maven-plugin haijasasishwa kwa muda mrefu. Kwa hivyo wacha tuandike hati yetu wenyewe.
Kwa majaribio tutatumia hazina .
Inaingiza kwenye Gitlab. Ongeza faili ya .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerFaili ya .gitlab-ci.yml si kamilifu. Ilijaribiwa ikiwa kazi za kuchanganua katika sonarqube zilimalizika kwa hali: "SUCCESS". Hadi sasa hakujawa na hadhi zingine. Mara tu kunapokuwa na hali zingine, nitasahihisha .gitlab-ci.yml katika chapisho hili.
Inaonyesha hali ya udhibiti wa ubora wa msimbo wa chanzo kwenye ukurasa mkuu wa mradi
Inasakinisha programu-jalizi ya SonarQube
yum install -y sonarqube-qualinsight-badgesTunaenda kwa SonarQube kwa
Unda mtumiaji wa kawaida, kwa mfano "beji".
Ingia kwa SonarQube chini ya mtumiaji huyu.
Nenda kwenye "Akaunti Yangu", unda ishara mpya, kwa mfano kwa jina "soma_all_repository" na ubofye "Tengeneza".
Tunaona kwamba ishara imeonekana. Atatokea mara 1 tu.
Ingia kama msimamizi.
Nenda kwa Usanidi -> Beji za SVG
Nakili tokeni hii kwenye sehemu ya "Tokeni ya beji ya Shughuli" na ubofye kitufe cha kuhifadhi.
Nenda kwa Utawala -> Usalama -> Violezo vya Ruhusa -> Kiolezo chaguo-msingi (na violezo vingine ambavyo utakuwa navyo).
Mtumiaji wa beji lazima awe na kisanduku tiki cha "Vinjari".
Upimaji.
Kwa mfano, hebu tuchukue mradi huo .
Hebu tuagize mradi huu.
Ongeza faili ya .gitlab-ci.yml kwenye mzizi wa mradi na maudhui yafuatayo.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # Π»ΠΎΠ³ΠΈΠ½ sonarqube
PASSWORD: "admin" # ΠΏΠ°ΡΠΎΠ»Ρ sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerKatika SonarQube mradi utaonekana kama hii:
Ongeza mifuko kwenye README.md na itaonekana kama hii:
Nambari ya kuonyesha beji inaonekana kama hii:
Kuchanganua mfuatano wa kuonyesha beji:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-ΠΏΡΠΎΠ΅ΠΊΡΠ°)Mahali pa kupata/angalia Ufunguo wa Mradi na kitambulisho cha mradi.
Ufunguo wa Mradi uko chini kulia. URL ina kitambulisho cha mradi.
Chaguo za kupata vipimo zinaweza kuwa .
Maombi yote ya kuboreshwa, kurekebishwa kwa hitilafu .
Soga ya Telegraph kuhusu SonarQube
Gumzo la Telegraph kuhusu DevSecOps - DevOps salama
Chanzo: mapenzi.com