I-SonarQube liqonga lokuqinisekisa umgangatho wekhowudi yomthombo ovulekileyo oxhasa uluhlu olubanzi lweelwimi zeprogram kwaye unikezela ngengxelo kwiimetriki ezinje ngokuphindaphinda ikhowudi, ukuthotyelwa kwemigangatho yekhowudi, ukugubungela uvavanyo, ukuntsonkotha kwekhowudi, iimpazamo ezinokwenzeka, nokunye. I-SonarQube ibona ngokulula iziphumo zohlalutyo kwaye ikuvumela ukuba ulandelele amandla ophuhliso lweprojekthi ngokuhamba kwexesha.
Injongo: Bonisa abaphuhlisi ubume bomgangatho wekhowudi yomthombo wolawulo kwi-SonarQube.
Kukho izisombululo ezibini:
- Qhuba isikripthi ukujonga imeko yolawulo lomgangatho wekhowudi yemvelaphi kwiSonarQube. Ukuba ulawulo lomgangatho wekhowudi yomthombo kwi-SonarQube aludluli, ngoko ke iyasilela indibano.
- Bonisa umgangatho womgangatho wekhowudi yemvelaphi kwiphepha eliphambili leprojekthi.
Ifakela i-SonarQube
Ukufakela i-sonarqube kwiiphakheji ze-rpm, siya kusebenzisa indawo yokugcina .
Masifake iphakheji kunye nendawo yokugcina i-CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmSifaka sonarqube ngokwayo.
yum install -y sonarqubeNgexesha lofakelo, uninzi lweeplagi ziya kufakwa, kodwa kufuneka ufake i-findbugs kunye ne-pmd
yum install -y sonarqube-findbugs sonarqube-pmdQalisa inkonzo kwaye uyongeze kwisiqalo
systemctl start sonarqube
systemctl enable sonarqubeUkuba kuthatha ixesha elide ukulayisha, ngoko yongeza inombolo engaqhelekanga yokuvelisa /dev/./urandom ukuya ekupheleni kweenketho sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandomUkuqhuba iskripthi ukujonga imeko yolawulo lwekhowudi yemvelaphi kwiSonarQube.
Ngelishwa, i-plugin ye-sonar-break-maven-plugin ayizange ihlaziywe ixesha elide. Ngoko ke masibhale eyethu iscript.
Ukuvavanya siya kusebenzisa indawo yokugcina .
Ukungenisa ngaphandle kwi-Gitlab. Yongeza ifayile ye-.gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerIfayile ye.gitlab-ci.yml ayigqibelelanga. Ivavanyiwe ukuba imisebenzi yokuskena kwisonarqube iphele ngemeko: "IMPUMELELO". Ukuza kuthi ga ngoku azikabikho ezinye iimeko. Ngokukhawuleza ukuba kukho ezinye iimeko, ndiya kulungisa .gitlab-ci.yml kule post.
Ukubonisa umgangatho womgangatho wekhowudi yemvelaphi kwiphepha eliphambili leprojekthi
Ukufakela iplagin yeSonarQube
yum install -y sonarqube-qualinsight-badgesSiya eSonarQube e
Yenza umsebenzisi oqhelekileyo, umzekelo "iibheji".
Ngena kwi-SonarQube phantsi kwalo msebenzisi.
Yiya kwi "akhawunti yam", yenza ithokheni entsha, umzekelo ngegama elithi "read_all_repository" kwaye nqakraza "Yenza".
Siyabona ukuba umqondiso ubonisiwe. Uya kuvela ixesha eli-1 kuphela.
Ngena njengomlawuli.
Yiya kuLungiselelo-> Iibheji zeSVG
Khuphela lo mqondiso kwindawo ethi "Umsebenzi webheji" kwaye ucofe iqhosha lokugcina.
Yiya kuLawulo-> Ukhuseleko-> Izakhelo zeMvume-> Ithemplethi ehlala ikho (kunye nezinye iitemplates oya kuba nazo).
Umsebenzisi weebheji kufuneka "Khangela" ibhokisi yokukhangela ikhangelwe.
Ukuvavanywa.
Umzekelo, makhe sithathe iprojekthi .
Masingenise le projekthi.
Yongeza ifayile ye-.gitlab-ci.yml kwingcambu yeprojekthi enomxholo olandelayo.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerKwiSonarQube iprojekthi iya kujongeka ngolu hlobo:
Yongeza iibhegi kwi README.md kwaye ziya kujongeka ngolu hlobo:
Ikhowudi yokubonisa iibheji ibonakala ngolu hlobo:
Ukwahlulahlula iibheji zokubonisa umtya:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)Indawo yokufumana/ukukhangela iSitshixo seProjekthi kunye nesazisi seprojekthi.
Isitshixo seProjekthi sisezantsi ekunene. I-URL iqulethe isazisi seprojekthi.
Iinketho zokufumana iimetriki zingaba .
Zonke izicelo zokutsala zokuphucula, ukulungiswa kwebug .
Incoko yeTelegram malunga neSonarQube
Incoko yeTelegram malunga ne-DevSecOps - i-DevOps ekhuselekileyo
umthombo: www.habr.com
