SonarQube jẹ pẹpẹ idaniloju didara koodu orisun ṣiṣi ti o ṣe atilẹyin ọpọlọpọ awọn ede siseto ati pese ijabọ lori awọn metiriki bii pipọ koodu, ibamu awọn iṣedede ifaminsi, agbegbe idanwo, idiju koodu, awọn idun ti o pọju, ati diẹ sii. SonarQube ni irọrun wo awọn abajade itupalẹ ati gba ọ laaye lati tọpa awọn agbara ti idagbasoke iṣẹ akanṣe lori akoko.
Idi: Ṣe afihan awọn olupilẹṣẹ ipo iṣakoso didara koodu orisun ni SonarQube.
Awọn ojutu meji wa:
- Ṣiṣe iwe afọwọkọ kan lati ṣayẹwo ipo iṣakoso didara koodu orisun ni SonarQube. Ti iṣakoso didara ti koodu orisun ni SonarQube ko kọja, lẹhinna kuna apejọ naa.
- Ṣe afihan ipo iṣakoso didara koodu orisun lori oju-iwe iṣẹ akanṣe akọkọ.
Fifi SonarQube sori ẹrọ
Lati fi sonarqube sori ẹrọ lati awọn akojọpọ rpm, a yoo lo ibi ipamọ naa .
Jẹ ki a fi package sori ẹrọ pẹlu ibi ipamọ fun CentOS 7.
yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpmA fi sori ẹrọ sonarqube funrararẹ.
yum install -y sonarqubeLakoko fifi sori ẹrọ, ọpọlọpọ awọn afikun ni yoo fi sori ẹrọ, ṣugbọn o nilo lati fi awọn bugs ati pMD sori ẹrọ
yum install -y sonarqube-findbugs sonarqube-pmdLọlẹ iṣẹ naa ki o ṣafikun si ibẹrẹ
systemctl start sonarqube
systemctl enable sonarqubeTi o ba gba akoko pipẹ lati fifuye, lẹhinna ṣafikun olupilẹṣẹ nọmba ID /dev/./urandom si ipari awọn aṣayan sonar.web.javaOpts
sonar.web.javaOpts=другие параметры -Djava.security.egd=file:/dev/urandomṢiṣe iwe afọwọkọ kan lati ṣayẹwo ipo iṣakoso didara koodu orisun ni SonarQube.
Laanu, itanna sonar-break-maven-plugin ko ti ni imudojuiwọn fun igba pipẹ. Nitorinaa jẹ ki a kọ iwe afọwọkọ tiwa.
Fun idanwo a yoo lo ibi ipamọ .
Gbigbe wọle si Gitlab. Ṣafikun faili .gitlab-ci.yml:
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.226:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- apt install -y jq || true
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
- export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
- echo $URL
- |
while : ;do
curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
echo $status
if [ ${status} == "SUCCESS" ];then
echo "SONAR ANALYSIS SUCCESS";
break
fi
sleep 5
done
- curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
- export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
- export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
- |
if [ "$status" == "SUCCESS" ]; then
echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
export result=$(cat result.txt | jq -r '.projectStatus.status');
if [ "$result" == "ERROR" ];then
echo -e "91mSONAR RESULTS FAILED";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
exit 1 #breaks the build for violations
else
echo -e "SONAR RESULTS SUCCESSFUL";
echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
exit 0
fi
else
echo -e "e[91mSONAR ANALYSIS FAILEDe[0m";
exit 1 #breaks the build for failure in Step2
fi
tags:
- dockerFaili .gitlab-ci.yml ko pe. Idanwo ti awọn iṣẹ ṣiṣe ayẹwo ni sonarqube ba pari pẹlu ipo: "Aseyori". Nitorinaa ko si awọn ipo miiran. Ni kete ti awọn ipo miiran ba wa, Emi yoo ṣe atunṣe .gitlab-ci.yml ni ifiweranṣẹ yii.
Ifihan ipo iṣakoso didara koodu orisun lori oju-iwe iṣẹ akanṣe akọkọ
Fifi sori ẹrọ itanna fun SonarQube
yum install -y sonarqube-qualinsight-badgesA lọ si SonarQube ni
Ṣẹda olumulo deede, fun apẹẹrẹ "baaji".
Wọle si SonarQube labẹ olumulo yii.
Lọ si “Akọọlẹ Mi”, ṣẹda àmi tuntun, fun apẹẹrẹ pẹlu orukọ “read_all_repository” ki o tẹ “Iṣẹda”.
A rii pe ami kan ti han. O yoo han nikan 1 akoko.
Buwolu wọle bi IT.
Lọ si Iṣeto ni -> Awọn Baajii SVG
Daakọ àmi yii sinu aaye “Àmi baaji iṣẹ-ṣiṣe” ki o tẹ bọtini fifipamọ naa.
Lọ si Isakoso -> Aabo -> Awọn awoṣe Gbigbanilaaye -> Awoṣe aiyipada (ati awọn awoṣe miiran ti iwọ yoo ni).
Olumulo awọn baagi gbọdọ ni “Ṣawakiri” apoti ayẹwo.
Idanwo.
Fun apẹẹrẹ, jẹ ki ká ya ise agbese .
Jẹ ki a gbe ise agbese yi wọle.
Ṣafikun faili .gitlab-ci.yml si gbongbo ise agbese pẹlu akoonu atẹle.
variables:
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
SONAR_HOST_URL: "http://172.26.9.115:9000"
LOGIN: "admin" # логин sonarqube
PASSWORD: "admin" # пароль sonarqube
cache:
paths:
- .m2/repository
build:
image: maven:3.3.9-jdk-8
stage: build
script:
- mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
- mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
tags:
- dockerNi SonarQube ise agbese na yoo dabi eyi:
Fi awọn baagi kun README.md ati pe wọn yoo dabi eleyi:
Koodu ifihan awọn baaji naa dabi eyi:
Ṣiṣayẹwo okun ifihan awọn baaji:
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)
[](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[](http://172.26.9.115:9000/dashboard?id=id-проекта)Nibo ni lati gba/ṣayẹwo Key Project ati id ise agbese.
Bọtini Project wa ni isale ọtun. URL ni id ise agbese ninu.
Awọn aṣayan fun gbigba awọn metiriki le jẹ .
Gbogbo awọn ibeere fa fun awọn ilọsiwaju, awọn atunṣe kokoro .
Iwiregbe Telegram nipa SonarQube
Iwiregbe Telegram nipa DevSecOps - DevOps to ni aabo
orisun: www.habr.com