安装好SonarQube后开启强制认证
SonarQube 扫描仪配置
- 安装配置sonarscanner
- 下载地址:https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
[root@jenkins ~]# wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.0.2311-linux.zip [root@jenkins ~]# unzip sonar-scanner-cli-4.6.0.2311-linux.zip -d /usr/local [root@jenkins ~]# vim /etc/profile export MAVEN_HOME=/usr/local/apache-maven-3.6.3 export ANT_HOME=/usr/local/apache-ant-1.9.15 export GRADLE_HOME=/usr/local/gradle-5.3 export NODE_HOME=/usr/local/node-v14.15.2-linux-x64 export JAVA_HOME=/usr/local/jdk1.8.0_151 export SCANNER_HOME=/usr/local/sonar-scanner-4.6.0.2311-linux export PATH=$PATH:$MAVEN_HOME/bin:$ANT_HOME/bin:$GRADLE_HOME/bin:$NODE_HOME/bin export PATH=$PATH:$JAVA_HOME/bin export PATH=$PATH:$SCANNER_HOME/bin [root@jenkins ~]# source /etc/profile
- 验证
[root@jenkins ~]# sonar-scanner -h INFO: INFO: usage: sonar-scanner [options] INFO: INFO: Options: INFO: -D,--define <arg> Define property INFO: -h,--help Display help information INFO: -v,--version Display version information INFO: -X,--debug Produce execution debug output
本地使用扫描仪项目分析配置
- 找一个maven项目
[root@jenkins spring-boot]# pwd /var/lib/jenkins/workspace/spring-boot [root@jenkins spring-boot]# ls 1.sh Dockerfile images.sh pom.xml README.md src target
- 使用脚本方式运行
[root@jenkins spring-boot]# cat 1.sh sonar-scanner -Dsonar.host.url=http://192.168.90.18:9000 \ -Dsonar.projectKey=spring-boot \ -Dsonar.projectName=spring-boot \ -Dsonar.projectVersion=1.0 \ -Dsonar.login=admin \ -Dsonar.password=admin \ -Dsonar.ws.timeout=30 \ -Dsonar.projectDescription="my first project!" \ -Dsonar.links.homepage=http://www.baidu.com \ -Dsonar.sources=src \ -Dsonar.sourceEncoding=UTF-8 \ -Dsonar.java.binaries=target/classes \ -Dsonar.java.test.binaries=target/test-classes \ -Dsonar.java.surefire.report=target/surefire-reports
- 扫描
[root@jenkins spring-boot]# sh 1.sh INFO: Scanner configuration file: /usr/local/sonar-scanner-4.6.0.2311-linux/conf/sonar-scanner.properties INFO: Project root configuration file: NONE INFO: SonarScanner 4.6.0.2311 INFO: Java 11.0.3 AdoptOpenJDK (64-bit) INFO: Linux 3.10.0-1160.el7.x86_64 amd64 INFO: User cache: /root/.sonar/cache INFO: Scanner configuration file: /usr/local/sonar-scanner-4.6.0.2311-linux/conf/sonar-scanner.properties INFO: Project root configuration file: NONE INFO: Analyzing on SonarQube server 7.9.6 INFO: Default locale: "zh_CN", source code encoding: "UTF-8" INFO: Load global settings INFO: Load global settings (done) | time=536ms INFO: Server id: A7EE8CF2-AXheZ9Y7vcyLwGV30GwA
- 在SonarQube上查看扫描完成的状态
安装 JenkinsSonar 插件
- 配置sonar插件
- 添加凭据---先去sonar上生成口令
jenkinsfile
- ci
#!groovy
@Library('jenkinslibrary@master') _
//func from shareibrary
def build = new org.devops.build()
def tools = new org.devops.tools()
def gitlab = new org.devops.gitlab()
def toemail = new org.devops.toemail()
def sonar = new org.devops.sonarqube()
def runOpts
//env
String buildType = "${env.buildType}"
String buildShell = "${env.buildShell}"
String srcUrl = "${env.srcUrl}"
String branchName = "${env.branchName}"
if ("${runOpts}" == "GitlabPush"){
branchName = branch - "refs/heads/"
currentBuild.description = "Trigger by ${userName} ${branch}"
gitlab.ChangeCommitStatus(projectId,commitSha,"running")
env.runOpts = "GitlabPush"
} else {
userEmail = "lucky@centoscn.vip"
}
//pipeline
pipeline{
agent { node { label "master"}}
stages{
stage("检出代码"){
steps{
script{
println("${branchName}")
tools.PrintMes("获取代码","green")
checkout([$class: 'GitSCM', branches: [[name: "${branchName}"]],
doGenerateSubmoduleConfigurations: false,
extensions: [],
submoduleCfg: [],
userRemoteConfigs: [[credentialsId: 'ef208191-527c-4630-a677-b81696446562', url: "${srcUrl}"]]])
}
}
}
stage("编译打包"){
steps{
script{
tools.PrintMes("执行打包","green")
build.Build(buildType,buildShell)
}
}
}
stage("代码扫描"){
steps {
script{
tools.PrintMes("代码扫描","green")
sonar.SonarScan("${JOB_NAME}","${JOB_NAME}","src")
}
}
}
}
post {
always{
script{
println("always")
}
}
success{
script{
println("success")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"success")
}
toemail.Email("流水线成功",userEmail)
}
}
failure{
script{
println("failure")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"failed")
}
toemail.Email("流水线失败了!",userEmail)
}
}
aborted{
script{
println("aborted")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"canceled")
}
toemail.Email("流水线被取消了!",userEmail)
}
}
}
}
- 共享库
package org.devops
//scan
def SonarScan(projectName,projectDesc,projectPath){
//使用sonar服务器
withSonarQubeEnv("sonarqube-test"){
def scannerHome = "/usr/local/sonar-scanner-4.6.0.2311-linux/"
def sonarDate = sh returnStdout: true, script: 'date +%Y%m%d%H%M%S'
sonarDate = sonarDate - "\n"
sh """
${scannerHome}/bin/sonar-scanner \
-Dsonar.projectKey=${projectName} \
-Dsonar.projectName=${projectName} \
-Dsonar.projectVersion=${sonarDate} \
-Dsonar.ws.timeout=30 \
-Dsonar.projectDescription=${projectDesc} \
-Dsonar.links.homepage=http://www.baidu.com \
-Dsonar.sources=${projectPath} \
-Dsonar.sourceEncoding=UTF-8 \
-Dsonar.java.binaries=target/classes \
-Dsonar.java.test.binaries=target/test-classes \
-Dsonar.java.surefire.report=target/surefire-reports
"""
}
}
继续阅读
- 我的QQ
- QQ扫一扫
-
- 我的头条
- 头条扫一扫
-
评论