一、概述
| sonarqube是一个基于java开发的用于检测代码质量的平台,主要用于检测代码的Bug,漏洞以及重复代码率。 |
1. 安装sonarqube
step 0 准备环境
|
systemctl stop firewalld systemctl disable firewalld setenforce 0 |
[root@sonarqube ~]# systemctl stop firewalld
[root@sonarqube ~]# systemctl disable firewalld
[root@sonarqube ~]# setenforce 0
setenforce: SELinux is disabledstep 1 安装依赖工具
| sonarqube需要依赖mysql(5.6版本及以上)数据库。 |
|
yum install -y git java unzip wget wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-server-5.6.45-2.el7.x86_64.rpm wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-client-5.6.45-2.el7.x86_64.rpm wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-common-5.6.45-2.el7.x86_64.rpm wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-libs-5.6.45-2.el7.x86_64.rpm yum localinstall -y mysql-community-* |
[root@sonarqube ~]# yum install -y git java unzip wget
......
Complete!
[root@sonarqube ~]# mkdir /application/package -p
[root@sonarqube ~]# cd /application/package/
[root@sonarqube /application/package]# wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-server-5.6.45-2.el7.x86_64.rpm
......
2021-03-10 10:40:56 (718 KB/s) - ‘mysql-community-server-5.6.45-2.el7.x86_64.rpm’ saved [62561972/62561972]
[root@sonarqube /application/package]# wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-client-5.6.45-2.el7.x86_64.rpm
......
2021-03-10 10:43:36 (742 KB/s) - ‘mysql-community-client-5.6.45-2.el7.x86_64.rpm’ saved [20515804/20515804]
[root@sonarqube /application/package]# wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-common-5.6.45-2.el7.x86_64.rpm
......
2021-03-10 10:44:33 (1.52 MB/s) - ‘mysql-community-common-5.6.45-2.el7.x86_64.rpm’ saved [263300/263300]
[root@sonarqube /application/package]# wget https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql56-community-el7/mysql-community-libs-5.6.45-2.el7.x86_64.rpm
......
2021-03-10 10:46:13 (737 KB/s) - ‘mysql-community-libs-5.6.45-2.el7.x86_64.rpm’ saved [2130748/2130748]
[root@sonarqube /application/package]# ls
mysql-community-client-5.6.45-2.el7.x86_64.rpm mysql-community-libs-5.6.45-2.el7.x86_64.rpm
mysql-community-common-5.6.45-2.el7.x86_64.rpm mysql-community-server-5.6.45-2.el7.x86_64.rpm
[root@sonarqube /application/package]# yum install -y mysql-community-*
......
Complete!step 2 启动数据库并创建sonar库
|
systemctl start mysqld mysqladmin password 用户名 mysql -uroot -p密码 -e "CREATE DATABASE 数据库名称 DEFAULT CHARACTER SET uft8;" |
[root@sonarqube /application/package]# systemctl start mysqld
[root@sonarqube /application/package]# mysql -uroot -p123456 -e "CREATE DATABASE sonar DEFAULT CHARSET utf8;"
Warning: Using a password on the command line interface can be insecure.
[root@sonarqube /application/package]# mysql -uroot -p123456 -e "SHOW DATABASES;"
Warning: Using a password on the command line interface can be insecure.
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sonar |
+--------------------+step 3 下载sonarqube并解压安装
|
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-版本.zip unzip sonarqube-版本.zip -d /安装目录/ useradd sonar chown -R sonar.sonar /安装目录/ ln -s /安装目录/sonarqube-版本/ /安装目录/sonarqube |
[root@sonarqube /application/package]# wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.0.zip
......
2021-03-10 11:45:31 (2.10 MB/s) - ‘sonarqube-7.0.zip’ saved [155709573/155709573]
[root@sonarqube /application/package]# unzip sonarqube-7.0.zip -d /application/
Archive: sonarqube-7.0.zip
......
[root@sonarqube /application/package]# chown -R sonar.sonar /application/sonarqube-7.0/
[root@sonarqube /application/package]# cd ..
[root@sonarqube /application]# ll
total 0
drwxr-xr-x 2 root root 245 Mar 10 11:44 package
drwxr-xr-x 11 sonar sonar 141 Feb 2 2018 sonarqube-7.0
[root@sonarqube /application]# ln -s /application/sonarqube-7.0/ /application/sonarqube
[root@sonarqube /application]# ll
total 0
drwxr-xr-x 2 root root 245 Mar 10 11:44 package
lrwxrwxrwx 1 root root 27 Mar 10 11:48 sonarqube -> /application/sonarqube-7.0/
drwxr-xr-x 11 sonar sonar 141 Feb 2 2018 sonarqube-7.0step 4 编辑sonarqube
|
# /安装目录/sonarqube/conf/sonar.properties sonar.jdbc.username=root sonar.jdbc.password=数据库密码 sonar.jdbc.url=jdbc: mysql://IP:端口/数据库名称?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false |
[root@sonarqube /application]# grep 'jdbc' sonarqube/conf/sonar.properties| grep -Ev '^#'
sonar.jdbc.username=root
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=falsestep 5 启动sonarqube服务
| 由于es必须由普通用户启动,所以不能使用root用户启动sonarqube,否则启动失效。 |
| su - sonar -c "/安装目录/sonarqube/bin/linux-x86-64/sonar.sh start" |
[root@sonarqube /application]# su - sonar -c "/application/sonarqube/bin/linux-x86-64/sonar.sh start"
Starting SonarQube...
Started SonarQube.
[root@sonarqube /application]# netstat -lntp | grep 900
tcp6 0 0 :::9000 :::* LISTEN 8713/java
tcp6 0 0 127.0.0.1:9001 :::* LISTEN 8642/java step 6 登录sonarqube界面
|
默认地址:http://hostname:9000 用户名:admin 用户密码:admin |
step 7 安装插件(导入前,请备份插件)
| sonarqube插件目录: /安装目录/sonarqube/extensions/plugins |
[root@sonarqube /application]# su - sonar -c "/application/sonarqube/bin/linux-x86-64/sonar.sh stop"
Stopping SonarQube...
Waiting for SonarQube to exit...
Stopped SonarQube.
[root@sonarqube /application]# ls package/sonar*
package/sonar_plugins.tar.gz package/sonarqube-7.0.zip
[root@sonarqube /application]# tar xf package/sonar_plugins.tar.gz -C .
[root@sonarqube /application]# ll plugins/ | head -3
total 44176
-rw-r--r-- 1 sonar sonar 92 Feb 3 2018 README.txt
-rw-r--r-- 1 sonar sonar 1577739 Aug 4 2019 sonar-csharp-plugin-7.3.0.5690.jar
[root@sonarqube /application]# \cp -rp plugins/* sonarqube/extensions/plugins/
[root@sonarqube /application]# rm -rf plugins/
[root@sonarqube /application]# chown -R sonar. sonarqube/
[root@sonarqube /application]# su - sonar -c "/application/sonarqube/bin/linux-x86-64/sonar.sh start"
Starting SonarQube...
Started SonarQube.step 8 生成Token
| sonarqube令牌生成后,仅会出现一次。 |
step 9 开启用户强制认证
2. 手动推送代码测试
step 1 安装sonar-scanner
|
官方下载路径 离线安装包 提取码:ob4n |
| unzip sonar-scanner-cli-版本-linux.zip -d /安装目录/ |
[root@jenkins ~]# unzip sonar-scanner-cli-4.0.0.1744-linux.zip -d /usr/local/
......
/usr/local/sonar-scanner-4.0.0.1744-linux/jre/legal/java.management.rmi/ADDITIONAL_LICENSE_INFO -> ../java.base/ADDITIONAL_LICENSE_INFO
/usr/local/sonar-scanner-4.0.0.1744-linux/jre/legal/jdk.security.jgss/LICENSE -> ../java.base/LICENSEstep 2 创建软连接
| ln -s /安装目录/sonar-scanner-cli-版本-linux/ /安装目录/sonar-scanner |
[root@jenkins ~]# ln -s /usr/local/sonar-scanner-4.0.0.1744-linux /usr/local/sonar-scanner
[root@jenkins ~]# ls -dl /usr/local/sonar-scanner*
lrwxrwxrwx 1 root root 41 Mar 10 13:58 /usr/local/sonar-scanner -> /usr/local/sonar-scanner-4.0.0.1744-linux
drwxr-xr-x 6 root root 51 Jun 25 2019 /usr/local/sonar-scanner-4.0.0.1744-linuxstep 3 sonar-scanner手动推送代码
- 指令模式
|
/安装目录/sonar-scanner/bin/sonar-scanner \ -Dsonar.projectKey=项目名称 \ -Dsonar.sources=项目位置 \ -Dsonar.host.url=http://sonarqube服务端地址:9000 \ -Dsonar.login=服务端Token |
[root@jenkins ~]# cd /var/lib/jenkins/workspace/Monitor-HTML-Test-Para
[root@jenkins /var/lib/jenkins/workspace/Monitor-HTML-Test-Para]# /usr/local/sonar-scanner/bin/sonar-scanner \
> -Dsonar.projectKey=Monitor-HTML-Test-Para \
> -Dsonar.sources=. \
> -Dsonar.host.url=http://10.0.0.113:9000 \
> -Dsonar.login=51db8879fe24c0d56a3235379bf6d198980a470e
......
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 22.161s
INFO: Final Memory: 9M/197M
INFO: ------------------------------------------------------------------------- 配置sonar-scanner指向服务端
|
# /安装目录/sonar-scanner/conf/sonar-scanner.properties sonar.host.url=http://sonarqube服务端地址:9000 sonar.login=服务端Token |
[root@jenkins ~]# grep -Ev '^#|^$' /usr/local/sonar-scanner/conf/sonar-scanner.properties
sonar.host.url=http://10.0.0.113:9000
sonar.login=51db8879fe24c0d56a3235379bf6d198980a470e
[root@jenkins /]# cd /var/lib/jenkins/workspace/Monitor-HTML-Test
[root@jenkins /var/lib/jenkins/workspace/Monitor-HTML-Test]# /usr/local/sonar-scanner/bin/sonar-scanner \
> -Dsonar.projectKey=Monitor-HTML-Test \
> -Dsonar.sources=.
......
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:38.651s
INFO: Final Memory: 13M/210M
INFO: ------------------------------------------------------------------------step 4 sonarqube质检结果
二、Sonarqube与Jenkins集成
1. Jenkins集成Sonarqube
step 1 Jenkins安装集成插件
| Jenkins集成sonarqube,需要在Jenkins上安装插件SonarQube Scanner. |
step 2 Jenkins配置Sonar-scanner
| 系统管理 -> 全局工具配置 -> SonarQuebe Scanner -> 新增SonarQuebe Scanner |
step 3 Jenkins配置Sonarqube服务端地址
| 系统管理 -> 系统配置 -> SonarQuebe Servers |
step 4 Jenkins配置Sonarqube的Token
| 系统管理 -> 系统配置 -> SonarQuebe Servers |
2. Jenkins项目改造支持sonarqube
step 1 Jenkins项目改造
| 项目 -> 配置 -> Pre Steps -> Add pre-build step -> Execute SonarQube Scanner |
step 2 添加参数
|
# Analysis properties sonar.projectName=${JOB_NAME} sonar.projectKey=项目类型 sonar.sources=. sonar.java.binaries=target/sonar #指定扫描结果保存路径 |
sonar.projectName=${JOB_NAME}
sonar.projectKey=java
sonar.sources=.
sonar.java.binaries=target/sonar step 3 测试
