CICD持续集成 SonarQube 代码检测部署

2024-08-30 105 0

SonarQube Docker部署

物理服务器参数配置

配置内核参数

 echo vm.max_map_count=524288 >> /etc/sysctl.conf
 echo fs.file-max=131072  >> /etc/sysctl.conf
 sysctl -p

配置安全限制 (重新登陆终端生效)

echo "* soft nofile 131072" >>  /etc/security/limits.conf 
echo "* hard nofile 131072 " >>  /etc/security/limits.conf 
[root@jenkins ~]# mkdir -p /data/docker_yaml/sonarqube/
# cat /data/docker_yaml/sonarqube/docker-compose.yaml

version: "3"
services:
  postgres:
    image: postgres
    container_name: postgres
    ports:
      - 5432:5432
    networks:
      - sonarnet
    environment:
      POSTGRES_DB: sonar
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
    volumes:
      - ./data/postgresql:/var/lib/postgresql

  sonarqube:
    image: sonarqube:9.9.6-community
    container_name: sonarqube
    ports:
      - "9000:9000"
    depends_on:
      - db
    networks:
      - sonarnet
    environment:
      SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
      SONAR_JDBC_USERNAME: sonar
      SONAR_JDBC_PASSWORD: sonar
    volumes:
      - ./data/sonarqube/data:/opt/sonarqube/data
      - ./data/sonarqube/extensions:/opt/sonarqube/extensions
      - ./data/sonarqube/logs:/opt/sonarqube/logs

networks:
  sonarnet:
    driver: bridge

挂载因权限问题需要修改用户权限再重新启动

[root@jenkins sonarqube]# docker compose up -d
[root@jenkins sonarqube]# chown -R 999:999 ./data/postgresql/
[root@jenkins sonarqube]# chown -R 1000:1000 ./data/sonarqube/
[root@jenkins sonarqube]# docker compose down
[root@jenkins sonarqube]# docker compose up -d

启动容器后观察日志是否正常启动

[root@jenkins sonarqube]# docker compose logs -f
# 看到如下内容代表启动成功
2024.08.26 07:03:33 INFO  ce[][o.s.p.ProcessEntryPoint] Starting Compute Engine
2024.08.26 07:03:33 INFO  ce[][o.s.ce.app.CeServer] Compute Engine starting up...
2024.08.26 07:03:34 INFO  ce[][o.sonar.db.Database] Create JDBC data source for jdbc:postgresql://db:5432/sonar
2024.08.26 07:03:34 INFO  ce[][c.z.h.HikariDataSource] HikariPool-1 - Starting...
2024.08.26 07:03:35 INFO  ce[][c.z.h.p.HikariPool] HikariPool-1 - Added connection org.postgresql.jdbc.PgConnection@62138e8d
2024.08.26 07:03:35 INFO  ce[][c.z.h.HikariDataSource] HikariPool-1 - Start completed.
2024.08.26 07:03:37 INFO  ce[][o.s.s.p.ServerFileSystemImpl] SonarQube home: /opt/sonarqube
2024.08.26 07:03:37 INFO  ce[][o.s.c.c.CePluginRepository] Load plugins
2024.08.26 07:03:41 INFO  ce[][o.s.c.c.ComputeEngineContainerImpl] Running Community edition
2024.08.26 07:03:41 INFO  ce[][o.s.ce.app.CeServer] Compute Engine is started
2024.08.26 07:03:42 INFO  app[][o.s.a.SchedulerImpl] Process[ce] is up
2024.08.26 07:03:42 INFO  app[][o.s.a.SchedulerImpl] SonarQube is operational

正常启动后在浏览器打开http://ip:9090, 用户名密码默认admin
这里启动有点慢,耐心等待

image.png

image.png

安装中文
image.png

重启SonarQube 生效
image.png

注意:SonarQube根据浏览器的header选择显示的语言,如果安装中文插件重启后还是显示英文,一般是因为浏览器选择了英文。需将中文置顶。

image.png

image.png

Maven安装

测试使用 选择性安装

安装 JDK 17

该版本兼容Maven和SonarQube
https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html

[root@jenkins ~]# wget https://download.oracle.com/java/17/archive/jdk-17.0.7_linux-x64_bin.tar.gz
[root@jenkins ~]# tar xf jdk-17.0.7_linux-x64_bin.tar.gz
[root@jenkins ~]# jdk-17.0.11 /usr/local/jdk

配置JDK环境变量

[root@jenkins ~]# cat > /etc/profile.d/jdk.sh << \EOF
# set oracle jdk environment
export JAVA_HOME=/usr/local/jdk
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
EOF

[root@jenkins ~]# source /etc/profile.d/jdk.sh

查看JDK版本

[root@jenkins ~]# java -version
java version "17.0.11" 2024-04-16 LTS
Java(TM) SE Runtime Environment (build 17.0.11+7-LTS-207)
Java HotSpot(TM) 64-Bit Server VM (build 17.0.11+7-LTS-207, mixed mode, sharing)

安装Maven

[root@jenkins ~]# wget https://dlcdn.apache.org/maven/maven-3/3.8.8/binaries/apache-maven-3.8.8-bin.tar.gz
[root@jenkins ~]# tar xf apache-maven-3.8.8-bin.tar.gz 
[root@jenkins ~]# mv apache-maven-3.8.8 /usr/local/maven

配置Maven环境变量

[root@jenkins ~]# cat > /etc/profile.d/maven.sh << \EOF
export JAVA_HOME=/usr/local/jdk
export MAVEN_HOME=/usr/local/maven
export PATH=${MAVEN_HOME}/bin:${JAVA_HOME}/bin:$PATH
EOF

查看Maven版本信息

[root@jenkins ~]# source /etc/profile.d/maven.sh
[root@jenkins ~]# mvn -v
Apache Maven 3.8.8 (4c87b05d9aedce574290d1acc98575ed5eb6cd39)
Maven home: /usr/local/maven
Java version: 17.0.11, vendor: Oracle Corporation, runtime: /usr/local/jdk
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.14.0-362.8.1.el9_3.x86_64", arch: "amd64", family: "unix"

配置Maven镜像加速

[root@jenkins ~]# vim /usr/local/maven/conf/settings.xml

  <mirrors>
    <mirror>
      <id>alimaven</id>
       <name>aliyun maven</name>
       <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
       <mirrorOf>central</mirrorOf>
    </mirror>

  </mirrors>

  <profiles>

    <profile>
        <id>jdk-1.8</id>
        <activation>
            <activeByDefault>true</activeByDefault>
            <jdk>1.8</jdk>
        </activation>
        <properties>
            <maven.compiler.source>1.8</maven.compiler.source>
            <maven.compiler.target>1.8</maven.compiler.target>
            <maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>
        </properties>    
    </profile>

  </profiles>

SonarQube 使用

SonarQube的使用方式很多,Maven可以整合,也可以采用sonar-scanner的方式,再查看Sonar Qube的检测效果

Maven实现代码检测

maven/conf/settings.xml 配置sonarqube

<profile>
    <id>sonar</id>
    <activation>
        <activeByDefault>true</activeByDefault>
    </activation>
    <properties>
        <sonar.login>admin</sonar.login>
        <sonar.password>123456789</sonar.password>
        <sonar.host.url>http://192.168.77.17:9000</sonar.host.url>
    </properties>
</profile>

项目代码

git clone https://github.com/sundayhk/spring-boot-hello-world.git
cd spring-boot-hello-word

项目代码 pod.xml 添加插件 (这里已经添加了)

<plugin>
    <groupId>org.sonarsource.scanner.maven</groupId>
    <artifactId>sonar-maven-plugin</artifactId>
</plugin>

在项目代码位置执行命令:

mvn package
mvn sonar:sonar

image.png

image.png

相关文章

windows 2012 命令行批量修改文件权限 删除
CICD持续部署 Jenkins 部署
win11 Microsoft Store 微软账户无法登陆 0x80190001 解决
MySQL 笔记
Kubernetes Ingress Helm 部署
NextCloud 升级

发布评论