|
| 1 | +<a href="https://www.sonarqube.org/"><img src="https://www.sonarqube.org/assets/logo-31ad3115b1b4b120f3d1efd63e6b13ac9f1f89437f0cf6881cc4d8b5603a52b4.svg" alt="Caddy" width="450"></a> |
| 2 | +## sonarQube |
| 3 | +<p><a href="http://www.sonarqube.org/" target="_blank">SonarQube</a>® is an automatic code review tool to detect bugs, vulnerabilities and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.</p> |
| 4 | + |
| 5 | +### QuickStart With Jenkins |
| 6 | +We need to use CI to complete the check and pull of the code, here we use jenkins to complete these operations.First we need to set up our workflow on jenkins. |
| 7 | + |
| 8 | + |
| 9 | + |
| 10 | +Then fill in your project name, then select Create a new pipeline below, then click OK |
| 11 | + |
| 12 | + |
| 13 | + |
| 14 | +After entering the settings, set some settings you need, set the method and identity entry for the pull item, it is worth noting that items marked with red arrows are required to be set. |
| 15 | + |
| 16 | + |
| 17 | + |
| 18 | + |
| 19 | + |
| 20 | + |
| 21 | +When setting up Pipeline, you need to set the corresponding account and the corresponding script to pull the code. I won't go into details in this part. You can easily get them through Google. |
| 22 | + |
| 23 | + |
| 24 | + |
| 25 | +Finally, your pipeline project is set up, and then the token is bound to the gitlab pipeline setup to complete the initial configuration. Next we need to configure the Jenkins script file to tell CI what we need to do. |
| 26 | + |
| 27 | + |
| 28 | + |
| 29 | +The configuration file must be named Jenkinsfile, see Jenkins for details. |
| 30 | + |
| 31 | +```editorconfig |
| 32 | +pipeline { |
| 33 | + agent { |
| 34 | + docker { |
| 35 | + image env.DOCKER_FARM_IMAGE |
| 36 | + label env.DOCKER_FARM_LABEL |
| 37 | + args env.DOCKER_FARM_ARGS |
| 38 | + }// Set up our packaged environment here |
| 39 | + } |
| 40 | + options { |
| 41 | + gitLabConnection(env.gitlabConnection) |
| 42 | + timestamps() |
| 43 | + }// Set environment connection |
| 44 | + environment{ |
| 45 | + SERVICE_NAME='yig' |
| 46 | + }// Set the name, the above parameters actually do not work, just to complete the following inspection process, the real packaging settings will be much more complicated than this |
| 47 | +
|
| 48 | +
|
| 49 | + stages { |
| 50 | + stage('checkout') { |
| 51 | + post { |
| 52 | + success { updateGitlabCommitStatus name: 'checkout', state: 'success' } |
| 53 | + failure { updateGitlabCommitStatus name: 'checkout', state: 'failed' } |
| 54 | + } |
| 55 | + steps { |
| 56 | + script{ |
| 57 | + checkoutDependOnEnv env |
| 58 | + } |
| 59 | + } |
| 60 | + }// Check the code, mainly to scan our source code |
| 61 | + stage('sonar-check') { |
| 62 | + post { |
| 63 | + success { |
| 64 | + updateGitlabCommitStatus name: 'sonar', state: 'success' |
| 65 | + } |
| 66 | + failure { |
| 67 | + updateGitlabCommitStatus name: 'sonar', state: 'failed' |
| 68 | + } |
| 69 | + } |
| 70 | + steps { |
| 71 | + sh """ |
| 72 | + /home/sonar-scanner/bin/sonar-scanner |
| 73 | + """ |
| 74 | + }// Static code check trigger, this is the part that ultimately implements the code check. |
| 75 | + } |
| 76 | + } |
| 77 | +} |
| 78 | +``` |
| 79 | + |
| 80 | +Then configure the configuration file of sonarQube |
| 81 | + |
| 82 | +```editorconfig |
| 83 | +# Connect to the account of the sonar tool. This parameter is provided by the sonarQube administrator and sometimes uses the password. |
| 84 | +sonar.login=aba129a2f9df39f295cc56ab82db1c74e6d78266 |
| 85 | +# Project key, need to be guaranteed unique in sonarQube |
| 86 | +sonar.projectKey=yig |
| 87 | +# project name |
| 88 | +sonar.projectName=yig |
| 89 | +# Source code path |
| 90 | +sonar.sources=. |
| 91 | +sonar.exclusions=**/*_test.go,**/vendor/** |
| 92 | +# Source code file encoding |
| 93 | +sonar.sourceEncoding=UTF-8 |
| 94 | +# Specify unit test code path |
| 95 | +sonar.language=go |
| 96 | +sonar.tests=. |
| 97 | +sonar.test.inclusions=**/*_test.go |
| 98 | +sonar.test.exclusions=**/vendor/** |
| 99 | +# Plugin configuration for pdf |
| 100 | +sonar.pdf.username=admin |
| 101 | +sonar.pdf.password=admin |
| 102 | +``` |
| 103 | +In addition to the login, projectKey, projectName parameters, we use the default parameters, if there are other requirements, you can refer to the official website settings. |
| 104 | + |
| 105 | +### Congratulations |
| 106 | +your yig project will be able to automatically generate the corresponding inspection report when you push the code. |
| 107 | + |
| 108 | + |
| 109 | + |
| 110 | + |
| 111 | + |
0 commit comments