Sonarqube Containerization - daniel-qa/Information-Security GitHub Wiki

Docker Hub ( Sonarqube Official )

https://hub.docker.com/_/sonarqube

例如,在 Linux 上,您可以通過在主機上以 root 身份運行以下命令來為當前會話設置推薦值:

sysctl -w vm.max_map_count=524288
sysctl -w fs.file-max=131072
ulimit -n 131072
ulimit -u 8192

ulimit -a : 可列出所有的限制額度

-n size: 設置內核可以同時打開的文件描述符的最大值.單位:n

-u size:單一用戶可以使用的最大進程(process)數量

Use volumes

We recommend creating volumes for the following directories:

/opt/sonarqube/data: 數據文件
/opt/sonarqube/logs: log 紀錄
/opt/sonarqube/extensions: for 3rd party plugins
  • source code
/opt/sonarqube/code

Customized image

In some environments, it may make more sense to prepare a custom image containing your configuration. A Dockerfile to achieve this may be as simple as:

You could then build and try the image with something like:

$ docker build --tag=sonarqube-custom .
$ docker run -ti sonarqube-custom
  • Stop Sonarqube Gracefully
docker run --stop-timeout 3600 sonarqube

  • 拉取 sonarqube 鏡像
docker pull sonarqube
  • Run Container
docker run --name sonarqube -ti -p 9000:9000 sonarqube
docker run --name sonarqube -ti -p 9000:9000 -v data:/opt/sonarqube/data sonarqube

docker run --name sonarqube -ti -p 9000:9000 -v data:/opt/sonarqube/data -v code:/opt/sonarqube/code sonarqube-custom 

  • Scan code

這裡以手動創建方式說明 (可以在專案設定中取得以下命令內容)

sonar-scanner \
  -Dsonar.projectKey=sokrates-analysis \
  -Dsonar.sources=. \
  -Dsonar.host.url=http://192.168.0.19:9000 \
  -Dsonar.login=sqp_7912a9658faa452fbc9c7e37459f0bf7b1b5a7ec