Sonarqube Usage - hqzhang/cloudtestbed GitHub Wiki
Sonarqube Usage
Sonarqube is a good tool for code quality scanning like lint. it also provide server to publish scanning result.
0. Sonar Configuration
1. Maven sonar
2. sonar-scanner
Nexus Installation
0. Install Java
00. Install nginx
sudo apt install nginx
set config file vim /etc/nginx/nginx.conf
server {
listen 443;
server name sonar.wavecloud.com;
ssl on;
ssl_certificate certs/chain.crt
ssl_certificate_key certs/private.key;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_cipfers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location/{
proxy_pass http://127.0.0.1:9000;
proxy_set_header HOST $HOST ;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $schema;
proxy_max_temp_file_size 0;
proxy_max_body_size 10m;
proxy_body_buffer_size;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
key at /etc/nginx/certs
- Install sonarqube
0) download and running
wget https://binaries.sonarsource.com/CommercialDistribution/sonarqube-developer/sonarqube-developer-9.0.0.45539.zip
and mv it to /usr/local/opt/sonarqube
1) running
/usr/local/opt/sonarqube/bin/sonar console
2) set servive for mac
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>homebrew.mxcl.sonarqube</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/opt/sonarqube/bin/sonar</string>
<string>start</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
3) set servive for linux /etc/systemd/system/sonarqube.service
[Unit]
Descriptin=Sonarqube service
After=syslog.target network.target
[Service]
Type=simple
User=myuser
Group=mygroup
PermissionStartOnly=True
ExecStart=/bin/nohup java -Xms32m -Xmx32 -Djava.net.preferIPv4Stack=true -jar sonar.jar
StandardOutput=syslog
LimitNOFILE=65536
LimitNPROC=8192
TimeoutStartSec=5
Restart=always
[Install]
WantedBy=multi-user.target
4.sonar config file
JAVA_HOME can be changed in bin/sonar
conf/sonar.properties
conf/wrapper.conf
logs/sonar.log. web.log es.log ce.log
5. use sonar-scanner
go into localhost:9000 to get server token and run
project: myangular
Token:myangulartoken
4f16c9828e2b2aa50afe00922d0b3a8d9edca0af
sonar-scanner \
-Dsonar.projectKey=myangular \
-Dsonar.sources=. \
-Dsonar.java.binaries=target/classes \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=4f16c9828e2b2aa50afe00922d0b3a8d9edca0af
1) in sonarqube, generate token
2) in Jenkins, install plugin of soarqube, credential
3) in Jenkins, create credential with secret text type for token
4) in Jenkins system config, add sonarqube config with url and token
5) in Jenkins tool configure, add sonar scanner.
6) create job
2. Config sonarqube
1) git clone https://github.com/gouthamchilakala/PetClinic.git
2) server /usr/local/opt/sonarqube/bin/sonar console
client /usr/local/opt/sonar-scanner/sonar-scanner/bin/sonar-scanner
3) create project with token cd2ff10b50b4055aa5d4988208e4dcdfa3c861e6
4) cd PetClinic and
mvn compile sonar:sonar \
-Dsonar.projectName=projectname \
-Dsonar.projectVersion=projectversion \
-Dsonar.projectKey=mytest \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=cd2ff10b50b4055aa5d4988208e4dcdfa3c861e6
5)view scan result.
6) mvn sonar:sonar vs sonarscanner
Man sonar is much deeper.
7) mvn clean deploy sonar:sonar
8) Jenkinsfile
node {
stage('SCM') {
git 'https://github.com/foo/bar.git'
}
stage('SonarQube analysis') {
def scannerHome = tool 'SonarScanner 4.0';
withSonarQubeEnv('My SonarQube Server') { // If you have configured more than one global server connection, you can specify its name
sh "${scannerHome}/bin/sonar-scanner"
}
}
}