DevOps-SonarQube整合Jenkins

下载SonarQube Scanner

登录Jenkins服务器,下载SonarQube Scanner

wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip

安装unzip,需要通过它来解压zip压缩包

yum install -y unzip

解压SonarScanner

unzip sonar-scanner-cli-5.0.1.3006-linux.zip

修改目录名称为sonar-scanner

mv sonar-scanner-5.0.1.3006-linux sonar-scanner

修改配置文件

vim sonar-scanner/conf/sonar-scanner.properties 

把注释去掉,修改成你的SonarQube地址

#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here

#----- Default SonarQube server
sonar.host.url=http://192.168.170.111:9000

#----- Default source code encoding
sonar.sourceEncoding=UTF-8

进入Jenkins数据目录,把sonar-scanner移进来(和JDK、Maven一样)

cd /usr/local/docker/jenkins_docker/data/
mv /root/sonar-scanner ./

Jenkins配置

进入Dashboard > 系统管理 > 插件管理 > Advanced settings,搜索SonarQube Scanner并安装。

重启Jenkins生效

切换到Dashboard > 系统管理 > 全局工具配置 > SonarQube Scanner配置项

网络好可以直接勾选自动安装,我这里前面已经下载解压到Jenkins里面了。

Name好认即可,路径是Jenkins容器内部的路径(和JDK、Maven一样)

保存后,接着来到Dashboard > 系统管理 > System > SonarQube servers配置项

设置你的SonarQube信息,第一次添加的时候点击"添加按钮没反应"直接先点击保存

重新进入配置,这时就可以添加Jenkins凭据了,支持多种方式,这里我是用令牌的方式

来到SonarQube进入个人账户,生成令牌

复制到Jenkins的Secret处,描述是干嘛用的,待会要选择

选择刚刚创建的凭据保存

任务配置

进到我们之前创建好mytest任务配置中的Build Steps,添加一个Execute SonarQube Scanner构建步骤

设置参数,jdk选择我们内置的jdk1.8,然后把构建步骤拖到Maven的下面

sonar.projectname=${JOB_NAME}:项目名称设置为我们任务名称(当前任务名称叫mytest)

sonar.projectKey=${JOB_NAME}:这个key一般和项目名称一致即可,不设置的话报错

sonar.source=./:源码位置在当前位置

sonar.java.binaries=target:编译过后的文件在什么位置,target目录下

sonar.projectname=${JOB_NAME}
sonar.projectKey=${JOB_NAME}
sonar.source=./
sonar.java.binaries=target

构建任务

在我们配置的mytest任务,选择版本开始构建

构建成功并发布了项目,页面正常访问

Started by user 我是真滴帅
Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/mytest
The recommended git tool is: NONE
No credentials specified
 > git rev-parse --resolve-git-dir /var/jenkins_home/workspace/mytest/.git # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url http://192.168.170.111:8888/root/jenkins-cicd-mytest.git # timeout=10
Fetching upstream changes from http://192.168.170.111:8888/root/jenkins-cicd-mytest.git
 > git --version # timeout=10
 > git --version # 'git version 2.30.2'
 > git fetch --tags --force --progress -- http://192.168.170.111:8888/root/jenkins-cicd-mytest.git +refs/heads/*:refs/remotes/origin/* # timeout=10
 > git rev-parse refs/remotes/origin/main^{commit} # timeout=10
Checking out Revision 971357ca89845b6f57327412c0975cbcc557e98c (refs/remotes/origin/main)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 971357ca89845b6f57327412c0975cbcc557e98c # timeout=10
Commit message: "修改index.html内容,用于区别v1.0.0"
 > git rev-list --no-walk 971357ca89845b6f57327412c0975cbcc557e98c # timeout=10
[mytest] $ /bin/sh -xe /tmp/jenkins16055891148945526156.sh
+ git checkout v1.0.1
HEAD is now at 971357c 修改index.html内容,用于区别v1.0.0
[mytest] $ /var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/maven/bin/mvn clean package -DskipTests
[INFO] Scanning for projects...
[INFO] 
[INFO] -------------------------< com.monster:mytest >-------------------------
[INFO] Building mytest 0.0.1-SNAPSHOT
[INFO]   from pom.xml
[INFO] --------------------------------[ jar ]---------------------------------
[WARNING] Parameter 'archive' is unknown for plugin 'spring-boot-maven-plugin:2.6.13:repackage (repackage)'
[INFO] 
[INFO] --- clean:3.2.0:clean (default-clean) @ mytest ---
[INFO] Deleting /var/jenkins_home/workspace/mytest/target
[INFO] 
[INFO] --- resources:3.3.1:resources (default-resources) @ mytest ---
[INFO] Copying 2 resources from src/main/resources to target/classes
[INFO] 
[INFO] --- compiler:3.8.1:compile (default-compile) @ mytest ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 4 source files to /var/jenkins_home/workspace/mytest/target/classes
[INFO] 
[INFO] --- resources:3.3.1:testResources (default-testResources) @ mytest ---
[INFO] skip non existing resourceDirectory /var/jenkins_home/workspace/mytest/src/test/resources
[INFO] 
[INFO] --- compiler:3.8.1:testCompile (default-testCompile) @ mytest ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 1 source file to /var/jenkins_home/workspace/mytest/target/test-classes
[INFO] 
[INFO] --- surefire:3.2.2:test (default-test) @ mytest ---
[INFO] Tests are skipped.
[INFO] 
[INFO] --- jar:3.3.0:jar (default-jar) @ mytest ---
[INFO] Building jar: /var/jenkins_home/workspace/mytest/target/mytest.jar
[INFO] 
[INFO] --- spring-boot:2.6.13:repackage (repackage) @ mytest ---
[INFO] Replacing main artifact with repackaged archive
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  2.754 s
[INFO] Finished at: 2024-03-13T07:39:35Z
[INFO] ------------------------------------------------------------------------
[mytest] $ /var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.host.url=http://192.168.170.111:9000 ******** -Dsonar.projectKey=mytest -Dsonar.projectname=mytest -Dsonar.java.binaries=target -Dsonar.source=./ -Dsonar.projectBaseDir=/var/jenkins_home/workspace/mytest
INFO: Scanner configuration file: /var/jenkins_home/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 5.0.1.3006
INFO: Java 17.0.7 Eclipse Adoptium (64-bit)
INFO: Linux 3.10.0-1160.el7.x86_64 amd64
INFO: User cache: /var/jenkins_home/.sonar/cache
INFO: Analyzing on SonarQube server 9.2.3
INFO: Default locale: "en", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=66ms
INFO: Server id: 54000601-AYjKh1Zs1hD1Rss9XdjF
INFO: User cache: /var/jenkins_home/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=38ms
INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2.
INFO: Load/download plugins (done) | time=117ms
INFO: Process project properties
INFO: Process project properties (done) | time=1ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=1ms
INFO: Project key: mytest
INFO: Base dir: /var/jenkins_home/workspace/mytest
INFO: Working dir: /var/jenkins_home/workspace/mytest/.scannerwork
INFO: Load project settings for component key: 'mytest'
INFO: Load project branches
INFO: Load project branches (done) | time=8ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=8ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=1ms
INFO: Auto-configuring with CI 'Jenkins'
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=55ms
INFO: Auto-configuring with CI 'Jenkins'
INFO: Load active rules
INFO: Load active rules (done) | time=2593ms
INFO: Indexing files...
INFO: Project configuration:
INFO: 10 files indexed
INFO: 14 files ignored because of scm ignore settings
INFO: Quality profile for java: Easyspeed
INFO: Quality profile for web: Sonar way
INFO: Quality profile for xml: Sonar way
INFO: Quality profile for yaml: Sonar way
INFO: ------------- Run sensors on module mytest
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=26ms
INFO: Sensor JavaSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: JavaClasspath initialization (done) | time=7ms
INFO: JavaTestClasspath initialization
INFO: JavaTestClasspath initialization (done) | time=0ms
INFO: Java "Main" source files AST scan
INFO: 5 source files to be analyzed
INFO: Load project repositories
INFO: Load project repositories (done) | time=9ms
INFO: 5/5 source files have been analyzed
WARN: Dependencies/libraries were not provided for analysis of SOURCE files. The 'sonar.java.libraries' property is empty. Verify your configuration, as you might end up with less precise results.
WARN: Unresolved imports/types have been detected during analysis. Enable DEBUG mode to see them.
INFO: Java "Main" source files AST scan (done) | time=1051ms
INFO: No "Test" source files to scan.
INFO: No "Generated" source files to scan.
INFO: Sensor JavaSensor [java] (done) | time=1283ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=2ms
INFO: Sensor IaC CloudFormation Sensor [iac]
INFO: 0 source files to be analyzed
INFO: 0/0 source files have been analyzed
INFO: Sensor IaC CloudFormation Sensor [iac] (done) | time=21ms
INFO: Sensor CSS Rules [javascript]
WARN: Error when running: 'node -v'. Is Node.js available during analysis?
INFO: Sensor CSS Rules [javascript] (done) | time=1763ms
INFO: Sensor C# Project Type Information [csharp]
INFO: Sensor C# Project Type Information [csharp] (done) | time=0ms
INFO: Sensor C# Analysis Log [csharp]
INFO: Sensor C# Analysis Log [csharp] (done) | time=12ms
INFO: Sensor C# Properties [csharp]
INFO: Sensor C# Properties [csharp] (done) | time=0ms
INFO: Sensor SurefireSensor [java]
INFO: parsing [/var/jenkins_home/workspace/mytest/target/surefire-reports]
INFO: Sensor SurefireSensor [java] (done) | time=1ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=50ms
INFO: Sensor XML Sensor [xml]
INFO: 1 source file to be analyzed
INFO: 1/1 source file has been analyzed
INFO: Sensor XML Sensor [xml] (done) | time=222ms
INFO: Sensor VB.NET Project Type Information [vbnet]
INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=0ms
INFO: Sensor VB.NET Analysis Log [vbnet]
INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=13ms
INFO: Sensor VB.NET Properties [vbnet]
INFO: Sensor VB.NET Properties [vbnet] (done) | time=0ms
INFO: Sensor com.github.mc1arke.sonarqube.plugin.scanner.ScannerPullRequestPropertySensor
INFO: Sensor com.github.mc1arke.sonarqube.plugin.scanner.ScannerPullRequestPropertySensor (done) | time=1ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=7ms
INFO: Sensor Java CPD Block Indexer
INFO: Sensor Java CPD Block Indexer (done) | time=18ms
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 8 source files to be analyzed
INFO: SCM Publisher 8/8 source files have been analyzed (done) | time=118ms
INFO: CPD Executor 3 files had no CPD blocks
INFO: CPD Executor Calculating CPD for 3 files
INFO: CPD Executor CPD calculation finished (done) | time=6ms
INFO: Analysis report generated in 103ms, dir size=102.3 kB
INFO: Analysis report compressed in 29ms, zip size=26.0 kB
INFO: Analysis report uploaded in 1761ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://ci.hkeasyspeed.com/dashboard?id=mytest
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://ci.hkeasyspeed.com/api/ce/task?id=AY42uH06JVfWiirduY0h
INFO: Analysis total time: 10.537 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 11.509s
INFO: Final Memory: 19M/70M
INFO: ------------------------------------------------------------------------
SSH: Connecting from host [3821aea39450]
SSH: Connecting with configuration [应用服务器-170.111] ...
SSH: EXEC: completed after 21,212 ms
SSH: Disconnecting configuration [应用服务器-170.111] ...
SSH: Transferred 3 file(s)
Build step 'Send files or execute commands over SSH' changed build result to SUCCESS
Finished: SUCCESS

来到SonarQube平台,可以看见多了个mytest,配置的默认按我们的任务名称命名

相关推荐
bug管理者2 小时前
UI自动化测试中公认最佳的设计模式-POM
jenkins·策略模式
ernesto_ji21 小时前
Jenkins下载安装、构建部署到linux远程启动运行
linux·servlet·jenkins
书埋不住我1 天前
java第三章
java·开发语言·servlet
运维老司机1 天前
Jenkins迁移数据目录
运维·jenkins
zpz20011 天前
Jenkins的环境部署
java·运维·jenkins
XMYX-02 天前
深入理解 DevOps:从理念到实践
运维·devops
cronaldo912 天前
研发效能DevOps: Vite 使用 Axios 实现数据双向绑定
vue.js·vue·devops
联蔚盘云2 天前
阿里云 DevOps 资源安全扫描实践
安全·阿里云·devops
落非2 天前
kubesphere问题处理:devops
运维·devops
Dreams°1232 天前
【大数据测试 Elasticsearch 的标准--超详细篇】
大数据·elasticsearch·jenkins