下载SonarQube Scanner
登录Jenkins服务器,下载SonarQube Scanner
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
安装unzip,需要通过它来解压zip压缩包
yum install -y unzip
解压SonarScanner
unzip sonar-scanner-cli-5.0.1.3006-linux.zip
修改目录名称为sonar-scanner
mv sonar-scanner-5.0.1.3006-linux sonar-scanner
修改配置文件
vim sonar-scanner/conf/sonar-scanner.properties
把注释去掉,修改成你的SonarQube地址
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
sonar.host.url=http://192.168.170.111:9000
#----- Default source code encoding
sonar.sourceEncoding=UTF-8
进入Jenkins数据目录,把sonar-scanner移进来(和JDK、Maven一样)
cd /usr/local/docker/jenkins_docker/data/
mv /root/sonar-scanner ./
Jenkins配置
进入Dashboard > 系统管理 > 插件管理 > Advanced settings,搜索SonarQube Scanner并安装。
重启Jenkins生效
切换到Dashboard > 系统管理 > 全局工具配置 > SonarQube Scanner配置项
网络好可以直接勾选自动安装,我这里前面已经下载解压到Jenkins里面了。
Name好认即可,路径是Jenkins容器内部的路径(和JDK、Maven一样)
保存后,接着来到Dashboard > 系统管理 > System > SonarQube servers配置项
设置你的SonarQube信息,第一次添加的时候点击"添加按钮没反应"直接先点击保存
重新进入配置,这时就可以添加Jenkins凭据了,支持多种方式,这里我是用令牌的方式
来到SonarQube进入个人账户,生成令牌
复制到Jenkins的Secret处,描述是干嘛用的,待会要选择
选择刚刚创建的凭据保存
任务配置
进到我们之前创建好mytest任务配置中的Build Steps,添加一个Execute SonarQube Scanner构建步骤
设置参数,jdk选择我们内置的jdk1.8,然后把构建步骤拖到Maven的下面
sonar.projectname=${JOB_NAME}:项目名称设置为我们任务名称(当前任务名称叫mytest)
sonar.projectKey=${JOB_NAME}:这个key一般和项目名称一致即可,不设置的话报错
sonar.source=./:源码位置在当前位置
sonar.java.binaries=target:编译过后的文件在什么位置,target目录下
sonar.projectname=${JOB_NAME}
sonar.projectKey=${JOB_NAME}
sonar.source=./
sonar.java.binaries=target
构建任务
在我们配置的mytest任务,选择版本开始构建
构建成功并发布了项目,页面正常访问
Started by user 我是真滴帅
Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/mytest
The recommended git tool is: NONE
No credentials specified
> git rev-parse --resolve-git-dir /var/jenkins_home/workspace/mytest/.git # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url http://192.168.170.111:8888/root/jenkins-cicd-mytest.git # timeout=10
Fetching upstream changes from http://192.168.170.111:8888/root/jenkins-cicd-mytest.git
> git --version # timeout=10
> git --version # 'git version 2.30.2'
> git fetch --tags --force --progress -- http://192.168.170.111:8888/root/jenkins-cicd-mytest.git +refs/heads/*:refs/remotes/origin/* # timeout=10
> git rev-parse refs/remotes/origin/main^{commit} # timeout=10
Checking out Revision 971357ca89845b6f57327412c0975cbcc557e98c (refs/remotes/origin/main)
> git config core.sparsecheckout # timeout=10
> git checkout -f 971357ca89845b6f57327412c0975cbcc557e98c # timeout=10
Commit message: "修改index.html内容,用于区别v1.0.0"
> git rev-list --no-walk 971357ca89845b6f57327412c0975cbcc557e98c # timeout=10
[mytest] $ /bin/sh -xe /tmp/jenkins16055891148945526156.sh
+ git checkout v1.0.1
HEAD is now at 971357c 修改index.html内容,用于区别v1.0.0
[mytest] $ /var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/maven/bin/mvn clean package -DskipTests
[INFO] Scanning for projects...
[INFO]
[INFO] -------------------------< com.monster:mytest >-------------------------
[INFO] Building mytest 0.0.1-SNAPSHOT
[INFO] from pom.xml
[INFO] --------------------------------[ jar ]---------------------------------
[WARNING] Parameter 'archive' is unknown for plugin 'spring-boot-maven-plugin:2.6.13:repackage (repackage)'
[INFO]
[INFO] --- clean:3.2.0:clean (default-clean) @ mytest ---
[INFO] Deleting /var/jenkins_home/workspace/mytest/target
[INFO]
[INFO] --- resources:3.3.1:resources (default-resources) @ mytest ---
[INFO] Copying 2 resources from src/main/resources to target/classes
[INFO]
[INFO] --- compiler:3.8.1:compile (default-compile) @ mytest ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 4 source files to /var/jenkins_home/workspace/mytest/target/classes
[INFO]
[INFO] --- resources:3.3.1:testResources (default-testResources) @ mytest ---
[INFO] skip non existing resourceDirectory /var/jenkins_home/workspace/mytest/src/test/resources
[INFO]
[INFO] --- compiler:3.8.1:testCompile (default-testCompile) @ mytest ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 1 source file to /var/jenkins_home/workspace/mytest/target/test-classes
[INFO]
[INFO] --- surefire:3.2.2:test (default-test) @ mytest ---
[INFO] Tests are skipped.
[INFO]
[INFO] --- jar:3.3.0:jar (default-jar) @ mytest ---
[INFO] Building jar: /var/jenkins_home/workspace/mytest/target/mytest.jar
[INFO]
[INFO] --- spring-boot:2.6.13:repackage (repackage) @ mytest ---
[INFO] Replacing main artifact with repackaged archive
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.754 s
[INFO] Finished at: 2024-03-13T07:39:35Z
[INFO] ------------------------------------------------------------------------
[mytest] $ /var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.host.url=http://192.168.170.111:9000 ******** -Dsonar.projectKey=mytest -Dsonar.projectname=mytest -Dsonar.java.binaries=target -Dsonar.source=./ -Dsonar.projectBaseDir=/var/jenkins_home/workspace/mytest
INFO: Scanner configuration file: /var/jenkins_home/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 5.0.1.3006
INFO: Java 17.0.7 Eclipse Adoptium (64-bit)
INFO: Linux 3.10.0-1160.el7.x86_64 amd64
INFO: User cache: /var/jenkins_home/.sonar/cache
INFO: Analyzing on SonarQube server 9.2.3
INFO: Default locale: "en", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=66ms
INFO: Server id: 54000601-AYjKh1Zs1hD1Rss9XdjF
INFO: User cache: /var/jenkins_home/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=38ms
INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2.
INFO: Load/download plugins (done) | time=117ms
INFO: Process project properties
INFO: Process project properties (done) | time=1ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=1ms
INFO: Project key: mytest
INFO: Base dir: /var/jenkins_home/workspace/mytest
INFO: Working dir: /var/jenkins_home/workspace/mytest/.scannerwork
INFO: Load project settings for component key: 'mytest'
INFO: Load project branches
INFO: Load project branches (done) | time=8ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=8ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=1ms
INFO: Auto-configuring with CI 'Jenkins'
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=55ms
INFO: Auto-configuring with CI 'Jenkins'
INFO: Load active rules
INFO: Load active rules (done) | time=2593ms
INFO: Indexing files...
INFO: Project configuration:
INFO: 10 files indexed
INFO: 14 files ignored because of scm ignore settings
INFO: Quality profile for java: Easyspeed
INFO: Quality profile for web: Sonar way
INFO: Quality profile for xml: Sonar way
INFO: Quality profile for yaml: Sonar way
INFO: ------------- Run sensors on module mytest
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=26ms
INFO: Sensor JavaSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: JavaClasspath initialization (done) | time=7ms
INFO: JavaTestClasspath initialization
INFO: JavaTestClasspath initialization (done) | time=0ms
INFO: Java "Main" source files AST scan
INFO: 5 source files to be analyzed
INFO: Load project repositories
INFO: Load project repositories (done) | time=9ms
INFO: 5/5 source files have been analyzed
WARN: Dependencies/libraries were not provided for analysis of SOURCE files. The 'sonar.java.libraries' property is empty. Verify your configuration, as you might end up with less precise results.
WARN: Unresolved imports/types have been detected during analysis. Enable DEBUG mode to see them.
INFO: Java "Main" source files AST scan (done) | time=1051ms
INFO: No "Test" source files to scan.
INFO: No "Generated" source files to scan.
INFO: Sensor JavaSensor [java] (done) | time=1283ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=2ms
INFO: Sensor IaC CloudFormation Sensor [iac]
INFO: 0 source files to be analyzed
INFO: 0/0 source files have been analyzed
INFO: Sensor IaC CloudFormation Sensor [iac] (done) | time=21ms
INFO: Sensor CSS Rules [javascript]
WARN: Error when running: 'node -v'. Is Node.js available during analysis?
INFO: Sensor CSS Rules [javascript] (done) | time=1763ms
INFO: Sensor C# Project Type Information [csharp]
INFO: Sensor C# Project Type Information [csharp] (done) | time=0ms
INFO: Sensor C# Analysis Log [csharp]
INFO: Sensor C# Analysis Log [csharp] (done) | time=12ms
INFO: Sensor C# Properties [csharp]
INFO: Sensor C# Properties [csharp] (done) | time=0ms
INFO: Sensor SurefireSensor [java]
INFO: parsing [/var/jenkins_home/workspace/mytest/target/surefire-reports]
INFO: Sensor SurefireSensor [java] (done) | time=1ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=50ms
INFO: Sensor XML Sensor [xml]
INFO: 1 source file to be analyzed
INFO: 1/1 source file has been analyzed
INFO: Sensor XML Sensor [xml] (done) | time=222ms
INFO: Sensor VB.NET Project Type Information [vbnet]
INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=0ms
INFO: Sensor VB.NET Analysis Log [vbnet]
INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=13ms
INFO: Sensor VB.NET Properties [vbnet]
INFO: Sensor VB.NET Properties [vbnet] (done) | time=0ms
INFO: Sensor com.github.mc1arke.sonarqube.plugin.scanner.ScannerPullRequestPropertySensor
INFO: Sensor com.github.mc1arke.sonarqube.plugin.scanner.ScannerPullRequestPropertySensor (done) | time=1ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=7ms
INFO: Sensor Java CPD Block Indexer
INFO: Sensor Java CPD Block Indexer (done) | time=18ms
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 8 source files to be analyzed
INFO: SCM Publisher 8/8 source files have been analyzed (done) | time=118ms
INFO: CPD Executor 3 files had no CPD blocks
INFO: CPD Executor Calculating CPD for 3 files
INFO: CPD Executor CPD calculation finished (done) | time=6ms
INFO: Analysis report generated in 103ms, dir size=102.3 kB
INFO: Analysis report compressed in 29ms, zip size=26.0 kB
INFO: Analysis report uploaded in 1761ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://ci.hkeasyspeed.com/dashboard?id=mytest
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://ci.hkeasyspeed.com/api/ce/task?id=AY42uH06JVfWiirduY0h
INFO: Analysis total time: 10.537 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 11.509s
INFO: Final Memory: 19M/70M
INFO: ------------------------------------------------------------------------
SSH: Connecting from host [3821aea39450]
SSH: Connecting with configuration [应用服务器-170.111] ...
SSH: EXEC: completed after 21,212 ms
SSH: Disconnecting configuration [应用服务器-170.111] ...
SSH: Transferred 3 file(s)
Build step 'Send files or execute commands over SSH' changed build result to SUCCESS
Finished: SUCCESS
来到SonarQube平台,可以看见多了个mytest,配置的默认按我们的任务名称命名