1.SonarQube部署前的內核參數等配置以及Java環境配置
1)修改內核參數配置,使滿足環境要求
[root@sonarqube ~]# vim /etc/sysctl.conf vm.max_map_count=262144 fs.file-max=65536 [root@sonarqube ~]# sysctl -p #生效修改的內核參數 …… vm.max_map_count = 262144 fs.file-max = 65536
2)修改本機安全策略參數限制
[root@sonarqube ~]# vim /etc/security/limits.conf …… sonarqube - nofile 65536 sonarqube - nproc 2048
3)配置java環境(至少jdk-8或openjdk-8版本)
[root@sonarqube ~]# ls /usr/local/src/ jdk-8u211-linux-x64.tar.gz [root@sonarqube src]# tar xvf jdk-8u211-linux-x64.tar.gz [root@sonarqube src]#ln -sv jdk1.8.0_211 jdk [root@sonarqube src]#ln -sv jdk [root@sonarqube src]# ln -sv jdk/bin/* /usr/bin [root@sonarqube src]# vim /etc/profile …… export export LANG="en_US.utf-8" export JAVA_HOME=/usr/local/jdk export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH export CLASSPATH=$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
2.數據庫準備(sonarqube7.9版本不再支持mysql,這里以sonarqube6.7為例,并要求至少mysql5.6)
1)提前定義好數據的相關路徑以及數據庫啟動用戶
[root@sonarqube ~]# mkdir /data/mysql #數據庫的相關數據保存路徑 [root@sonarqube ~]# mkdir /data/binlog/bin #二進制日志存放目錄 [root@sonarqube ~]# chown mysql.mysql -R /data/binlog [root@sonarqube ~]# chown mysql.mysql -R /data/mysql [root@sonarqube ~]# useradd -s /sbin/nologin/ mysql -u 1234
2)下載msyql源碼壓縮文件
[root@sonarqube ~]# ls /apps/mysql/ mariadb-10.2.23-linux-x86_64.tar.gz
3)解壓并創建軟連接
[root@sonarqube ~]# tar xvf mariadb-10.2.23-linux-x86_64.tar.gz [root@sonarqube ~]# ln -sv mariadb-10.2.23-linux-x86_64 mysql
4)創建可執行二進制文件的軟連接
[root@sonarqube ~]# ln -sv /apps/mysql/mysql/bin/* /usr/sbin/
5)修改mysql啟動腳本文件
[root@sonarqube ~]# vim /apps/mysql/mysql/support-files/mysql.server …… basedir=/apps/mysql/mysql #定義mysql的安裝運行目錄 datadir=/data/mysql #定義mysql數據庫文件保存目錄 ……
6)建議 修改主機域名解析,將修改的主機名解析到本地本地回環
[root@sonarqube ~]# vim /etc/hosts 127.0.0.1 sonarqube localhost localhost.localdomain localhost4 localhost4.localdomain4 ……
7)執行數據庫的初始化
[root@sonarqube scripts]# pwd /apps/mysql/mysql/scripts [root@sonarqube scripts]# ls mysql_install_db [root@sonarqube scripts]# mysql_install_db --user=mysql --datadir=/data/mysql
8)啟動mysql服務
[root@sonarqube support-files]# pwd /apps/mysql/mysql/support-files [root@sonarqube support-files]# bash mysql.server start
9)查看3306端口是否啟動
[root@sonarqube ~]# ss -tnlp State Recv-Q Send-Q Local Address:Port Peer Address:Port …… LISTEN 0 80 :::3306 :::* users:(("mysqld",pid=9865,fd=18)) ……
10)創建sonarqube數據庫并授權(字符集utf8)
MariaDB [(none)]> create database sonarqube default character set utf8 collate utf8_general_ci; MariaDB [(none)]> grant all on sonarqube.* to sonarqube@'192.168.1.31' identified by '123456';
11)測試sonarqube用戶是否可以登錄數據庫
[root@sonarqube ~]# mysql -usonarqube -p123456 -h192.168.1.31 Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 12 Server version: 10.2.23-MariaDB-log MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]> MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | sonarqube | | test | +--------------------+ 3 rows in set (0.00 sec)
3.sonarqube-6.7的安裝配置
1)下載源碼壓縮包
[root@sonarqube ~]# ls /apps/sonarqube sonarqube-6.7.7.zip
2)解壓sonarqube源碼包,并創建軟連接
[root@sonarqube sonarqube]# unzip sonarqube-6.7.7.zip [root@sonarqube sonarqube]# ln -sv sonarqube-6.7.7 sonarqube ‘sonarqube’ -> ‘sonarqube-6.7.7’
3)創建用戶以及更改目錄的屬主屬組
[root@sonarqube sonarqube]# useradd sonarqube [root@sonarqube sonarqube]# chown sonarqube.sonarqube -R /apps/sonarqube/
4)配置sonarqube配置文件
[root@sonarqube conf]# su - sonarqube Last login: Mon Jul 29 13:48:33 CST 2019 on pts/1 [sonarqube@sonarqube ~]$ cd /apps/sonarqube/sonarqube [sonarqube@sonarqube sonarqube]$ grep '^[a-Z]' conf/sonar.properties sonar.jdbc.username=sonarqube sonar.jdbc.password=123456 sonar.jdbc.url=jdbc:mysql://192.168.1.31:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false sonar.web.host=0.0.0.0 sonar.web.port=9000
5)啟動sonarqube服務
[sonarqube@sonarqube sonarqube]$ ./bin/linux-x86-64/sonar.sh start Starting SonarQube... Started SonarQube.
6)查看監聽端口
[sonarqube@sonarqube sonarqube]$ ss -tnlp State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:111 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 1 127.0.0.1:32000 *:* users:(("java",pid=10447,fd=4)) LISTEN 0 25 :::9000 :::* users:(("java",pid=10544,fd=116)) LISTEN 0 128 ::ffff:127.0.0.1:9001 :::* users:(("java",pid=10467,fd=100)) LISTEN 0 80 :::3306 :::* LISTEN 0 128 :::111 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 50 ::ffff:127.0.0.1:9092 :::* users:(("java",pid=10544,fd=148))
7)瀏覽器訪問sonarqube
8)登錄的用戶名及密碼均默認為admin
9)成功登錄sonarqube的web頁面
4.安裝中文插件,顯示為中文界面
1)點擊administration→Marketplace,直接搜索中文插件
2)在點擊安裝install
3)重新啟動服務
[sonarqube@sonarqube linux-x86-64]$ ./sonar.sh restart
4)再次訪問時,顯示中文界面
5)查看安裝的中文包插件
[sonarqube@sonarqube sonarqube]$ ll extensions/plugins/ …… -rw-r--r-- 1 sonarqube sonarqube 38307 Jul 29 15:05 sonar-l10n-zh-plugin-1.19.jar ……
6)安裝Python、java、php等開發語言插件,才能掃描相關語言代碼
5.部署掃描器sonar-scanner(sonarqube通過掃描器掃描代碼)
1)scanner二進制×××地址
https://binaries.sonarsource.com/Distribution/sonar-scanner-cli
2)下載掃描器到指定目錄下
[root@sonarqube sonarscanner]# pwd /apps/sonarscanner [root@sonarqube sonarscanner]# ll -h total 41M -rw-r--r-- 1 root root 41M Jul 22 19:31 sonar-scanner-cli-4.0.0.1744-linux.zip
3)解壓掃描器二進制源碼并創建軟連接
[root@sonarqube sonarscanner]# unzip sonar-scanner-cli-4.0.0.1744-linux.zip [root@sonarqube sonarscanner]# ls sonar-scanner-4.0.0.1744-linux sonar-scanner-cli-4.0.0.1744-linux.zip [root@sonarqube sonarscanner]# ln -sv sonar-scanner-4.0.0.1744-linux sonar-scanner ‘sonar-scanner’ -> ‘sonar-scanner-4.0.0.1744-linux’
4)修改配置文件
[root@sonarqube sonar-scanner]# vim conf/sonar-scanner.properties …… #----- Default SonarQube server sonar.host.url=http://192.168.1.31:9000 #----- Default source code encoding sonar.sourceEncoding=UTF-8
5)準備一個測試代碼壓縮包并解壓到當前目錄下
[root@sonarqube code-test]# pwd /apps/code-test [root@sonarqube code-test]# ll -h total 6.5M -rw-r--r-- 1 root root 6.5M Nov 21 2018 sonar-examples-master.zip [root@sonarqube code-test]# unzip sonar-examples-master.zip
6)切換到測試源碼的路徑下
[root@sonarqube php-sonar-runner]# pwd /apps/code-test/sonar-examples-master/projects/languages/php/php-sonar-runner [root@sonarqube php-sonar-runner]# ll total 12 -rw-r--r-- 1 root root 453 Jul 25 2016 README.md -rw-r--r-- 1 root root 331 Jul 25 2016 sonar-project.properties drwxr-xr-x 2 root root 22 Jul 25 2016 src -rw-r--r-- 1 root root 272 Jul 25 2016 validation.txt
7)默認生成的代碼配置文件
[root@sonarqube php-sonar-runner]# cat sonar-project.properties # Required metadata sonar.projectKey=org.sonarqube:php-simple-sq-scanner #自定義額項目key sonar.projectName=PHP :: Simple Project :: SonarQube Scanner #項目的名稱 sonar.projectVersion=1.0 #項目的版本號 # Comma-separated paths to directories with sources (required) sonar.sources=src #源碼路徑 # Language sonar.language=php #源碼的類型為PHP代碼 # Encoding of the source files sonar.sourceEncoding=UTF-8 #編碼的格式
8)在當前的代碼路徑下執行掃描
[root@sonarqube php-sonar-runner]# /apps/sonarscanner/sonar-scanner/bin/sonar-scanner …… tly specify it. INFO: Calculating CPD for 1 file INFO: CPD calculation finished INFO: Analysis report generated in 213ms, dir size=34 KB INFO: Analysis reports compressed in 42ms, zip size=10 KB INFO: Analysis report uploaded in 3108ms INFO: ANALYSIS SUCCESSFUL, you can browse http://192.168.1.31:9000/dashboard/index/org.sonarqube:php-simple-sq-scanner INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://192.168.1.31:9000/api/ce/task?id=AWw9AEUVHii-ILef0qYq INFO: Task total time: 17.226 s INFO: ------------------------------------------------------------------------ INFO: EXECUTION SUCCESS INFO: ------------------------------------------------------------------------ INFO: Total time: 29.467s INFO: Final Memory: 7M/115M INFO: ------------------------------------------------------------------------
9)web端查看掃描后生成的記錄
6.jenkins配置sonarqube-scanner并實現jenkins代碼的自動測試、自動部署
1)安裝掃描器插件
2)點擊系統設置設置sonarqube服務
3)添加sonarqube服務并自定義服務名稱以及url地址
4)自動安裝scanner掃描器
5)若已安裝scanner掃描器則無需自動安裝,直接添加掃描器的工作目錄即可
6)在jenkins創建一個新項目code-test-job
7)配置此項目的configure
指定gitlab倉庫源、認證方式
構建觸發的口令秘鑰
代碼掃描的配置參數,其指定檢測代碼的類型、編碼格式、路徑等
8)在gitlab服務器中對的系統鉤子添加jenkins認證地址,以實現自動觸發jenkins的項目構建
9)克隆gitlab倉庫代碼并修改代碼,再上傳至gitlab倉庫觸發jenkins項目構建
指定克隆develop分支代碼
root@Ubuntu1804:/data/src# git clone -b develop http://192.168.1.30/jie/web-page.git Cloning into 'web-page'... Username for 'http://192.168.1.30': jie Password for 'http://jie@192.168.1.30': remote: Enumerating objects: 30, done. remote: Counting objects: 100% (30/30), done. remote: Compressing objects: 100% (13/13), done. remote: Total 30 (delta 4), reused 27 (delta 4) Unpacking objects: 100% (30/30), done.
添加一個php源碼文件到克隆的目錄下
root@ubuntu1804:/data/src/web-page# mv /data/Math.php ./ root@ubuntu1804:/data/src/web-page# ls index.html Math.php
代碼添加至本地暫存區
root@ubuntu1804:/data/src/web-page# git add ./*
代碼提交至工作區并指定提交版本號以便多次提交的區分
root@ubuntu1804:/data/src/web-page# git commit -m 'v11' [develop 9e106d4] v11 1 file changed, 214 insertions(+) create mode 100644 Math.php
代碼上傳至gitlab代碼庫
root@ubuntu1804:/data/src/web-page# git push Username for 'http://192.168.1.30': jie Password for 'http://jie@192.168.1.30': Counting objects: 3, done. Delta compression using up to 4 threads. Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 1.75 KiB | 893.00 KiB/s, done. Total 3 (delta 0), reused 0 (delta 0) remote: remote: To create a merge request for develop, visit: remote: http://192.168.1.30/jie/web-page/merge_requests/new?merge_request%5Bsource_branch%5D=develop remote: To http://192.168.1.30/jie/web-page.git 3fb434f..9e106d4 develop -> develop
10)在gitlab服務端查看代碼已提交成功
11)提交代碼到gitlab后自動觸發jenkins項目構建
12)查看項目構建成功的控制臺信息輸出
13)查看sonarqube-server服務器記錄下來的php代碼測試結果
站長資訊網