使用jenkins+sonar進行代碼掃描，並發送自定義郵件

jenkins架構

1、一台機器作為jenkins master不進行構建操作，只負責調度其他slave節點執行任務

2、一台slave機器作為執行機器存放從gitlab上拉取的代碼，使用sonar-scanner進行代碼掃描和使用sonarqube進行頁面展示，

步驟

1、在執行機上安裝sonarqube和sonar-scanner兩個工具

　　執行機器主要任務有

　　1、存儲代碼

　　2、進行代碼掃描

　　3、根據自己編寫的python腳本生成自定義的郵件內容

　　4、sonar頁面展示

下載地址：。。。。。。。

sonarqube安裝及配置mysql數據庫：http://www.pianshen.com/article/6431255831/

sonar-scanner安裝：http://www.pianshen.com/article/1870255571/

2、jenkins master機器配置

　　2.1 安裝插件：SonarQube Scanner for Jenkins

　　

 

　　2.2 系統管理》系統設置配置sonarqube

　　　　server authentication token中輸入sonarqube中生成的token值。

　　　　新版本jenkins可能需要先建憑據，再選擇而不是直接輸入token值，注意憑據的類型為Secret text

　　　　

 

 

　　 2.3 系統管理》全局工具配置sonarqube scanner

 

3、配置節點（將slave機器注冊到master上，以供后續master調用）

　　3.1 增加節點

　　

 

 　　3.2 節點配置

　　

　　3.4 節點啟動

　　

4、創建job

　　4.1 創建自由風格的任務

　　　Restrict where this project can be run（指定此項目在哪個機器上運行），指向我們新建的slave節點機器

　　

　　拉取代碼：

　　構建步驟新增代碼掃描配置

　　前提：由於要執行sonar.py腳本，所以jenkins所在機器要有python3環境，且安裝了pymysql、jinja2，

　　進入到sonar.py所在目錄，執行命令：call E:\Python36\python.exe E:\sonar\sonar_script\sonar.py 項目名

 

sonar.projectKey=A-yto-steward
sonar.projectName=A網-客戶管家
sonar.projectVersion=1.0
sonar.sources=./
sonar.language=java
sonar.sourceEncoding=UTF-8
sonar.java.binaries=./
sonar.login=admin
sonar.password=admin

 

cd ../..
cd sonar_script
call E:\Python36\python.exe E:\sonar\sonar_script\sonar.py A網-客戶管家

在執行機如下目錄放sonar.py和table.html文件

sonar.py腳本內容

#!/usr/bin/python
# -*- coding:utf-8 -*-
# @Time   : 2018/11/20 13:16
# @Author : wnaglihua
# @File   : sonar.py

import pymysql,os,sys
from jinja2 import FileSystemLoader,Environment

def select_project_uuid(project_name):
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()
    select_p_uuid="SELECT project_uuid,kee FROM projects WHERE `name`= '%s'" %(project_name)
    cursor.execute(select_p_uuid)
    result = cursor.fetchone()
    p_uuid = result[0]
    projectKey = result[1]
    db.close()
    return(p_uuid, projectKey)

def select_total_info(p_uuid):
    total_info=[]
    # 使用cursor()方法獲取操作游標
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    select_p_links = "SELECT text_value FROM project_measures WHERE text_value LIKE 'java=%' and component_uuid=" + "\'" + p_uuid + "\'"
    cursor.execute(select_p_links)
    p_links = cursor.fetchone()[0].split("=")[1]

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =%s"
    for leak in [2,3,1]:
        search_data = sql_info %(p_uuid, leak)
        cursor.execute(search_data)
        total_info.append(cursor.fetchone()[0])
    db.close()
    return p_links,total_info

def select_bugs(p_uuid):
    bugs=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =2 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        bugs.append(cursor.fetchone()[0])
    db.close()
    return bugs

def select_leaks(p_uuid):
    leaks=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =3 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        leaks.append(cursor.fetchone()[0])
    db.close()
    return leaks

def select_bad_tastes(p_uuid):
    tastes=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info="SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =1 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        tastes.append(cursor.fetchone()[0])
    return tastes
    db.close()

curpath = os.getcwd()
table_tem_name="table.html"    
def generate_errmsg_table(s_lines="", total_data=[], bugs=[],leaks=[],tastes=[],report_url=""):
    env = Environment(loader=FileSystemLoader(curpath, 'utf-8'))  # 創建一個包加載器對象
    template = env.get_template(table_tem_name)
    html_content = (template.render(lins=s_lines,total_data=total_data, bugs=bugs,leaks = leaks,tastes=tastes,report_url=report_url))
    fh = open(report_html_path, 'w')
    fh.write(html_content)
    fh.close()

project_name = sys.argv[1]
report_html_path="report\\"+project_name+".html"
p_uuid, projectKey=select_project_uuid(project_name)
s_lines,total_data=select_total_info(p_uuid)
bugs=select_bugs(p_uuid)
leaks=select_leaks(p_uuid)
tastes=select_bad_tastes(p_uuid)
report_url="http://192.168.207.140:9000/dashboard?id=%s" %(projectKey)
generate_errmsg_table(s_lines,total_data,bugs,leaks,tastes,report_url)

table.html腳本內容

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="GBK">
<body>
<p style="font-weight:bold;">一、總體情況:</p>
<ul>
<li style="font-weight:bold;">整體運行情況：掃描代碼行數:<span style="color:blue">{{lins}}</span>, bugs:<span style="color:red">{{total_data[0]}}</span>, 漏洞:<span style="color:red">{{total_data[1]}}</span>, 壞味道:<span style="color:red">{{total_data[2]}}</span></li>
<li style="font-weight:bold;">URL地址：<a style="font-weight:bold;" href={{report_url}} >{{report_url}}</a></li>
</ul>
<p style="font-weight:bold;">二、錯誤信息詳情：</p>
<table border="1" cellpadding="10" width="540" height="120">
    <tr ><th></th><th>阻斷</th><th>嚴重</th><th>主要</th><th>次要</th><th>提示</th><th>總數</th></tr>
    <tr bgcolor=#ECFFFF><td>bugs</td><td align="center">{{bugs[0]}}</td><td align="center">{{bugs[1]}}</td><td align="center">{{bugs[2]}}</td><td align="center">{{bugs[3]}}</td><td align="center">{{bugs[4]}}</td><td align="center" style="color:red">{{total_data[0]}}</td></tr>
    <tr bgcolor=#D2E9FF><td>漏洞</td><td align="center">{{leaks[0]}}</td><td align="center">{{leaks[1]}}</td><td align="center">{{leaks[2]}}</td><td align="center">{{leaks[3]}}</td><td align="center">{{leaks[4]}}</td><td align="center" style="color:red">{{total_data[1]}}</td></tr>
    <tr bgcolor=#ECFFFF><td>壞味道</td><td align="center">{{tastes[0]}}</td><td align="center">{{tastes[1]}}</td><td align="center">{{tastes[2]}}</td><td align="center">{{tastes[3]}}</td><td align="center">{{tastes[4]}}</td><td align="center" style="color:red">{{total_data[2]}}</td></tr>
</table>
<br><span style="font-weight:bold;"><b style="color:red">代碼掃描度量通過准則:</b></span>
<br><span style="font-size:14px">新覆蓋率<80%;
<br><span style="font-size:14px">新代碼中的重復行密度 (%)>30%;
<br><span style="font-size:14px">新代碼可維護率劣於A;
<br><span style="font-size:14px">新代碼可靠率劣於A;
<br><span style="font-size:14px">新代碼安全率劣於A;
<br></br>
</body>
</html>

　　郵件配置

　　安裝插件：Email Extension

　　在系統管理》》系統設置中設置

 

 

 

job中國配置發送郵件

內容選擇HTML，打開高級選項

增加觸發器，並打開高級選項

輸入發送郵箱列表，以英文逗號分隔，和郵件內容，html就是上面步驟生成的

　　

 　　構建完成后會收到如下格式郵件