一、SonarQube部署前的內核參數等配置以及java環境配置
1. 修改內核參數配置,使滿足環境要求
[root@sonarqube ~]# vim /etc/sysctl.conf
vm.max_map_count=262144
fs.file-max=65536
[root@sonarqube ~]# sysctl -p #生效修改的內核參數
……
vm.max_map_count = 262144
fs.file-max = 65536
2. 修改本機安全策略參數限制
[root@sonarqube ~]# vim /etc/security/limits.conf
……
sonarqube - nofile 65536
sonarqube - nproc 2048
3. 配置java環境
若配置java高版本的需要在sonarqube官網查看是否支持
[root@sonarqube src]# tar -zxv -f jdk-8u144-linux-x64.tar.gz -C /usr/local/
[root@sonarqube src]# vim /etc/profile.d/java.sh
export JAVA_HOME=/usr/local/jdk1.8.0_144
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
export CLASSPATH=$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
[root@sonarqube src]# source /etc/profile.d/java.sh #將java環境變量生效
[root@sonarqube src]# java -version
java version "1.8.0_144"
Java(TM) SE Runtime Environment (build 1.8.0_144-b01)
Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)
4. 主機內存要求
至少需要3G的內存
二、數據庫准備
sonarqube7.8+版本不再支持mysql,以sonarqube7.7為例,支持的mysql版本是5.6和5.7,這里使用mysql5.7版本
不過並不打算在本機安裝MySQL,而是在另一台MySQL主機上開通遠程訪問,創建sonarqube使用的數據庫和用戶。
在MySQL服務器上使用root賬號登陸,執行如下命令:
mysql> CREATE DATABASE IF NOT EXISTS sonarqube CHARACTER SET utf8 COLLATE utf8_general_ci;
mysql> CREATE USER 'sonarqube'@'%' IDENTIFIED BY 'sonarqube,.123!A';
mysql> grant all privileges on sonarqube.* to 'sonarqube'@'%' identified by 'sonarqube,.123!A' with grant option;
mysql> flush privileges;
三、sonarqube安裝配置
3.1 安裝
# 下載源碼壓縮包
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip
# 解壓sonarqube源碼包,並移動到指定路徑
unzip sonarqube-7.7.zip
cp -r sonarqube-7.7 /usr/local/
# 高版本中不能用 root 用戶啟動 SonarQube,需用非 root 用戶啟動
# 創建用戶以及更改目錄的屬主屬組
useradd sonarqube
chown sonarqube.sonarqube -R /usr/local/sonarqube-7.7
# 配置sonarqube配置文件
su - sonarqube
cd /usr/local/sonarqube-7.7
grep '^[a-Z]' conf/sonar.properties
sonar.jdbc.username=sonarqube #登錄數據庫的授權用戶
sonar.jdbc.password=sonarqube,.123!A #登錄數據庫的密碼
sonar.jdbc.url=jdbc:mysql://192.168.0.187:3306/sonarqube?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
#jdbc:mysql://192.168.0.187:3306/sonarqube 中的sonarqube為創建的數據庫名稱
sonar.web.host=0.0.0.0 #sonarqube服務監聽本機所有ip
sonar.web.port=9000 #sonarqube服務啟動時監聽的端口
sonar.jdbc.driverClassName=org.gjt.mm.mysql.Driver
# 啟動sonarqube服務
/usr/local/sonarqube-7.7/bin/linux-x86-64/sonar.sh start
# 查看sonarqube服務啟動狀態
/usr/local/sonarqube-7.7/bin/linux-x86-64/sonar.sh status
# 查看sonarqube服務的日志文件
tail -30 /usr/local/sonarqube-7.7/logs/sonar.log
# 查看監聽的9000端口
ss -tnlp
# 瀏覽器訪問,后期可以使用nginx做反向代理配置域名進行訪問
http://ip:9000
# 登錄的用戶名及密碼均默認為admin
3.2 配置
- 安裝中文插件,顯示為中文界面
點擊administration→Marketplace,直接搜索中文插件,輸入'Chinese'進行搜索,然后進行安裝
安裝好后界面上方會提示重啟服務,然后重啟服務
再次進行登陸,界面顯示都是中文的了
查看中文插件:/usr/local/sonarqube-7.7/extensions/plugins/sonar-l10n-zh-plugin-1.27.jar
- 安裝python、java、php等開發語言插件,才能掃描相關語言代碼
還是在上一步界面,搜索相關語言安裝插件,比如:SonarPython,SonarJava
安裝或更新后界面上方會提示重啟服務,然后重啟服務
注意:安裝或更新一個插件最好立即就重啟服務,再次登陸后再安裝或更新下一個
- 部署掃描器sonar-scanner
sonarqube通過掃描器掃描代碼
下載地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/
# 下載掃描器
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.0.0.1744.zip
# 解壓並移動到指定目錄
unzip sonar-scanner-cli-4.0.0.1744.zip
cp -r sonar-scanner-4.0.0.1744 /usr/local/
# 修改配置文件
sonar.host.url=http://localhost:9000
sonar.sourceEncoding=UTF-8
# 准備一個測試代碼壓縮包並解壓到當前目錄下
./python-test/
├── sonar-project.properties
└── src
└── 1.py
# sonar-project.properties內容
# Required metadata
#自定義的項目key
sonar.projectKey=sonarqube:python-simple-sq-scanner
#項目的名稱
sonar.projectName=Python :: Simple Project :: SonarQube Scanner
#項目的版本號
sonar.projectVersion=0.1
# Comma-separated paths to directories with sources (required)
#源碼路徑
sonar.sources=src
# Language
#源碼的類型為python代碼
sonar.language=python
# Encoding of the source files
#編碼的格式
sonar.sourceEncoding=UTF-8
# 1.py內容
#!/usr/bin/python
print("hello world!")
# 在當前的代碼路徑下執行掃描
[root@bogon python-test]# pwd
/usr/local/sonar-scanner-4.0.0.1744/python-test
[root@bogon python-test]# /usr/local/sonar-scanner-4.0.0.1744/bin/sonar-scanner
INFO: Scanner configuration file: /usr/local/sonar-scanner-4.0.0.1744/conf/sonar-scanner.properties
INFO: Project root configuration file: /usr/local/sonar-scanner-4.0.0.1744/python-test/sonar-project.properties
INFO: SonarQube Scanner 4.0.0.1744
INFO: Java 1.8.0_144 Oracle Corporation (64-bit)
INFO: Linux 3.10.0-957.21.3.el7.x86_64 amd64
INFO: User cache: /root/.sonar/cache
INFO: SonarQube server 7.7.0
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=139ms
INFO: Server id: 2905F556-AWyTTt7AhSCl13oM6t52
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=61ms
INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2.
INFO: Load/download plugins (done) | time=101ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=3ms
INFO: Project key: sonarqube:python-simple-sq-scanner
INFO: Base dir: /usr/local/sonar-scanner-4.0.0.1744/python-test
INFO: Working dir: /usr/local/sonar-scanner-4.0.0.1744/python-test/.scannerwork
INFO: Load project settings for component key: 'sonarqube:python-simple-sq-scanner'
INFO: Load project repositories
INFO: Load project repositories (done) | time=10ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=72ms
INFO: Load active rules
INFO: Load active rules (done) | time=2165ms
WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings.
INFO: Indexing files...
INFO: Project configuration:
INFO: 1 file indexed
INFO: Quality profile for py: Sonar way
INFO: ------------- Run sensors on module Python :: Simple Project :: SonarQube Scanner
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=87ms
INFO: Sensor Python Squid Sensor [python]
INFO: Sensor Python Squid Sensor [python] (done) | time=141ms
INFO: Sensor Cobertura Sensor for Python coverage [python]
INFO: Sensor Cobertura Sensor for Python coverage [python] (done) | time=8ms
INFO: Sensor PythonXUnitSensor [python]
INFO: Sensor PythonXUnitSensor [python] (done) | time=0ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=18ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=0ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=27ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=15ms
INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
INFO: 1 file had no CPD blocks
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 155ms, dir size=65 KB
INFO: Analysis report compressed in 22ms, zip size=9 KB
INFO: Analysis report uploaded in 1269ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard?id=sonarqube%3Apython-simple-sq-scanner
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AWyTdl4K42eglE8uaHB6
INFO: Analysis total time: 6.724 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 8.161s
INFO: Final Memory: 12M/46M
INFO: ------------------------------------------------------------------------
# web端查看掃描后生成的記錄
四、jenkins配置sonarqube-scanner並實現jenkins代碼的自動測試、自動部署
1. 安裝掃描器插件
在jenkins插件管理中安裝插件:SonarQube Scanner
2. 點擊系統設置設置sonarqube服務
3. 添加sonarqube服務並自定義服務名稱以及url地址
4. 自動安裝scanner掃描器
5. 若已安裝scanner掃描器則無需自動安裝,直接添加掃描器的工作目錄即可
6. 在jenkins創建一個新項目code-test-job
7. 配置此項目的configure
使用git的方式或者使用shell腳本的方式