一、SonarQube部署前的内核参数等配置以及java环境配置
1. 修改内核参数配置,使满足环境要求
[root@sonarqube ~]# vim /etc/sysctl.conf vm.max_map_count=262144 fs.file-max=65536 [root@sonarqube ~]# sysctl -p #生效修改的内核参数 …… vm.max_map_count = 262144 fs.file-max = 65536
2. 修改本机安全策略参数限制
[root@sonarqube ~]# vim /etc/security/limits.conf …… sonarqube - nofile 65536 sonarqube - nproc 2048
3. 配置java环境
若配置java高版本的需要在sonarqube官网查看是否支持
[root@sonarqube src]# tar -zxv -f jdk-8u144-linux-x64.tar.gz -C /usr/local/ [root@sonarqube src]# vim /etc/profile.d/java.sh export JAVA_HOME=/usr/local/jdk1.8.0_144 export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH export CLASSPATH=$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar [root@sonarqube src]# source /etc/profile.d/java.sh #将java环境变量生效 [root@sonarqube src]# java -version java version "1.8.0_144" Java(TM) SE Runtime Environment (build 1.8.0_144-b01) Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)
4. 主机内存要求
至少需要3G的内存
二、数据库准备
sonarqube7.8+版本不再支持mysql,以sonarqube7.7为例,支持的mysql版本是5.6和5.7,这里使用mysql5.7版本
不过并不打算在本机安装MySQL,而是在另一台MySQL主机上开通远程访问,创建sonarqube使用的数据库和用户。
在MySQL服务器上使用root账号登陆,执行如下命令:
mysql> CREATE DATABASE IF NOT EXISTS sonarqube CHARACTER SET utf8 COLLATE utf8_general_ci; mysql> CREATE USER 'sonarqube'@'%' IDENTIFIED BY 'sonarqube,.123!A'; mysql> grant all privileges on sonarqube.* to 'sonarqube'@'%' identified by 'sonarqube,.123!A' with grant option; mysql> flush privileges;
三、sonarqube安装配置
3.1 安装
# 下载源码压缩包
wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.7.zip
# 解压sonarqube源码包,并移动到指定路径
unzip sonarqube-7.7.zip
cp -r sonarqube-7.7 /usr/local/
# 高版本中不能用 root 用户启动 SonarQube,需用非 root 用户启动
# 创建用户以及更改目录的属主属组
useradd sonarqube
chown sonarqube.sonarqube -R /usr/local/sonarqube-7.7
# 配置sonarqube配置文件
su - sonarqube
cd /usr/local/sonarqube-7.7
grep '^[a-Z]' conf/sonar.properties
sonar.jdbc.username=sonarqube #登录数据库的授权用户
sonar.jdbc.password=sonarqube,.123!A #登录数据库的密码
sonar.jdbc.url=jdbc:mysql://192.168.0.187:3306/sonarqube?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
#jdbc:mysql://192.168.0.187:3306/sonarqube 中的sonarqube为创建的数据库名称
sonar.web.host=0.0.0.0 #sonarqube服务监听本机所有ip
sonar.web.port=9000 #sonarqube服务启动时监听的端口
sonar.jdbc.driverClassName=org.gjt.mm.mysql.Driver
# 启动sonarqube服务
/usr/local/sonarqube-7.7/bin/linux-x86-64/sonar.sh start
# 查看sonarqube服务启动状态
/usr/local/sonarqube-7.7/bin/linux-x86-64/sonar.sh status
# 查看sonarqube服务的日志文件
tail -30 /usr/local/sonarqube-7.7/logs/sonar.log
# 查看监听的9000端口
ss -tnlp
# 浏览器访问,后期可以使用nginx做反向代理配置域名进行访问
http://ip:9000
# 登录的用户名及密码均默认为admin
3.2 配置
- 安装中文插件,显示为中文界面
点击administration→Marketplace,直接搜索中文插件,输入'Chinese'进行搜索,然后进行安装
安装好后界面上方会提示重启服务,然后重启服务
再次进行登陆,界面显示都是中文的了
查看中文插件:/usr/local/sonarqube-7.7/extensions/plugins/sonar-l10n-zh-plugin-1.27.jar
- 安装python、java、php等开发语言插件,才能扫描相关语言代码
还是在上一步界面,搜索相关语言安装插件,比如:SonarPython,SonarJava
安装或更新后界面上方会提示重启服务,然后重启服务
注意:安装或更新一个插件最好立即就重启服务,再次登陆后再安装或更新下一个
- 部署扫描器sonar-scanner
sonarqube通过扫描器扫描代码
下载地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/
# 下载扫描器 wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.0.0.1744.zip # 解压并移动到指定目录 unzip sonar-scanner-cli-4.0.0.1744.zip cp -r sonar-scanner-4.0.0.1744 /usr/local/ # 修改配置文件 sonar.host.url=http://localhost:9000 sonar.sourceEncoding=UTF-8
# 准备一个测试代码压缩包并解压到当前目录下
./python-test/
├── sonar-project.properties
└── src
└── 1.py
# sonar-project.properties内容
# Required metadata
#自定义的项目key
sonar.projectKey=sonarqube:python-simple-sq-scanner
#项目的名称
sonar.projectName=Python :: Simple Project :: SonarQube Scanner
#项目的版本号
sonar.projectVersion=0.1
# Comma-separated paths to directories with sources (required)
#源码路径
sonar.sources=src
# Language
#源码的类型为python代码
sonar.language=python
# Encoding of the source files
#编码的格式
sonar.sourceEncoding=UTF-8
# 1.py内容
#!/usr/bin/python
print("hello world!")
# 在当前的代码路径下执行扫描 [root@bogon python-test]# pwd /usr/local/sonar-scanner-4.0.0.1744/python-test [root@bogon python-test]# /usr/local/sonar-scanner-4.0.0.1744/bin/sonar-scanner INFO: Scanner configuration file: /usr/local/sonar-scanner-4.0.0.1744/conf/sonar-scanner.properties INFO: Project root configuration file: /usr/local/sonar-scanner-4.0.0.1744/python-test/sonar-project.properties INFO: SonarQube Scanner 4.0.0.1744 INFO: Java 1.8.0_144 Oracle Corporation (64-bit) INFO: Linux 3.10.0-957.21.3.el7.x86_64 amd64 INFO: User cache: /root/.sonar/cache INFO: SonarQube server 7.7.0 INFO: Default locale: "en_US", source code encoding: "UTF-8" INFO: Load global settings INFO: Load global settings (done) | time=139ms INFO: Server id: 2905F556-AWyTTt7AhSCl13oM6t52 INFO: User cache: /root/.sonar/cache INFO: Load/download plugins INFO: Load plugins index INFO: Load plugins index (done) | time=61ms INFO: Plugin [l10nzh] defines 'l10nen' as base plugin. This metadata can be removed from manifest of l10n plugins since version 5.2. INFO: Load/download plugins (done) | time=101ms INFO: Process project properties INFO: Execute project builders INFO: Execute project builders (done) | time=3ms INFO: Project key: sonarqube:python-simple-sq-scanner INFO: Base dir: /usr/local/sonar-scanner-4.0.0.1744/python-test INFO: Working dir: /usr/local/sonar-scanner-4.0.0.1744/python-test/.scannerwork INFO: Load project settings for component key: 'sonarqube:python-simple-sq-scanner' INFO: Load project repositories INFO: Load project repositories (done) | time=10ms INFO: Load quality profiles INFO: Load quality profiles (done) | time=72ms INFO: Load active rules INFO: Load active rules (done) | time=2165ms WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings. INFO: Indexing files... INFO: Project configuration: INFO: 1 file indexed INFO: Quality profile for py: Sonar way INFO: ------------- Run sensors on module Python :: Simple Project :: SonarQube Scanner INFO: Load metrics repository INFO: Load metrics repository (done) | time=87ms INFO: Sensor Python Squid Sensor [python] INFO: Sensor Python Squid Sensor [python] (done) | time=141ms INFO: Sensor Cobertura Sensor for Python coverage [python] INFO: Sensor Cobertura Sensor for Python coverage [python] (done) | time=8ms INFO: Sensor PythonXUnitSensor [python] INFO: Sensor PythonXUnitSensor [python] (done) | time=0ms INFO: Sensor JaCoCo XML Report Importer [jacoco] INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=18ms INFO: Sensor JavaXmlSensor [java] INFO: Sensor JavaXmlSensor [java] (done) | time=0ms INFO: Sensor HTML [web] INFO: Sensor HTML [web] (done) | time=27ms INFO: ------------- Run sensors on project INFO: Sensor Zero Coverage Sensor INFO: Sensor Zero Coverage Sensor (done) | time=15ms INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it. INFO: 1 file had no CPD blocks INFO: Calculating CPD for 0 files INFO: CPD calculation finished INFO: Analysis report generated in 155ms, dir size=65 KB INFO: Analysis report compressed in 22ms, zip size=9 KB INFO: Analysis report uploaded in 1269ms INFO: ANALYSIS SUCCESSFUL, you can browse http://localhost:9000/dashboard?id=sonarqube%3Apython-simple-sq-scanner INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AWyTdl4K42eglE8uaHB6 INFO: Analysis total time: 6.724 s INFO: ------------------------------------------------------------------------ INFO: EXECUTION SUCCESS INFO: ------------------------------------------------------------------------ INFO: Total time: 8.161s INFO: Final Memory: 12M/46M INFO: ------------------------------------------------------------------------ # web端查看扫描后生成的记录
四、jenkins配置sonarqube-scanner并实现jenkins代码的自动测试、自动部署
1. 安装扫描器插件
在jenkins插件管理中安装插件:SonarQube Scanner
2. 点击系统设置设置sonarqube服务
3. 添加sonarqube服务并自定义服务名称以及url地址
4. 自动安装scanner扫描器
5. 若已安装scanner扫描器则无需自动安装,直接添加扫描器的工作目录即可
6. 在jenkins创建一个新项目code-test-job
7. 配置此项目的configure
使用git的方式或者使用shell脚本的方式