一、SonarQube介绍
SonarQube是一个用于代码质量检测管理的开放平台,可以集成不同的检测工具,代码分析工具,以及持续集成工具。SonarQube 并不是简单地把不同的代码检查工具结果直接显示在 Web 页面上,而是通过不同的插件对这些结果进行再加工处理,通过量化的方式度量代码质量的变化。<br /> SonarQube不仅提供了对 IDE 的支持,可以在Eclipse和IntelliJ IDEA这些工具里联机查看结果;同时 SonarQube 还对大量的持续集成工具提供了接口支持,可以很方便地在持续集成中使用SonarQube,另外Sonar的插件还可以对Java以外的其他编程语言提供支持。
二、代码质量
1.编码规范:是否遵守了编码规范,遵循了最佳实践。
2.潜在的BUG:可能在最坏情况下出现问题的代码,以及存在安全漏洞的代码。
3.文档和注释:过少(缺少必要信息)、过多(没有信息量)、过时的文档或注释。
4.重复代码:违反了Don’tRepeat Yourself原则。
5.复杂度:代码结构太复杂(如圈复杂度高),难以理解、测试和维护。
6.测试覆盖率:编写单元测试,特别是针对复杂代码的测试覆盖是否足够。
7.设计与架构:是否高内聚、低耦合,依赖最少。
三、部署
3.1、部署MySQL
Mysql也可以部署在kubernets中,我这里由于本地虚拟机磁盘不够,所以部署在自己的云服务器上。
1、在官网下载rpm包:https://dev.mysql.com/downloads/repo/yum/
mysql57-community-release-el7-11.noarch.rpm
2、安装yum源
# rpm -Uvh mysql57-community-release-el7-11.noarch.rpm
3、查看是否有我们需要的源
# yum repolist all | grep mysqlRepository epel is listed more than once in the configurationmysql-cluster-7.5-community/x86_64 MySQL Cluster 7.5 Community disabledmysql-cluster-7.5-community-source MySQL Cluster 7.5 Community - disabledmysql-cluster-7.6-community/x86_64 MySQL Cluster 7.6 Community disabledmysql-cluster-7.6-community-source MySQL Cluster 7.6 Community - disabledmysql-connectors-community/x86_64 MySQL Connectors Community enabled: 131mysql-connectors-community-source MySQL Connectors Community - disabledmysql-tools-community/x86_64 MySQL Tools Community enabled: 100mysql-tools-community-source MySQL Tools Community - Sourc disabledmysql-tools-preview/x86_64 MySQL Tools Preview disabledmysql-tools-preview-source MySQL Tools Preview - Source disabledmysql55-community/x86_64 MySQL 5.5 Community Server disabledmysql55-community-source MySQL 5.5 Community Server - disabledmysql56-community/x86_64 MySQL 5.6 Community Server disabledmysql56-community-source MySQL 5.6 Community Server - disabledmysql57-community/x86_64 MySQL 5.7 Community Server enabled: 384mysql57-community-source MySQL 5.7 Community Server - disabledmysql80-community/x86_64 MySQL 8.0 Community Server disabledmysql80-community-source MySQL 8.0 Community Server - disabled
4、安装
# yum install mysql-community-server
5、启动
# systemctl start mysqld
6、授权用户
mysql> grant all privileges on *.* to sonar@'%' identified by 'P@ssW0rd';mysql> FLUSH PRIVILEGES;
7、创建数据库
mysql> create database sonar charset=utf8;
3.2、部署sonarqube
sonar-deploy.yaml
apiVersion: extensions/v1beta1kind: Deploymentmetadata:name: sonarqubenamespace: devopsspec:replicas: 1template:metadata:labels:app: sonarqubespec:containers:- name: sonarqubeimage: sonarqube:ltsimagePullPolicy: IfNotPresentports:- name: port9000containerPort: 9000volumeMounts:- name: sonar-storagemountPath: "/data/sonar"readOnly: falseenv:- name: JAVA_OPSvalue: "-Duser.timezone=Asia/Shanghai -DsessionTimeout=10080 -Dpermissive-script-security.enabled=true"- name: SONARQUBE_JDBC_USERNAMEvalue: sonar- name: SONARQUBE_JDBC_PASSWORDvalue: P@ssW0rd- name: SONARQUBE_JDBC_URLvalue: "jdbc:mysql://122.51.79.172:3306/sonar?useSSL=false&useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance"volumes:- name: sonar-storagepersistentVolumeClaim:claimName: sonar-pvc
sonar-storage.yaml
---apiVersion: v1kind: PersistentVolumemetadata:name: sonar-pvspec:capacity:storage: 5GiaccessModes:- ReadWriteManypersistentVolumeReclaimPolicy: Deletenfs:server: 172.16.1.128path: /data/k8s/sonar---apiVersion: v1kind: PersistentVolumeClaimmetadata:name: sonar-pvcnamespace: devopsspec:accessModes:- ReadWriteManyresources:requests:storage: 5Gi
sonar-svc.yaml
apiVersion: v1kind: Servicemetadata:name: sonarnamespace: devopsspec:type: NodePortports:- name: sonarport: 9000nodePort: 29000targetPort: 9000selector:app: sonarqube
创建资源:
# kubectl apply -f sonar-storage.yaml# kubectl apply -f sonar-svc.yaml# kubectl apply -f sonar-deploy.yaml
查看资源结果:
# kubectl get svc -n devopsNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEjenkins NodePort 10.68.196.41 <none> 8080:30002/TCP,50000:24073/TCP 6d23hsonar NodePort 10.68.155.65 <none> 9000:29000/TCP 4m34s# kubectl get pod -n devopsNAME READY STATUS RESTARTS AGEjenkins-6595ddd5d-m5fvd 1/1 Running 0 6d23hsonarqube-6b46dffc95-sv24l 1/1 Running 0 12m
四、用PostgreSQL
(1)、创建secret
kubectl create secret generic postgres-pwd --from-literal=password=P@ssword -n devops
(2)、创建PVC
sonar-storage.yaml
apiVersion: storage.k8s.io/v1kind: StorageClassmetadata:name: nfs-client-storageclassprovisioner: rookieops/nfs---apiVersion: v1kind: PersistentVolumeClaimmetadata:name: claim-postgresnamespace: devopsspec:accessModes: ["ReadWriteOnce"]storageClassName: nfs-client-storageclassresources:requests:storage: 5Gi---apiVersion: v1kind: PersistentVolumeClaimmetadata:name: sonar-datanamespace: devopsspec:accessModes:- ReadWriteOncestorageClassName: nfs-client-storageclassresources:requests:storage: 1Gi---apiVersion: v1kind: PersistentVolumeClaimmetadata:name: sonar-extensionsnamespace: devopsspec:accessModes:- ReadWriteOncestorageClassName: nfs-client-storageclassresources:requests:storage: 1Gi
(3)、部署PostgreSQL
sonar-postgres-service.yaml
apiVersion: v1kind: Servicemetadata:labels:name: sonar-postgresname: sonar-postgresnamespace: devopsspec:ports:- port: 5432selector:name: sonar-postgres
sonar-postgres-deployment.yaml
apiVersion: apps/v1kind: Deploymentmetadata:name: sonar-postgresnamespace: devopsspec:selector:matchLabels:name: sonar-postgresreplicas: 1template:metadata:name: sonar-postgreslabels:name: sonar-postgresspec:containers:- image: postgres:latestname: sonar-postgresenv:- name: POSTGRES_PASSWORDvalueFrom:secretKeyRef:name: postgres-pwdkey: password- name: POSTGRES_USERvalue: sonar- name: POSTGRES_DBvalue: sonarports:- containerPort: 5432name: postgresportvolumeMounts:# This name must match the volumes.name below.- name: data-diskmountPath: /var/lib/postgresql/datavolumes:- name: data-diskpersistentVolumeClaim:claimName: claim-postgres
(4)、部署sonar
sonarqube-service.yaml
apiVersion: v1kind: Servicemetadata:labels:name: sonarname: sonarnamespace: devopsspec:type: NodePortports:- port: 80targetPort: 9000name: sonarportselector:name: sonarqube
sonarqube-deployment.yaml
apiVersion: apps/v1kind: Deploymentmetadata:name: sonarqubenamespace: devopsspec:selector:matchLabels:name: sonarqubereplicas: 1template:metadata:name: sonarqubelabels:name: sonarqubespec:initContainers: #设置初始化镜像,执行 system 命令- name: init-sysctlimage: busyboximagePullPolicy: IfNotPresentcommand: ["sysctl", "-w", "vm.max_map_count=262144"] #必须设置vm.max_map_count这个值调整内存权限,否则启动可能报错securityContext:privileged: true #赋予权限能执行系统命令containers:- image: sonarqube:latestargs:- -Dsonar.web.context=/sonarname: sonarqubeenv:- name: SONARQUBE_JDBC_PASSWORDvalueFrom:secretKeyRef:name: postgres-pwdkey: password- name: SONARQUBE_JDBC_URLvalue: jdbc:postgresql://sonar-postgres:5432/sonar- name: SONARQUBE_JDBC_USERNAMEvalue: sonarports:- containerPort: 9000name: sonarqubevolumeMounts:- mountPath: "/opt/sonarqube/data/"name: sonar-data- mountPath: "/opt/sonarqube/extensions/"name: sonar-extensionsvolumes:- name: sonar-datapersistentVolumeClaim:claimName: sonar-data- name: sonar-extensionspersistentVolumeClaim:claimName: sonar-extensions---apiVersion: traefik.containo.us/v1alpha1kind: IngressRoutemetadata:name: sonarqubenamespace: devopsspec:entryPoints:- webroutes:- match: Host(`sonarqube-test.coolops.cn`)kind: Ruleservices:- name: sonarport: 9000
然后创建配置清单:
# kubectl apply -f .# kubectl get pod -n devopsNAME READY STATUS RESTARTS AGEjenkins-686445d7b-vznkg 1/1 Running 4 23hsonar-postgres-76d98f6b85-nl4d9 1/1 Running 0 12msonarqube-5586984d6f-qncq9 1/1 Running 1 12m
五、集成到jenkins
安装插件:SonarQube Scanner
(1)、在Sonar上生产token
记得保存token,然后在jenkins中添加凭证。
(2)、Jenkins对接Sonar
(3)、Jenkins中配置sonar scanner
若有收获,就点个赞吧
0 人点赞
