SonarQube是一个开源的代码质量管理系统。工作原理如下,扫描方扫描代码并分析,上传至服务器解析。
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Y8cW64wI-1634030167833)(C:Usersntdz_yangshuo1DesktopsonarSnipaste_2021-10-09_09-25-58.png)]
2.扫描方实现 1.maven引入插件父子工程中,子类可以使用父类的插件,插件只需要在父类pom文件中引入。
org.sonarsource.scanner.maven sonar-maven-plugin 3.2 org.jacoco jacoco-maven-plugin 0.8.5 pre-test prepare-agent jacocoArgLine ${sonar.jacoco.reportPaths} true post-test test report ${sonar.jacoco.reportPaths} ${project.basedir}/jacoco org.apache.maven.plugins maven-surefire-plugin 2.16 *** ${project.basedir}/target/jacoco.exec
使用sonar命令前需要先编译和测试
mvn -U clean test compile sonar:sonar
3.整合jenkins使用pipeline工程
@Library('common-lib') _
pipeline {
agent {
node {
label 'sonar'
}
}
environment {
REPOSITORY = "28.4.193.23:5000/test/jenkins-slave-java1-7:${BUILD_NUMBER}"
def umail = ""
def message = ""
def code_review_path = ""
def err_msg = ""
def gitNameSpace = ""
def code_review_mail=""
def code_review_mail_cc=""
def jenkins_sender="jenkinsci@csmail.citicbank.com"
def mail_recv_bcc="maoshibo@csmail.citicbank.com"
def mail_test_cc=""
def mail_alone_test=""
def userId = ""
def branchName = ""
def sonarBranchName = ""
gitlabSourceNamespace= ""
gitlabSourceReponame= ""
def version = new Date().format('yyyyMMddHHmmss')
}
options {
gitLabConnection('gitlab-fcbc')
}
stages{
stage ('clone gitlab') {
steps {
gitlabCommitStatus("clone gitlab in push"){
echo "gitlabSourceBranch-> ${env.gitlabSourceBranch}"
echo "branch_name -> ${env.branch_name}"
echo "NameSpace -> ${env.gitlabSourceNamespace}"
echo "1.CLONE GITLAB"
script{
if(env.gitlabSourceBranch == null){
branchName = "${env.branch_name}"
} else {
branchName = "${env.gitlabSourceBranch}"
}
sonarBranchName = "${branchName}".substring(0,7)
gitNameSpace = "${env.gitlabSourceNamespace}".toLowerCase()
}
echo "branchName:${branchName}"
echo "sonarBranchName:${sonarBranchName}"
echo "gitNameSpace:${gitNameSpace}"
echo "repoName:${repoName}"
git credentialsId: 'jksc-ssh', url: 'ssh://git@git.citicbank.com:5022/fcbc/fcbc-interface-server.git' , branch: '${branch_name}'
script {
umail = sh(script:'git show --pretty=format:"%ae" $gitlabAfter|head -n 1',returnStdout:true).trim()
sonarBranch="${env.gitlabTargetBranch}".substring(0,7)
}
echo "umail:${umail}"
}
}
}
stage ('sonar scan') {
steps {
gitlabCommitStatus("compile and sonar scan in push"){
echo "2. sonar scan"
withSonarQubeEnv('sonar-test'){
sh """
echo -----------------------------------------------------------------
mvn -U -X clean test sonar:sonar -Dsonar -Dsonar.projectKey=com.citicbank.fcbc:${repoName} -Dsonar.projectName=${repoName} -Dsonar.host.url=http://22.4.15.55:9000 -Dsonar.java.binaries=./ -Dsonar.login=$token -Dsonar.projectVersion=${version} -Dsonar.branch=feature
"""
}
}
}
}
stage("Quality Gate"){
steps {
gitlabCommitStatus('Quality Gate'){
echo "5. quality gate"
timeout(time: 10) {
waitForQualityGate abortPipeline: true
}
}
}
}
}
}
itlabCommitStatus(‘Quality Gate’){
echo “5. quality gate”
timeout(time: 10) {
waitForQualityGate abortPipeline: true
}
}
}
}
}
}
