使用 gitlab ci 运行 sonarqube 扫描仪 [英] Run sonarqube scanner with gitlab ci
问题描述
我正在尝试使用以下堆栈(仅相关堆栈)为 .NET 应用程序构建 CI 环境:
I am trying to put together a CI environment for a .NET application using the following stack (just the relevant ones):
- Debian + 单声道
- 码头工人
- Gitlab CI
- Gitlab-multi-runner(作为 docker 容器)
- Sonarqube + Postgre
我使用 docker-compose 为 sonarqube 和 postgre 创建容器,它们都在运行和工作.遗憾的是,我一直坚持为 gitlab 运行程序执行的构建执行 sonarqube 分析,我发现的所有示例都是使用 Maven.我也尝试过使用声纳扫描仪,到目前为止没有运气.
I've used docker-compose to create the container for sonarqube and postgre, both are running and working. I am sadly stuck with executing sonarqube analysis for my build executed by the gitlab runner and all examples I found were using Maven. I've tried to use sonar-scanner as well, no luck so far.
这是我的 gitlab-ci.yml 的内容:
Here are the contents of my gitlab-ci.yml:
image: mono:latest
cache:
paths:
- ./src/T_GitLabCi/packages/
stages:
- build
.shared: &restriction
only:
- master
tags:
- docker
build:
<<: *restriction
stage: build
script:
- nuget restore ./src/T_GitLabCi
- MONO_IOMAP=case xbuild /t:Build /p:Configuration="Release" /p:Platform="Any CPU" ./src/T_GitLabCi/T_GitLabCi.sln
- mono ./tools/NUnitConsoleRunner/nunit3-console.exe ./src/T_GitLabCi/T_GitLabCi.sln --work=./src/T_GitLabCi/test --config=Release
- << EXECUTE SONAR ANALYSIS >>
我肯定在这里遗漏了一些东西.有人能指出正确的方向吗?
I am definitely missing something here. Could somebody point me the right direction?
推荐答案
我有用 PHP 编写的项目,但这没关系.这就是我所做的.
I have projects written in PHP but that shouldn't matter. Here's what I did.
- 我启用了托管在我的 GitLab 安装上的私有注册表
在这个注册表中,我有一个从这个
Dockerfile
构建的声纳扫描仪"图像(它基于 Docker hub 上可用的图像之一):
- I enabled a private registry hosted on my GitLab installation
In this registry I have a "sonar-scanner" image built from this
Dockerfile
(it's based on one of the images available on Docker hub):
FROM java:alpine
ENV SONAR_SCANNER_VERSION 2.8
RUN apk add --no-cache wget &&
wget https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-${SONAR_SCANNER_VERSION}.zip &&
unzip sonar-scanner-${SONAR_SCANNER_VERSION} &&
cd /usr/bin && ln -s /sonar-scanner-${SONAR_SCANNER_VERSION}/bin/sonar-scanner sonar-scanner &&
apk del wget
COPY files/sonar-scanner-run.sh /usr/bin
这是 files/sonar-scanner-run.sh
文件:
#!/bin/sh
URL="<YOUR SONARQUBE URL>"
USER="<SONARQUBE USER THAT CAN ACCESS THE PROJECTS>"
PASSWORD="<USER PASSWORD>"
if [ -z "$SONAR_PROJECT_KEY" ]; then
echo "Undefined "projectKey"" && exit 1
else
COMMAND="sonar-scanner -Dsonar.host.url="$URL" -Dsonar.login="$USER" -Dsonar.password="$PASSWORD" -Dsonar.projectKey="$SONAR_PROJECT_KEY""
if [ ! -z "$SONAR_PROJECT_VERSION" ]; then
COMMAND="$COMMAND -Dsonar.projectVersion="$SONAR_PROJECT_VERSION""
fi
if [ ! -z "$SONAR_PROJECT_NAME" ]; then
COMMAND="$COMMAND -Dsonar.projectName="$SONAR_PROJECT_NAME""
fi
if [ ! -z $CI_BUILD_REF ]; then
COMMAND="$COMMAND -Dsonar.gitlab.commit_sha="$CI_BUILD_REF""
fi
if [ ! -z $CI_BUILD_REF_NAME ]; then
COMMAND="$COMMAND -Dsonar.gitlab.ref_name="$CI_BUILD_REF_NAME""
fi
if [ ! -z $SONAR_BRANCH ]; then
COMMAND="$COMMAND -Dsonar.branch="$SONAR_BRANCH""
fi
if [ ! -z $SONAR_ANALYSIS_MODE ]; then
COMMAND="$COMMAND -Dsonar.analysis.mode="$SONAR_ANALYSIS_MODE""
if [ $SONAR_ANALYSIS_MODE="preview" ]; then
COMMAND="$COMMAND -Dsonar.issuesReport.console.enable=true"
fi
fi
eval $COMMAND
fi
现在在我的项目中
.gitlab-ci.yml
我有这样的东西:
SonarQube:
image: <PATH TO YOUR IMAGE ON YOUR REGISTRY>
variables:
SONAR_PROJECT_KEY: "<YOUR PROJECT KEY>"
SONAR_PROJECT_NAME: "$CI_PROJECT_NAME"
SONAR_PROJECT_VERSION: "$CI_BUILD_ID"
script:
- /usr/bin/sonar-scanner-run.sh
这还不是全部.上面的 .gitlab-ci.yml
示例被简化了,因为我为 master 和其他分支(如 when:manual
)使用了不同的构建,并且我使用这个插件来在 GitLab 中获得反馈:https://gitlab.talanlabs.com/gabriel-allaigre/声纳-gitlab-插件
That't pretty much all. The above example of .gitlab-ci.yml
is simplified since I'm using diffrent builds for master and other branches (like when: manual
) and I use this plugin to get feedback in GitLab: https://gitlab.talanlabs.com/gabriel-allaigre/sonar-gitlab-plugin
如果您有任何问题,请随时提出.我花了一些时间才按照我想要的方式把这一切放在一起:) 实际上我还在微调它.
Feel free to ask if you have any questions. It took me some time to put this all together the way I want it :) Actually I'm still finetuning it.
这篇关于使用 gitlab ci 运行 sonarqube 扫描仪的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!