从 gitlab docker runner 启动 Sonar Scanner [英] Launching Sonar Scanner from a gitlab docker runner
问题描述
我有一个集成了 linting 作业和代码质量作业的 CI 工作流程.我的 Linting 工作是 docker runner 从应用程序代码启动我的 eslint 脚本.然后我的代码质量工作应该启动声纳扫描器 docker 实例,检查我的代码并将报告发送回我的 sonarqube 实例.
I have a CI workflow that integrates a linting job and then a code quality job. My Linting job is a docker runner launching my eslint script from the application code. Then my code quality job is supposed to start a sonar scanner docker instance, check my code and send the reports back to my sonarqube instance.
问题主要在于我无法使用以下两种解决方案正确启动声纳扫描仪:
The problem is mainly with the fact that i can't launch correctly the sonar scanner with either solutions which are :
声纳扫描仪 Dockerhttps://github.com/newtmitch/docker-sonar-scanner
此时,跑步者运行图像,但在启动其脚本时(仅是 sonar-scanner(带有潜在参数)
我收到此错误响应:
Sonar Scanner Docker
https://github.com/newtmitch/docker-sonar-scanner
At this point, the runner runs the image but when starting its script (which is only sonar-scanner (with potential arguments)
i get this error response :
sonar scanner unrecognized option -c
我不明白也无法控制,因为它是从 docker hub 拉取的已经制作好的 docker 映像
which i don't understand and have no control over since its an already made docker image pulled from the docker hub
在 docker 容器中从头开始安装声纳扫描仪
在这里,我所做的是通过将声纳扫描仪下载到容器中来安装声纳扫描仪,如下所示:
Sonar Scanner installation from scratch in a docker container
Here what i do is installing sonar scanner by downloading it in the container like so:
Dockerfile
FROM java:alpine
ENV SONAR_SCANNER_VERSION 3.3.0.1492
RUN apk add --no-cache wget &&
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip &&
unzip sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux &&
cd /usr/bin && ln -s /sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux/bin/sonar-scanner sonar-scanner &&
apk del wget
COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]
在这里我添加 wget 以便能够下载文件,然后我从他们官方 文档.然后我解压缩它,然后创建一个指向二进制文件的符号链接,以便我可以从任何地方执行脚本.我终于清除了 wget 缓存复制我的 shell 脚本,该脚本将从 gitlab-ci.yml 执行并运行 chmod 命令以绕过任何权限问题.
Here I add wget to be able to download files, then I download the latest version of sonar-scanner from the link found on their official documentation. I then unzip it and then create a symlink to the binary file so that I can execute the script from anywhere. I finally clear the wget cache copy my shell script that will be executed from the gitlab-ci.yml and run a chmod command to bypass any permission problems.
sonar-scanner-run.sh
URL="https://mysonarqubeserver"
USER="myusertoken"
SONAR_PROJECT_KEY="myprojectkey"
COMMAND="sonar-scanner -Dsonar.host.url="$URL" -Dsonar.login="$USER" -Dsonar.projectKey="$SONAR_PROJECT_KEY""
eval $COMMAND
环境变量都是在你创建项目后由sonarqube给出的.
the environment variables are all given by sonarqube after you create a project.
我认为这是一个Linux 问题",我的符号链接没有创建,因为我在 gitlab ci 日志中得到了这个错误代码:
Here I have what I think is a "Linux Problem" where my symlink is not created since I get this error code in my gitlab ci logs :
Unkown command sonar-scanner
编辑符号链接现在可以工作(问题是解压缩的文件夹名称不正确),但弹出另一条消息.声纳扫描仪现在实际上可以工作了,这是错误:
EDIT The symlink now works (problem was that the unziped folder name wasn't correct) but another message pops off. The sonar scanner actually works now here is the error:
INFO: ------------- Run sensors on module mytherapy
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=121ms
INFO: Sensor JavaSquidSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 14.285s
ERROR: Error during SonarQube Scanner execution
INFO: Final Memory: 25M/284M
INFO: ------------------------------------------------------------------------
ERROR: Please provide compiled classes of your project with sonar.java.binaries property
我的项目是 react-native,因此是 javascript 项目.我不明白为什么它需要 java 编译的类
My project is a react-native, therefore javascript project. I don't understand why it is requiring java compiled classes
这是我的 gitlab-ci.yml 文件,以防出现问题:
Here is my gitlab-ci.yml file in case a problem might be from here:
gitlab.ci.yml
cache:
paths:
- node_modules/
stages:
- analysis
- test
lint:
stage: analysis
image: "node:latest"
script: npm i && npm run lint
tags: ["nodejs"]
code quality:
stage: analysis
image: <My image from the registry>
script:
- /usr/bin/sonar-scanner-run.sh
pass tests:
stage: test
image: "node:latest"
script: npm i && npm run test
tags: ["nodejs"]
推荐答案
经过进一步调查,我可以说我为声纳扫描仪制作了一个可以与 gitlab ci 一起使用的工作 docker 映像.
After further investigations i can say that i made a working docker image for sonar scanner that can work with gitlab ci.
DOCKERFILE
FROM openjdk:8
LABEL maintainer="Aria Groult <aria.groult@outlook.fr>"
RUN apt-get update
RUN apt-get install -y curl git tmux htop maven sudo
# Install Node - allows for scanning of Typescript
RUN curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
RUN sudo apt-get install -y nodejs build-essential
WORKDIR /usr/src
RUN curl --insecure -o ./sonarscanner.zip -L https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.0.3.778-linux.zip &&
unzip sonarscanner.zip &&
rm sonarscanner.zip &&
mv sonar-scanner-3.0.3.778-linux /usr/lib/sonar-scanner &&
ln -s /usr/lib/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner
ENV SONAR_RUNNER_HOME=/usr/lib/sonar-scanner
COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]
您可能会在声纳扫描仪中遇到嵌入式 JRE 问题.如果发生这种情况,请通过将 useembeddedjava 设置为 false 来修改二进制文件.
You might get problems with the embedded JRE in sonar-scanner. If it happens, modify the binary by setting: useembeddedjava to false.
gitlab-ci.yml &sonar-scanner-run.sh 不变
sonar-project.properties
sonar.projectKey=projectkey
sonar.projectName=projectname
sonar.sourceEncoding=UTF-8
sonar.exclusions=node_modules/**,coverage/**
sonar.sources=./components
sonar.gitlab.project_id=linkToGit
sonar.host.url=hosturl
sonar.login=sonarqubeloginkey
sonar.exclusions=test/**, node_modules/**
指定 node_modules 被排除在 nodejs 项目中很重要,因为它们包含一些 java 文件,这些文件会在声纳扫描器过程中产生一些干扰.通常只在声纳扫描仪文件列表中包含未生成的文件
这篇关于从 gitlab docker runner 启动 Sonar Scanner的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!