从 gitlab docker runner 启动 Sonar Scanner [英] Launching Sonar Scanner from a gitlab docker runner

问题描述

我有一个集成了 linting 作业和代码质量作业的 CI 工作流程.我的 Linting 工作是 docker runner 从应用程序代码启动我的 eslint 脚本.然后我的代码质量工作应该启动声纳扫描器 docker 实例，检查我的代码并将报告发送回我的 sonarqube 实例.

I have a CI workflow that integrates a linting job and then a code quality job. My Linting job is a docker runner launching my eslint script from the application code. Then my code quality job is supposed to start a sonar scanner docker instance, check my code and send the reports back to my sonarqube instance.

问题主要在于我无法使用以下两种解决方案正确启动声纳扫描仪:

The problem is mainly with the fact that i can't launch correctly the sonar scanner with either solutions which are :

声纳扫描仪 Dockerhttps://github.com/newtmitch/docker-sonar-scanner
此时，跑步者运行图像，但在启动其脚本时(仅是 sonar-scanner(带有潜在参数) 我收到此错误响应:

Sonar Scanner Docker https://github.com/newtmitch/docker-sonar-scanner
At this point, the runner runs the image but when starting its script (which is only sonar-scanner (with potential arguments) i get this error response :

sonar scanner unrecognized option -c

我不明白也无法控制，因为它是从 docker hub 拉取的已经制作好的 docker 映像

which i don't understand and have no control over since its an already made docker image pulled from the docker hub

在 docker 容器中从头开始安装声纳扫描仪
在这里，我所做的是通过将声纳扫描仪下载到容器中来安装声纳扫描仪，如下所示:

Sonar Scanner installation from scratch in a docker container
Here what i do is installing sonar scanner by downloading it in the container like so:

Dockerfile

FROM java:alpine  
ENV SONAR_SCANNER_VERSION 3.3.0.1492

RUN apk add --no-cache wget &&   
    wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip &&   
    unzip sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux &&   
    cd /usr/bin && ln -s /sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux/bin/sonar-scanner sonar-scanner &&   
    apk del wget

COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]

在这里我添加 wget 以便能够下载文件，然后我从他们官方 文档.然后我解压缩它，然后创建一个指向二进制文件的符号链接，以便我可以从任何地方执行脚本.我终于清除了 wget 缓存复制我的 shell 脚本，该脚本将从 gitlab-ci.yml 执行并运行 chmod 命令以绕过任何权限问题.

Here I add wget to be able to download files, then I download the latest version of sonar-scanner from the link found on their official documentation. I then unzip it and then create a symlink to the binary file so that I can execute the script from anywhere. I finally clear the wget cache copy my shell script that will be executed from the gitlab-ci.yml and run a chmod command to bypass any permission problems.

sonar-scanner-run.sh

URL="https://mysonarqubeserver"
USER="myusertoken"
SONAR_PROJECT_KEY="myprojectkey"


COMMAND="sonar-scanner -Dsonar.host.url="$URL" -Dsonar.login="$USER" -Dsonar.projectKey="$SONAR_PROJECT_KEY""

eval $COMMAND

环境变量都是在你创建项目后由sonarqube给出的.

the environment variables are all given by sonarqube after you create a project.

我认为这是一个Linux 问题"，我的符号链接没有创建，因为我在 gitlab ci 日志中得到了这个错误代码:

Here I have what I think is a "Linux Problem" where my symlink is not created since I get this error code in my gitlab ci logs :

Unkown command sonar-scanner

编辑符号链接现在可以工作(问题是解压缩的文件夹名称不正确)，但弹出另一条消息.声纳扫描仪现在实际上可以工作了，这是错误:

EDIT The symlink now works (problem was that the unziped folder name wasn't correct) but another message pops off. The sonar scanner actually works now here is the error:

INFO: ------------- Run sensors on module mytherapy
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=121ms
INFO: Sensor JavaSquidSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 14.285s
ERROR: Error during SonarQube Scanner execution
INFO: Final Memory: 25M/284M
INFO: ------------------------------------------------------------------------
ERROR: Please provide compiled classes of your project with sonar.java.binaries property

我的项目是 react-native，因此是 javascript 项目.我不明白为什么它需要 java 编译的类

My project is a react-native, therefore javascript project. I don't understand why it is requiring java compiled classes

这是我的 gitlab-ci.yml 文件，以防出现问题:

Here is my gitlab-ci.yml file in case a problem might be from here:

gitlab.ci.yml

cache:
  paths:
  - node_modules/

stages:
  - analysis
  - test

lint:
  stage: analysis
  image: "node:latest"  
  script: npm i && npm run lint
  tags: ["nodejs"]

code quality:
  stage: analysis
  image: <My image from the registry>
  script: 
    - /usr/bin/sonar-scanner-run.sh
pass tests:
  stage: test
  image: "node:latest"
  script: npm i && npm run test
  tags: ["nodejs"]

推荐答案

经过进一步调查，我可以说我为声纳扫描仪制作了一个可以与 gitlab ci 一起使用的工作 docker 映像.

After further investigations i can say that i made a working docker image for sonar scanner that can work with gitlab ci.

DOCKERFILE

FROM openjdk:8

LABEL maintainer="Aria Groult <aria.groult@outlook.fr>"

RUN apt-get update
RUN apt-get install -y curl git tmux htop maven sudo

# Install Node - allows for scanning of Typescript
RUN curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
RUN sudo apt-get install -y nodejs build-essential

WORKDIR /usr/src

RUN curl --insecure -o ./sonarscanner.zip -L https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.0.3.778-linux.zip && 
    unzip sonarscanner.zip && 
    rm sonarscanner.zip && 
    mv sonar-scanner-3.0.3.778-linux /usr/lib/sonar-scanner && 
  ln -s /usr/lib/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner

ENV SONAR_RUNNER_HOME=/usr/lib/sonar-scanner
COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]

您可能会在声纳扫描仪中遇到嵌入式 JRE 问题.如果发生这种情况，请通过将 useembeddedjava 设置为 false 来修改二进制文件.

You might get problems with the embedded JRE in sonar-scanner. If it happens, modify the binary by setting: useembeddedjava to false.

gitlab-ci.yml &sonar-scanner-run.sh 不变

sonar-project.properties

sonar.projectKey=projectkey
sonar.projectName=projectname
sonar.sourceEncoding=UTF-8
sonar.exclusions=node_modules/**,coverage/**
sonar.sources=./components
sonar.gitlab.project_id=linkToGit
sonar.host.url=hosturl
sonar.login=sonarqubeloginkey
sonar.exclusions=test/**, node_modules/**

指定 node_modules 被排除在 nodejs 项目中很重要，因为它们包含一些 java 文件，这些文件会在声纳扫描器过程中产生一些干扰.通常只在声纳扫描仪文件列表中包含未生成的文件

这篇关于从 gitlab docker runner 启动 Sonar Scanner的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！