从gitlab docker运行程序启动Sonar Scanner [英] Launching Sonar Scanner from a gitlab docker runner

问题描述

我有一个CI工作流，该工作流整合了棉绒作业和代码质量作业。我的Linting工作是一个Docker运行程序，它从应用程序代码启动我的eslint脚本。然后我的代码质量工作应该启动一个声纳扫描器docker实例，检查我的代码并将报告发送回我的声纳实例。

I have a CI workflow that integrates a linting job and then a code quality job. My Linting job is a docker runner launching my eslint script from the application code. Then my code quality job is supposed to start a sonar scanner docker instance, check my code and send the reports back to my sonarqube instance.

问题主要在于事实我不能使用以下两种解决方案正确启动声纳扫描仪：

The problem is mainly with the fact that i can't launch correctly the sonar scanner with either solutions which are :

Sonar Scanner Docker
https://github.com/newtmitch/docker-sonar-scanner

在至此，跑步者将运行图像，但是在启动其脚本时（只有 sonar-scanner（具有潜在的参数）我收到此错误响应：

Sonar Scanner Docker https://github.com/newtmitch/docker-sonar-scanner
At this point, the runner runs the image but when starting its script (which is only sonar-scanner (with potential arguments) i get this error response :

sonar scanner unrecognized option -c

我不理解，也无法控制，因为它已经从docker hub提取了一个已经制作好的docker镜像

which i don't understand and have no control over since its an already made docker image pulled from the docker hub

声纳扫描仪安装从头开始放置在Docker容器中

这是我的工作通过将其下载到容器中来安装声纳扫描仪，如下所示：

Sonar Scanner installation from scratch in a docker container
Here what i do is installing sonar scanner by downloading it in the container like so:

Dockerfile

FROM java:alpine  
ENV SONAR_SCANNER_VERSION 3.3.0.1492

RUN apk add --no-cache wget && \  
    wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip && \  
    unzip sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux && \  
    cd /usr/bin && ln -s /sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux/bin/sonar-scanner sonar-scanner && \  
    apk del wget

COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]

在这里我添加了wget以便能够下载文件，然后我从官方上找到的链接下载了最新版本的声纳扫描仪。文档。然后，我解压缩它，然后创建一个指向二进制文件的符号链接，以便可以从任何地方执行脚本。最后，我清除了wget缓存，将其复制了将从gitlab-ci.yml执行的shell脚本，并运行chmod命令以绕过任何权限问题。

Here I add wget to be able to download files, then I download the latest version of sonar-scanner from the link found on their official documentation. I then unzip it and then create a symlink to the binary file so that I can execute the script from anywhere. I finally clear the wget cache copy my shell script that will be executed from the gitlab-ci.yml and run a chmod command to bypass any permission problems.

sonar-scanner-run.sh

URL="https://mysonarqubeserver"
USER="myusertoken"
SONAR_PROJECT_KEY="myprojectkey"


COMMAND="sonar-scanner -Dsonar.host.url=\"$URL\" -Dsonar.login=\"$USER\" -Dsonar.projectKey=\"$SONAR_PROJECT_KEY\""

eval $COMMAND

创建项目后，所有环境变量均由sonarqube给出。

the environment variables are all given by sonarqube after you create a project.

在这里，我有一个我认为是 Linux问题的地方，因为我在gitlab ci日志中收到此错误代码，所以未创建我的符号链接：

Here I have what I think is a "Linux Problem" where my symlink is not created since I get this error code in my gitlab ci logs :

Unkown command sonar-scanner

编辑
符号链接现在可以正常工作（问题是未解压缩的文件夹名称不正确），但是弹出另一条消息。声纳扫描仪现在实际上可以正常工作，这里是错误：

EDIT The symlink now works (problem was that the unziped folder name wasn't correct) but another message pops off. The sonar scanner actually works now here is the error:

INFO: ------------- Run sensors on module mytherapy
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=121ms
INFO: Sensor JavaSquidSensor [java]
INFO: Configured Java source version (sonar.java.source): none
INFO: JavaClasspath initialization
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 14.285s
ERROR: Error during SonarQube Scanner execution
INFO: Final Memory: 25M/284M
INFO: ------------------------------------------------------------------------
ERROR: Please provide compiled classes of your project with sonar.java.binaries property

我的项目是React-native，因此是javascript项目。我不明白为什么它需要Java编译的类

My project is a react-native, therefore javascript project. I don't understand why it is requiring java compiled classes

这是我的gitlab-ci.yml文件，以防万一问题出在这里：

Here is my gitlab-ci.yml file in case a problem might be from here:

gitlab.ci.yml

cache:
  paths:
  - node_modules/

stages:
  - analysis
  - test

lint:
  stage: analysis
  image: "node:latest"  
  script: npm i && npm run lint
  tags: ["nodejs"]

code quality:
  stage: analysis
  image: <My image from the registry>
  script: 
    - /usr/bin/sonar-scanner-run.sh
pass tests:
  stage: test
  image: "node:latest"
  script: npm i && npm run test
  tags: ["nodejs"]

推荐答案

经过进一步调查，我可以说我为声纳扫描仪制作了一个可以与gitlab ci配合使用的docker图像。

After further investigations i can say that i made a working docker image for sonar scanner that can work with gitlab ci.

DOCKERFILE

FROM openjdk:8

LABEL maintainer="Aria Groult <aria.groult@outlook.fr>"

RUN apt-get update
RUN apt-get install -y curl git tmux htop maven sudo

# Install Node - allows for scanning of Typescript
RUN curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
RUN sudo apt-get install -y nodejs build-essential

WORKDIR /usr/src

RUN curl --insecure -o ./sonarscanner.zip -L https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.0.3.778-linux.zip && \
    unzip sonarscanner.zip && \
    rm sonarscanner.zip && \
    mv sonar-scanner-3.0.3.778-linux /usr/lib/sonar-scanner && \
  ln -s /usr/lib/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner

ENV SONAR_RUNNER_HOME=/usr/lib/sonar-scanner
COPY sonar-scanner-run.sh /usr/bin
RUN ["chmod", "+x", "/usr/bin/sonar-scanner-run.sh"]

声纳扫描仪中的嵌入式JRE可能会出现问题。如果发生这种情况，请通过将useembeddedjava设置为false来修改二进制文件。

You might get problems with the embedded JRE in sonar-scanner. If it happens, modify the binary by setting: useembeddedjava to false.

gitlab-ci.yml& sonar-scanner-run.sh保持不变

sonar-project.properties

sonar.projectKey=projectkey
sonar.projectName=projectname
sonar.sourceEncoding=UTF-8
sonar.exclusions=node_modules/**,coverage/**
sonar.sources=./components
sonar.gitlab.project_id=linkToGit
sonar.host.url=hosturl
sonar.login=sonarqubeloginkey
sonar.exclusions=test/**, node_modules/**

这很重要指定在nodejs项目中排除的node_modules，因为它们包含一些Java文件，这些文件会在声纳扫描仪过程中造成一些不便。通常，仅将未生成的文件包括在声纳扫描仪文件列表中

这篇关于从gitlab docker运行程序启动Sonar Scanner的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！