SonarQube自动扫描GitLab代码
安装gitlab-runner
插件挂载目录
mkdir -p /data/gitlab-runner/configdocker run -d --name gitlab-runner \
-v /data/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
--restart always \
--privileged=true \
gitlab/gitlab-runner注册gitlab-runner
来到要扫描的项目下,设置- CI/CD
展开Runner,可以看见你的链接和token,点击复制
从Runner复制后,进入gitlab-runner容器
依次输入:地址(http://git.hkeasyspeed.com/)、token(DGmZzRF7dk1p1JPwcu8A )、描述(report)、标签(report)、执行方式(docker)、镜像(sonarsource/sonar-scanner-cli:latest)
[root@localhost ~]# docker exec -it gitlab-runner bash
root@c73a1e8ec484:/# gitlab-runner register
Runtime platform arch=amd64 os=linux pid=294 revision=5316d4ac version=14.6.0
Running in system-mode.
Enter the GitLab instance URL (for example, https://gitlab.com/):
http://git.hkeasyspeed.com/
Enter the registration token:
DGmZzRF7dk1p1JPwcu8A
Enter a description for the runner:
[c73a1e8ec484]: report
Enter tags for the runner (comma-separated):
report
Registering runner... succeeded runner=DGmZzRF7
Enter an executor: docker-ssh, shell, docker+machine, docker-ssh+machine, virtualbox, kubernetes, custom, docker, parallels, ssh:
docker
Enter the default Docker image (for example, ruby:2.6):
sonarsource/sonar-scanner-cli:latest
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
root@c73a1e8ec484:/# exit
exit
[root@localhost ~]# 退出,刷新Runner页面可以看见有个可用的Runner,标签叫report
添加环境变量
1.新增项目的时候,我们可以直接忽略第一步直接点击继续,我们跑的是docker不是maven扫描不用修改pom.xml文件
2.将token和url添加到gitlab项目变量里
设置- CI/CD - 变量 - 展开 - 添加变量
新增SONAR_TOKEN=SnarQube生成的令牌值,SONAR_HOST_URL=SonarQube地址
其实变量也可以不用新增,直接编写.gitlab-ci.yml的时候直接明文指定也行。
编辑.gitlab-ci.yml
点击左侧的CI/CD - 编辑器 ,默认是没有gitlab-ci的yml文件,我们点击新建
将默认生成修改以下
项目标识:-Dsonar.projectKey=easyspeed-module-report
# This file is a template, and might need editing before it works on your project.
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Getting-Started.gitlab-ci.yml
# This is a sample GitLab CI/CD configuration file that should run without any modifications.
# It demonstrates a basic 3 stage CI/CD pipeline. Instead of real tests or scripts,
# it uses echo commands to simulate the pipeline execution.
#
# A pipeline is composed of independent jobs that run scripts, grouped into stages.
# Stages run in sequential order, but jobs within stages run in parallel.
#
# For more information, see: https://docs.gitlab.com/ee/ci/yaml/README.html#stages
image:
name: sonarsource/sonar-scanner-cli:latest
variables:
SONAR_TOKEN: "${SONAR_TOKEN}"
SONAR_HOST_URL: "${SONAR_HOST_URL}"
GIT_DEPTH: 0
sonarqube-check:
stage: build
script:
- sonar-scanner -X -Dsonar.qualitygate.wait=true -Dsonar.java.binaries=. -Dsonar.projectKey=easyspeed-module-report
allow_failure: true
only:
- master #安装了扫描多分支插件,在其他要扫描的分支创建相应.gitlab-ci.yml,修改成对应分值即可。
tags:
- report #要和注册的gitlab-runner 标签一致
保存后会立马跑一遍流水线
评论区