Author: Kenny Allen

Email: [email protected]

preface

In the process of software development, it is very laborious to check the loopholes and potential bugs in the project code manually. In order to solve this pain point, SonarQube was born to implement a series of automatic code detection processes, including naming conventions, code loopholes, code duplication, etc.

However, SonarQube alone is not as efficient as it should be, and a complete continuous code quality inspection should work with code warehouses (such as GitLab) and Jenkins to build an automated process.

The environment

  • Gitlab, Jenkins, SonarQube services all run in Docker ona physical machine

  • Network (LAN IP: 192.168.1.100)

  • Host science Internet agent

    192.168.1.100:1087

  • Simulate extranet access

    # change the hosts file Sudo sh -c "echo '192.168.1.100 jenkins.kenny.com\n192.168.1.100 gitlab.kenny.com\n192.168.1.100 sonarqube.kenny.com' >> /etc/hosts"Copy the code

  • Tool set

The name of the version
golang go1.10.3
docker 18.03.1 – ce

Set up

Next, I will introduce the setup process with a complete case study.

Jenkins

Start the service
# $jenkins_home Host directory, Jenkins export jenkins_HOME =~/. Jenkins docker run -d --restart=always -p 8080:8080 -v $JENKINS_HOME:/var/ JENKINS_HOME --name Jenkins JenkinsCopy the code
Initialize the

  1. Open your browser and go to jenkins.kenny.com:8080

    # found in the log the administrator password docker logs -f Jenkins # or in $JENKINS_HOME/secrets/initialAdminPassword finds the administrator password cat file $JENKINS_HOME/secrets/initialAdminPasswordCopy the code

  2. Install recommended plugins (if you want to customize your plugins, click Select Plugins to Install)

  3. Creating an Administrator Account

  4. Initialization completed

Gitlab

Start service (GitLab integrates a large number of services, so it needs to occupy a large amount of memory, more than 4GB is officially recommended)
Gitlab export gitlab_HOME =~/. Gitlab docker run -d --restart=always -e 'GITLAB_HOST=gitlab.kenny.com' -p 443:443 -p 80:80 -p 22:22 -v $GITLAB_HOME/conf:/etc/gitlab -v $GITLAB_HOME:/var/opt/gitlab -v $GITLAB_HOME/log:/var/log/gitlab --name gitlab gitlab/gitlab-ce logs -f gitlabCopy the code
Initialize the

  1. Open your browser and visit gitlab.kenny.com

  2. After the new password is set, log in as the root user

  3. New Sonarqube project team

  4. Create a new demo project under sonarqube

  5. Add the host public key to Gitlab

    Cat ~/. SSH /id_rsa.pubCopy the code

    Visit gitlab.kenny.com/profile/key… To add the public key to Gitlab

  6. Pull the Sonarqube/Demo project under $GOPATH on the host

    # to create gitlab.kenny.com folder under $GOPATH mkdir -p $GOPATH/src/gitlab.kenny.com && CD $# GOPATH/src/gitlab.kenny.com clone code git clone [email protected]:sonarqube/demo.gitCopy the code

SonarQube

Start the service
# Since sonarqube's official Docker images only has version 7.1, which does not meet SonarGO's requirement of version 7.2+, So I created a reference 7.1 Dockerfile sonarqube 7.2.1 mirror # # I $sonarqube_home hosting catalog data volume directory is ~ /. Sonarqube export SONARQUBE_HOME=~/. Sonarqube # External database services should be enabled in the formal environment to store the necessary data. Set the following JDBC parameters when starting the container: # -e SONARQUBE_JDBC_USERNAME=sonar # -e SONARQUBE_JDBC_PASSWORD=sonar # -e SONARQUBE_JDBC_URL=jdbc:postgresql://localhost/sonar docker run -d --restart=always -p 9000:9000 -v $SONARQUBE_HOME: / opt/sonarqube/data - the name sonarqube kennyallen/sonarqube: 7.2.1 # check sonarqube log docker logs - f sonarqubeCopy the code
Initialize the

  1. Open your browser and go to sonarqube.kenny.9000

  2. Log in using an administrator account

    • The admin account
    • The admin password

  3. Generate token (as remote connection SonarQube identity, only generated once, remember to backup)

    admin_token: 74439d5bc557dcc206fa8b1f2f5516e65680bdc8

  4. Install plug-ins (go to Administration -> Marketplace)

    Once the installation is complete, click restart SonarQube service

integration

  • Organically integrate Jenkins, Gitlab and SonarQube

Jenkins install plugins

  1. Go to System Administration -> Plug-in Management -> Optional plug-ins

  2. Filter select Gitlab and SonarQube Scanner, click download and install after restart

Jenkins configuration

  1. Install SonarQube & JDK

    Choose System > Global Tool Configuration

    The JDK installation

    SonarQube Scanner installed

  2. SonarQube Server

    Choose System Management > System Settings

    Find SonarQube servers

    Fill in Name freely

    Server URL: sonarqube.kenny.com:9000

    Server version: 5.3 or higher

    Server Authentication Token: Specifies the token generated during SonarQube initialization

  3. Cancel Gitlab authorization

    Deselect Enable authentication for ‘/project’ end-point and save

  4. Install golang environment and tools in Jenkins container

    Docker exec it Jenkins /bin/bash export GOROOT=$JENKINS_HOME/go export GOPATH = $JENKINS_HOME/workspace/go export PATH = $PATH: $GOROOT/bin: $GOPATH/bin export http_proxy = http://192.168.1.100:1087; Export https_proxy = http://192.168.1.100:1087; # enter Jenkins CD $home directory JENKINS_HOME wget download golang # # decompression golang package at https://dl.google.com/go/go1.10.3.linux-amd64.tar.gz Tar -xvf go1.10.3.linux-amd64.tar.gz # delete golang package rm go1.10.3.linux-amd64.tar.gz # install necessary tools # vgo go get -u-v golang.org/x/vgo # gometalinter go get -u -v github.com/alecthomas/gometalinter gometalinter --installCopy the code

  5. Configuring Email Notification

    Choose System Management > System Settings

    Jenkins Location

    Change the email address of the system administrator to your own email address, such as [email protected]

    Extend E-mail Notification

    SMTP Server Enter the SMTP service address, for example, smtp.163.com

    Select SMTP authentication

    Note Do not add @xxx.xxx to the user name

    Password Enter your email password or authorization code

    Default Triggers Check Always

Create a New Jenkins build task

  1. Build a new free-style software project

  2. Use custom workspaces

    Directory: $JENKINS_HOME/workspace/go/src/gitlab.kenny.com/demo

  3. Source code management

    The Repository URL:gitlab.kenny.com/sonarqube/d…

    The Credentials: Gitlab User name, password, or SSH login mode are acceptable

  4. Build the trigger, checked

    Build the when a change is pushed to GitLab GitLab webhook URL: jenkins.kenny.com: 8080 / project/dem…

    Enabled GitLab Triggers Select Push Events and Accepted Merge Request Events to trigger a build when a Push or Merge operation occurs in GitLab.

  5. New webhook

    In the browser open gitlab.kenny.com/admin/appli… (Please log in as root), find Outbound Requests, click Expand, select Allow Requests to the Local Network from hooks and Services and save the changes. (Githook allows local network)

    Enter the gitlab.kenny.com/sonarqube/d…

    URL: jenkins.kenny.com: 8080 / project/dem…

    SecretToken: don’t fill in

    Select Push Events, Merge Request Events

    Deselect Enable SSL verification

    Click Add Web Hook

  6. To add build steps, select Execute Shell

    #! /bin/bash # Export GOROOT=$JENKINS_HOME/go export GOPATH=$JENKINS_HOME/workspace/go export PATH = $PATH: $GOROOT/bin: $GOPATH/bin export http_proxy = http://192.168.1.100:1087; Export https_proxy = http://192.168.1.100:1087; Vgo modd-vendor # Coverage go test./... -coverprofile=coverage.out # test go test ./... -json > report.json # vet go vet ./... 2> govet-report.out # golint golint ./... > golint - report. Out # # gometalinter execution gometalinter will fail, so add the | | true gometalinter. /... > gometalinter-report.out || trueCopy the code

  7. To add build steps, select Execute SonarQube Scanner

    Analysis properties

    sonar.projectKey=gitlab.kenny.com
sonar.projectName=demo
sonar.sources=.
sonar.exclusions=**/*_test.go,**/vendor/**
sonar.tests=.
sonar.test.inclusions=**/*_test.go
sonar.test.exclusions=**/vendor/**
sonar.go.coverage.reportPaths=coverage.out
sonar.go.tests.reportPaths=report.json
sonar.go.govet.reportPaths=govet-report.out
sonar.go.golint.reportPaths=golint-report.out
sonar.go.gometalinter.reportPaths=gometalinter-report.outCopy the code

  8. To add post-build actions, select Editable Email Notification

    Enter the Project Recipient List Email address or use the default configuration

    Default Content plus SonarQube URL: sonarqube.kenny.com:9000

test

# clone demo code CD $GOPATH/src/gitlab.kenny.com && git clone [email protected]: yuhao5 / sonarqube - golang. Git && rm - rf demo Sonarqube - Golang Demo && CD Demo # Push code, Trigger Jenkins tasks automatically build git remote add gitlab [email protected]: sonarqube/demo git git push -u gitlab master # if gitlab Warehouse address is not [email protected]: sonarqube/demo. Git, please according to the following changes: Docker exec -it gitlab /bin/bash vim /etc/gitlab/gitlab.rb Change it to external_url 'http://gitlab.kenny.com' # and run gitlab-ctl reconfigureCopy the code

TODO

  1. Fixed gometalinter execution failure
  2. Golang quality standard, custom rules
  3. .