Code scanning

1.1 sonarqube specification

Since there are many projects, Sonarqube’s tokens are defined by users so that multiple projects can share a single token

1.2 variable

  • SONAR_TOKEN: Sonarqube token, created on the Sonarqube server under the user, used by all projects. This variable is set in the GitLab server environment variable. * * * *

  • SONAR_HOST: Sonarqube server address in this variable set in the GitLab server environment variable.

  • PROJECT_NAME: The project name, placed in a global variable

1.3 the CI file

.scan:
  script:
    - echo -e "\033[5;35;40m code scan \033[0m"
    - sonar-scanner -Dsonar.projectKey=${PROJECT_NAME} -Dsonar.sources=. -Dsonar.host.url=${SONAR_HOST} -Dsonar.login=${SONAR_TOKEN}
  retry:
    max: 2
    when:
      - always
  #parallel: 2
  allow_failure: true

Copy the code

Ii Unit Test

Integrate the unit tests into the TEST stage of the CI, and then integrate deploy Pages into the Deploy step.

2.1 Enable Gitlab Pages

Gitlab Pages needs to be enabled on the Gitlab server configuration, which needs to be completed with Gitlab CI. Note that the name must be Pages and stage must be deploy. Gitlab Pages will always look for static files in the public directory of the repository where Gitlab Pages is opened. In other words, the public directory is not visible.

  • Enable gitlab pages

Edit /etc/gitlab/gitlab.rb to enable gitlab page

gitlab_pages['access_control'] = true
pages_external_url "http://xx.xx.xx.xx"
gitlab_pages['enable'] = true
Copy the code

Run gitlab-ctl reconfigure to enable pages.

  • Access in IP plus port mode

But if you don’t want to go through the hassle of having to configure a domain name, there is also a solution. Since the GitLab Pages service is deployed in Nginx, we can also configure Nginx to access it through an IP address.

GitLab Nginx is not available in GitLab, but is not available in GitLab.

1, Pages deployment directory: /var/opt/gitlab/gitlab-rails/shared/ Pages

2, built-in Nginx directory: /var/opt/gitlab/ Nginx

Use the IP and port access, need to configure the gitlab nginx, edit the configuration file/var/opt/gitlab/nginx/conf/gitlab – pages. Conf

server {
  listen * : 80;
  server_name  ~ ^ (? 
      
       .*)$;
      
  server_tokens off; ## Don't show the nginx version number, a security best practice

  ## Disable symlink traversal
  disable_symlinks on;
  access_log  /var/log/gitlab/nginx/gitlab_pages_access.log gitlab_access;
  error_log   /var/log/gitlab/nginx/gitlab_pages_error.log;

  # Pass everything to pages daemon
  location / {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto http;
    proxy_cache off;
    root /var/opt/gitlab/gitlab-rails/shared/pages/devops;    
    #proxy_pass http://localhost:8090;
  }
  error_page 403 /403.html;
  error_page 404 /404.html;
}
Copy the code

Run the restart command to restart gitlab-ctl restart nginx.

2.2 Performing unit tests

Perform unit tests to produce HTML reports and generate page files in the Coverage directory.

test-dev:
  image: Python: 3.6
  variables:
    RUN_PY: runtests.py
    PROJECT_NAME: smartant_api_linux
    PROJECT_GROUP: devops
  tags:
    - devops-dev-runner
  stage: test-scan
  script:
    - echo -e "\033[5;35;40m code scan \033[0m"
    - cd /builds/${PROJECT_GROUP}/${PROJECT_NAME}
    - pip install --default-timeout=500 -r requirements/requirements.txt -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com			# Install environment dependency
    - cd test && coverage run --include=.. /application.py,.. /logs.py,.. /libs/*.py,.. /views/*.py  --omit="test_*.py" ${RUN_PY} && echo 0 || echo 0				# Execute unit tests
    - coverage report -m
    - coverage html -d ../coverage	# Production Report
    - ls -l
    - pwd
  artifacts:
    paths:
      - coverage				Store reports in artifacts
  only:
    - dev
  retry:
    max: 2
    when:
      - always
  allow_failure: true

Copy the code

2.3 the deployment of pages

The unit test has been completed in the previous step and the overwrite HTML file is generated according to the unit test. In this deployment, deploy Pages. Note: The name must be pages and stage is deploy, where the step depends on the stage that generates the static file and passes the artifact in that step, renamed public. Since nginx has been configured previously, the file under public can be accessed using the IP port.

pages:
  variables:
    PROJECT_NAME: smartant_api_linux
  tags:
    - devops-dev-runner
  stage: deploy
  dependencies:
    - test-dev
  script:
    - echo -e "\033[5;35;40m deploy gitlab page \033[0m"
    - mv coverage/ public/
  artifacts:
    expire_in: 3 days
    paths:
      - public/
  only:
    - dev
Copy the code

Access: Access by project name + public.

Refer to the link

  • About.gitlab.com/blog/2016/1…
  • Docs.gitlab.com/ee/user/pro…
  • gitlab.com/pages
  • www.youtube.com/watch?v=dD8…
  • My.oschina.net/doctorlzr19…
  • Docs.gitlab.com/ee/ci/yaml/…
  • Docs.gitlab.com/ee/ci/yaml/…