SonarQube 项目管理
规则使用
创建配置 激活规则 修改质量配置
质量阈设置
设定所有代码异味大于1的质量阈,再次提交代码后出发jenkins构建,查看sonarqube,提示错误
质量阈错误-通知管理员并终止流水线
参考文档: https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-jenkins/ 这边使用使用的是获取sonar api 状态 Jenkins创建一个sonar登入账户密码的凭证 创建获取sonar状态的 jenkins共享库 Jenkinslib/jenkinslib/src/org/devops/sonarapi.groovy
package org.devops
//封装HTTP
def HttpReq(reqType,reqUrl,reqBody){
def sonarServer = "http://****:9000/api"
// httpRequest authentication: 'sonar-admin-user' ---- jenkins 流水先生成 httpRequest: Perform an HTTP Request and return a response object
result = httpRequest authentication: 'sonar-admin-user',
httpMode: reqType,
contentType: "APPLICATION_JSON",
consoleLogResponseBody: true,
ignoreSslErrors: true,
requestBody: reqBody,
url: "${sonarServer}/${reqUrl}"
//quiet: true
return result
}
//获取Sonar质量阈状态
def GetProjectStatus(projectName){
apiUrl = "project_branches/list?project=${projectName}"
response = HttpReq("GET",apiUrl,'')
//对返回的值做json解析
// {
// "branches": [{
// "name": "master",
// "isMain": true,
// "type": "BRANCH",
// "status": {
// "qualityGateStatus": "ERROR"
// },
// "analysisDate": "2022-07-27T16:12:17+0800",
// "excludedFromPurge": true
// }]
// }
response = readJSON text: """${response.content}"""
result = response["branches"][0]["status"]["qualityGateStatus"]
return result
}
修改Jenkinsfile 在 sonar扫描后进行流水线暂停并发送警告邮件
def sonarapi = new org.devops.sonarapi()
...
stage("QA"){
steps{
script{
tools.PrintMes("代码扫描","green")
sonar.SonarScan("test","${JOB_NAME}","${JOB_NAME}","src")
tools.PrintMes("获取扫描结果","green")
result = sonarapi.GetProjectStatus("${JOB_NAME}")
println(result)
//判断状态
if (result.toString() == "ERROR"){
toemail.Email("代码质量阈错误,请及时修改!!!",userEmail)
error " 代码质量阈错误,请及时修改!!!"
} else {
println(result)
}
}
}
}
实践
遇到的问题
在复制流水先线运行时报错 因为runOpts没有默认值,所以在运行的Jenkinsfille 中添加参数就行
//新增
// runOpts没有默认值,复制流水线运行报错
def runOpts
...
post {
always{
script{
println("always")
}
}
success{
script{
println("success")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"success")
}
toemail.Email("流水线成功",userEmail)
}
}
failure{
script{
println("failure")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"failed")
}
toemail.Email("流水线失败了!",userEmail)
}
}
aborted{
script{
println("aborted")
if ("${runOpts}" == "GitlabPush"){
gitlab.ChangeCommitStatus(projectId,commitSha,"canceled")
}
toemail.Email("流水线被取消了!",userEmail)
}
}
}
api接口文档
复制的流水线运行时存在的问题
没有指定sonar 规则及质量阈配置质量阈之前需要先选定项目,所以需要提前创建项目
//需要用刀的sonar api
//查找项目
api/projects/search?projects=${projectName}"
//创建项目
apl/projects/create?nene=${projectNane}&project=${projectName}"
//更新语言规则集
api/qualityprofiles/add_project?language-=${language}&qualityProfile=${qualityProfile&project=${projectName}"
//项目授权
api/permissions/apply_template?projectKey=${projectKey}&templateName=${templateName}"
//更新质量阈
api/qualitygates/select?projectKeys=${projectKey}&gateId=${gateId}"
查看 sonarqube 的api接口文档
实践1- Jenkins构建时在sonarqube中创建相应项目方便指定质量规则及质量阈
Jenkinslib/jenkinslib/src/org/devops/sonarapi.groovy
//创建sonar项目
def CreateProject(projectName){
apiUrl = "projects/create?name=${projectName}&project=${projectName}"
response = HttpReq("POST",apiUrl,'')
println(response)
}
Jenkinsfile
//先进行项目搜索,如果搜索失败(项目不存在)就创建项目
stage("QA"){
steps{
script{
tools.PrintMes("搜索项目","green")
result = sonarapi.SearchProject("${JOB_NAME}")
println(result)
if (result == "flase"){
println("${JOB_NAME} --- 项目不存在,准备创建项目!")
sonarapi.CreateProject("${JOB_NAME}")
} else {
println("${JOB_NAME} --- 项目已存在")
}
...
实践2- 在代码扫描前配置质量规则(对应质量规则必须存在)
Jenkinslib/jenkinslib/src/org/devops/sonarapi.groovy
//配置项目质量规则
def ConfigQualityProfiles(projectName,lang,qpname){
apiUrl = "qualityprofiles/add_project?language=${lang}&project=${projectName}&qualityProfile=${qpname}"
response = HttpReq("POST",apiUrl,'')
println(response)
}
Jenkinsfile
tools.PrintMes("配置项目质量规则","green")
qpName = "${JOB_NAME}".split("-")[0]
sonarapi.ConfigQualityProfiles("${JOB_NAME}","java",qpName)
实践3- 配置项目质量阈
Jenkinslib/jenkinslib/src/org/devops/sonarapi.groovy
//获取质量阈ID
def GetQualtyGateId(gateName){
apiUrl= "qualitygates/show?name=${gateName}"
response = HttpReq("GET",apiUrl,'')
response = readJSON text: """${response.content}"""
result = response["id"]
return result
}
//配置项目质量阈
def ConfigQualityGates(projectName,gateName){
gateId = GetQualtyGateId(gateName)
apiUrl = "qualitygates/select?gateId=${gateId}&projectKey=${projectName}"
response = HttpReq("POST",apiUrl,'')
println(response)println(response)
}
Jenkinsfile
tools.PrintMes("配置质量阈","green")
sonarapi.ConfigQualityGates("${JOB_NAME}",qpName)
效果
扩展–SonarQube分支插件
插件地址:https://github.com/mc1arke/sonarqube-community-branch-plugin
文章来源
发表评论