1、服务端部署(docker)
1.1、docker部署(sonarqube:8.6-community为例)
[root@localhost home]# docker pull sonarqube:8.6-community
8.6-community: Pulling from library/sonarqube
0a6724ff3fcd: Pull complete
eb833291b55c: Pull complete
2a91bfbe66cb: Pull complete
db9c21026d71: Pull complete
ddac7b0d6339: Pull complete
Digest: sha256:6716837a86ab991205a7579b1630fb087c64624835c7f78aa233b6e1bf305082
Status: Downloaded newer image for sonarqube:8.6-community
docker.io/library/sonarqube:8.6-community
[root@localhost home]# docker run -d --name sonarqube -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p 9000:9000 sonarqube:8.6-community
5c59adcb9703647b7c2afc6a9e37954202a3306d132b1dee69a3f03331da02e7
1.2、zip部署(sonarqube-8.6.0.39681.zip为例)
1.2.1、下载sonarqube:https://www.sonarqube.org/downloads/
1.2.2、下载JDK11:https://www.oracle.com/java/technologies/javase-downloads.html
1.2.3、安装JDK11,解压,配置环境变量。
[root@localhost home]# tar -zxvf jdk-11.0.9_linux-x64_bin.tar.gz
[root@localhost home]# mv jdk-11.0.9 /usr/local
[root@localhost local]# vi /etc/profile
export JAVA_HOME=/usr/local/jdk-11.0.9
export PATH=$JAVA_HOME/bin:$PATH
[root@localhost local]# source /etc/profile
1.2.4、创建一个非root用户
useradd username 创建用户username
passwd user_pwd 给已创建的用户username设置密码
su username 切换到新用户
1.2.5、解压启动,并授权给新用户
[root@localhost home]# chown -R usernamesonarqube
# On Windows, execute:
C:\sonarqube\bin\windows-x86-64\StartSonar.bat
# On other operating systems, as a non-root user execute:
# ./sonar.sh { console | start | stop | force-stop | restart | status | dump }
/opt/sonarqube/bin/[OS]/sonar.sh console
2、客户端部署(Windows客户端)
2.1、下载客户端
http://IP:9000/documentation/analysis/scan/sonarscanner/
2.2、配置环境变量
D:\sonar-scanner-4.5.0.2216-windows\bin
2.3、创建项目,获取token
2.4、修改配置
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
sonar.host.url=http://IP:9000
#----- Default source code encoding
sonar.sourceEncoding=UTF-8
# your authentication token
sonar.login=admin
sonar.password=admin
2.5、启动
进入项目目录下,执行命令
sonar-scanner.bat -D"sonar.projectKey=trivy" -D"sonar.projectName=trivy" -D"sonar.projectVersion=1.0" -D"sonar.sources=D:/CODE/trivy-main"