1.首先需要在Jenkins中集成SonarQube
-
进入到Jenkins中的Configure System
-
进行配置SonarQube servers
备注:Jenkinsfile中的SONAR_HOST_URL和SONAR_AUTH_TOKEN都是获取的该处的值。 -
在pom.xml中添加sonar-maven-plugin插件
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>
</plugin>
2.编写Jenkinsfile
pipeline {
agent any
environment {
//配置使用哪个 凭据ID 进行认证
CREDENTIALS_ID = 'taoruicheng'
//git@XXX:taoruicheng/hello-world.git
GIT_URL = 'git@XXX:taoruicheng/hello-world.git'
//docker服务器
DOCKER_SERVER_URL = '192.168.3.169:5000'
//snapshot的会使用该端口启动镜像
SERVER_PORT = '8080';
//读取pom的group等信息
ARTIFACTID = readMavenPom().getArtifactId()
VERSION = readMavenPom().getVersion()
GROUPID = readMavenPom().getGroupId()
}
tools {
maven 'maven3.6.3'
}
parameters {
booleanParam(name: 'DockerBuild', defaultValue: false, description: '是否需要生成docker镜像?',)
booleanParam(name: 'SonarQubeAnalysis', defaultValue: false, description: '使用SonarQube进行代码检测?')
choice(name: 'Profiles', choices: 'test\nprod', description: '请选择部署的环境\n')
gitParameter name: 'Branch', type: 'PT_BRANCH_TAG', defaultValue: 'origin/master', description: '代码分支'
}
stages {
stage('[使用说]') {
steps {
echo '>>>>>>>>>>>>>>>>>>>>>>>>>>>'
echo '>>>1.当要生成docker镜像时,会按照groupId/artifactId:version的方式,生成docker的镜像'
echo '>>>2.代码的质量检测结果会推送到sonarqube'
echo '>>>3.选择Profiles的后,会根据test或prod执行maven命令'
echo '>>>>>>>>>>>>>>>>>>>>>>>>>>>'
}
}
stage('[GIT]pull') {
steps {
echo "【拉取代码】开始拉取${GIT_URL}的${params.Branch}分支代码"
checkout([$class: 'GitSCM', branches: [[name: "${params.Branch}"]], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: "${CREDENTIALS_ID}", url: "${GIT_URL}"]]])
echo '【拉取代码】完成'
}
}
stage('[mvn] build') {
steps {
echo "【mvn build代码】group: ${GROUPID}, artifactId: ${ARTIFACTID}, version: ${VERSION},profile:${params.Profiles}"
sh "mvn clean package -Dmaven.test.skip=true -P ${params.Profiles}"
}
}
stage('[Code Analysis]SonarQube Analysis') {
when {
expression {
return params.SonarQubeAnalysis;
}
}
steps {
withSonarQubeEnv('sonarqube') {
echo "【代码分析】sonar url:${SONAR_HOST_URL}"
//SONAR_HOST_URL 与SONAR_AUTH_TOKEN的值是设置在configure system 中的"SonarQube servers"中。"SonarQube servers"中设置的密码是Sectet text类型的凭据
sh """
mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar -Dsonar.host.url=${SONAR_HOST_URL} -Dsonar.login=${SONAR_AUTH_TOKEN}
"""
echo "【代码分析】分析完成,请到${SONAR_HOST_URL}查看"
}
}
}
stage('[Code Analysis]Wait') {
when {
expression {
return params.SonarQubeAnalysis;
}
}
steps {
timeout(1) {
//等待sonarqube的分析结果,这里是等1分钟
waitForQualityGate abortPipeline: true
}
}
}
stage('[Docker snapshot]push image and run container') {
when {
expression {
return params.DockerBuild && env.VERSION.toUpperCase().contains("SNAPSHOT");
}
}
steps {
echo "【docker测试镜像打包】开始构建 ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} 镜像"
sh "docker image build -t ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} ."
sh "docker container rm ${GROUPID}-${ARTIFACTID}-${VERSION} -f || docker container run -d -p ${SERVER_PORT}:8080 --name ${GROUPID}-${ARTIFACTID}-${VERSION} ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} || date"
echo "【docker测试镜像打包】结束构建 ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} 镜像"
}
}
stage('[Docker realease]push image and run container') {
when {
allOf {
expression {
return params.DockerBuild && env.VERSION ==~ /(\d+)(.)(\d+)(.)(\d+)/;
}
}
}
steps {
echo "【docker正式镜像打包】开始构建 ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} 镜像"
sh "docker image build -t ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} ."
echo "【docker正式镜像打包】结束构建 ${DOCKER_SERVER_URL}/${GROUPID}/${ARTIFACTID}:${VERSION} 镜像"
}
}
stage('[Docker rmi]删除悬虚镜像') {
when {
expression {
return params.DockerBuild && env.VERSION.toUpperCase().contains("SNAPSHOT");
}
}
steps {
echo "【删除悬虚镜像】开始删除悬虚镜像"
sh 'docker rmi $(docker images -q -f dangling=true) || date'
echo "【删除悬虚镜像】结束删除悬虚镜像"
}
}
}
}
3.放在mvn项目的根目录下
4.在Jenkins进行配置
4.1创建流水线任务
4.2填写代码git地址、分支、以及Jenkinsfile所在路径
4.3 点击保存,执行build即可。