jenkins:集成sonar代码扫描+发送邮件

最新推荐文章于 2024-04-22 23:31:26 发布
最新推荐文章于 2024-04-22 23:31:26 发布
阅读量2.4w 收藏 5
点赞数
文章标签: 运维 ldap 大数据
原文链接:http://www.cnblogs.com/gcgc/p/10829948.html
版权

 

前提:

  Jenkins

  JDK

目录:

1、安装sonar插件:SonarQube Scanner for Jenkins

2、安装SonarQube

3、安装sonar-scanner

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1.安装sonar插件:SonarQube Scanner for Jenkins

  

2、安装SonarQube,并配置mysql数据库

  2.1 下载

    下载地址:https://www.sonarqube.org/downloads/

  2.2 解压

    下载后放在/usr/local目录下,并解压

unzip sonarqube-7.4.zip

  2.3 配置环境变量

vi /etc/profile

  里面写如下

#set sonarqube
export SONAR_HOME=/usr/local/sonarqube-7.4
PATH=$PATH:$SONAR_HOME/bin

  使配置生效

source /etc/profile

  2.4 启动并测试

    进入到启动目录

/usr/local/sonarqube-7.4/bin/linux-x86-64

    执行启动命令

./sonar.sh start

    启动时要查看es.log和sonar.log日志,还有web.log,关于数据库配置的错误会在此处显示

tail -f /usr/local/sonarqube-6.7.6/logs/es.log    
tail -f /usr/local/sonarqube-6.7.6/logs/sonar.log   
tail -f /usr/local/sonarqube-6.7.6/logs/web.log

 

  用root启动会报错,请参考我的另一篇文章:https://www.cnblogs.com/gcgc/p/10239590.html

    所有问题解决完后启动,并测试,访问ip+port,OK了

    如果默认的9000端口被占用了,则修改默认端口 vi /usr/local/sonarqube-7.4/conf/sonar.properties

    注意sonar中还集成了elastic search默认端口为9001,所以要查看9001否也被占用lsof -i:9001,如果被占用,也是修改上面的文件

  2.5 sonar配置mysql数据库

    sonar自带测试数据库,但是具体应用还是的换其他数据,这里我们使用mysql,

    创建sonar数据库

DROP DATABASE sonar;
 
CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;
 
CREATE USER 'sonar' IDENTIFIED BY 'sonar';
 
GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
 
GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
 
FLUSH PRIVILEGES;

  2.6 修改配置文件

     修改vi /usr/local/sonarqube-7.4/conf/sonar.properties文件,如下的蓝色加粗字体

# Property values can:
# - reference an environment variable, for example sonar.jdbc.url= ${env:SONAR_JDBC_URL}
# - be encrypted. See https://redirect.sonarsource.com/doc/settings-encryption.html

#--------------------------------------------------------------------------------------------------
# DATABASE
#
# IMPORTANT:
# - The embedded H2 database is used by default. It is recommended for tests but not for
#   production use. Supported databases are MySQL, Oracle, PostgreSQL and Microsoft SQLServer.
# - Changes to database connection URL (sonar.jdbc.url) can affect SonarSource licensed products.

# User credentials.
# Permissions to create tables, indices and triggers must be granted to JDBC user.
# The schema must be created first.
#sonar.jdbc.username=
#sonar.jdbc.password=

sonar.jdbc.username=sonar
sonar.jdbc.password=sonar

sonar.sorceEncoding=UTF-8
sonar.login=admin
sonar.password=admin


#----- Embedded Database (default)
# H2 embedded database server listening port, defaults to 9092
#sonar.embeddedDatabase.port=9092

#----- DEPRECATED 
#----- MySQL >=5.6 && <8.0
# Support of MySQL is dropped in Data Center Editions and deprecated in all other editions
# Only InnoDB storage engine is supported (not myISAM).
# Only the bundled driver is supported. It can not be changed.
sonar.jdbc.url=jdbc:mysql://192.168.207.160:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false


#----- Oracle 11g/12c
# The Oracle JDBC driver must be copied into the directory extensions/jdbc-driver/oracle/.
# Only the thin client is supported, and only the versions 11.2.x or 12.2.x must be used. See
# https://jira.sonarsource.com/browse/SONAR-9758 for more details.
# If you need to set the schema, please refer to http://jira.sonarsource.com/browse/SONAR-5000
#sonar.jdbc.url=jdbc:oracle:thin:@localhost:1521/XE


#----- PostgreSQL 9.3 or greater
# By default the schema named "public" is used. It can be overridden with the parameter "currentSchema".
#sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema


#----- Microsoft SQLServer 2014/2016 and SQL Azure
# A database named sonar must exist and its collation must be case-sensitive (CS) and accent-sensitive (AS)
# Use the following connection string if you want to use integrated security with Microsoft Sql Server
# Do not set sonar.jdbc.username or sonar.jdbc.password property if you are using Integrated Security
# For Integrated Security to work, you have to download the Microsoft SQL JDBC driver package from
# https://www.microsoft.com/en-us/download/details.aspx?id=55539
# and copy sqljdbc_auth.dll to your path. You have to copy the 32 bit or 64 bit version of the dll
# depending upon the architecture of your server machine.
#sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true

# Use the following connection string if you want to use SQL Auth while connecting to MS Sql Server.
# Set the sonar.jdbc.username and sonar.jdbc.password appropriately.
#sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar


#----- Connection pool settings
# The maximum number of active connections that can be allocated
# at the same time, or negative for no limit.
# The recommended value is 1.2 * max sizes of HTTP pools. For example if HTTP ports are
# enabled with default sizes (50, see property sonar.web.http.maxThreads)
# then sonar.jdbc.maxActive should be 1.2 * 50 = 60.
#sonar.jdbc.maxActive=60

# The maximum number of connections that can remain idle in the
# pool, without extra ones being released, or negative for no limit.
#sonar.jdbc.maxIdle=5

# The minimum number of connections that can remain idle in the pool,
# without extra ones being created, or zero to create none.
#sonar.jdbc.minIdle=2

# The maximum number of milliseconds that the pool will wait (when there
# are no available connections) for a connection to be returned before
# throwing an exception, or <= 0 to wait indefinitely.
#sonar.jdbc.maxWait=5000

#sonar.jdbc.minEvictableIdleTimeMillis=600000
#sonar.jdbc.timeBetweenEvictionRunsMillis=30000



#--------------------------------------------------------------------------------------------------
# WEB SERVER
# Web server is executed in a dedicated Java process. By default heap size is 512Mb.
# Use the following property to customize JVM options.
#    Recommendations:
#
#    The HotSpot Server VM is recommended. The property -server should be added if server mode
#    is not enabled by default on your environment:
#    http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
#
#    Startup can be long if entropy source is short of entropy. Adding
#    -Djava.security.egd=file:/dev/./urandom is an option to resolve the problem.
#    See https://wiki.apache.org/tomcat/HowTo/FasterStartUp#Entropy_Source
#
#sonar.web.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError

# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.web.javaAdditionalOpts=

# Binding IP address. For servers with more than one IP address, this property specifies which
# address will be used for listening on the specified ports.
# By default, ports will be used on all IP addresses associated with the server.
#sonar.web.host=0.0.0.0

# Web context. When set, it must start with forward slash (for example /sonarqube).
# The default value is root context (empty value).
#sonar.web.context=
# TCP port for incoming HTTP connections. Default value is 9000.
sonar.web.port=9000


# The maximum number of connections that the server will accept and process at any given time.
# When this number has been reached, the server will not accept any more connections until
# the number of connections falls below this value. The operating system may still accept connections
# based on the sonar.web.connections.acceptCount property. The default value is 50.
#sonar.web.http.maxThreads=50

# The minimum number of threads always kept running. The default value is 5.
#sonar.web.http.minThreads=5

# The maximum queue length for incoming connection requests when all possible request processing
# threads are in use. Any requests received when the queue is full will be refused.
# The default value is 25.
#sonar.web.http.acceptCount=25

# By default users are logged out and sessions closed when server is restarted.
# If you prefer keeping user sessions open, a secret should be defined. Value is
# HS256 key encoded with base64. It must be unique for each installation of SonarQube.
# Example of command-line:
# echo -n "type_what_you_want" | openssl dgst -sha256 -hmac "key" -binary | base64
#sonar.auth.jwtBase64Hs256Secret=

# The inactivity timeout duration of user sessions, in minutes. After the configured
# period of time, the user is logged out.
# The default value is set to 3 days (4320 minutes)
# and cannot be greater than 3 months. Value must be strictly positive.
#sonar.web.sessionTimeoutInMinutes=4320

# A passcode can be defined to access some web services from monitoring
# tools without having to use the credentials of a system administrator.
# Check the Web API documentation to know which web services are supporting this authentication mode.
# The passcode should be provided in HTTP requests with the header "X-Sonar-Passcode".
# By default feature is disabled.
#sonar.web.systemPasscode=


#--------------------------------------------------------------------------------------------------
# SSO AUTHENTICATION

# Enable authentication using HTTP headers
#sonar.web.sso.enable=false

# Name of the header to get the user login.
# Only alphanumeric, '.' and '@' characters are allowed
#sonar.web.sso.loginHeader=X-Forwarded-Login

# Name of the header to get the user name
#sonar.web.sso.nameHeader=X-Forwarded-Name

# Name of the header to get the user email (optional)
#sonar.web.sso.emailHeader=X-Forwarded-Email

# Name of the header to get the list of user groups, separated by comma (optional).
# If the sonar.sso.groupsHeader is set, the user will belong to those groups if groups exist in SonarQube.
# If none of the provided groups exists in SonarQube, the user will only belong to the default group.
# Note that the default group will always be set.
#sonar.web.sso.groupsHeader=X-Forwarded-Groups

# Interval used to know when to refresh name, email and groups.
# During this interval, if for instance the name of the user is changed in the header, it will only be updated after X minutes.
#sonar.web.sso.refreshIntervalInMinutes=5

#--------------------------------------------------------------------------------------------------
# LDAP CONFIGURATION

# Enable the LDAP feature
# sonar.security.realm=LDAP

# Set to true when connecting to a LDAP server using a case-insensitive setup.
# sonar.authenticator.downcase=true

# URL of the LDAP server. Note that if you are using ldaps, then you should install the server certificate into the Java truststore.
# ldap.url=ldap://localhost:10389

# Bind DN is the username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory (optional)
# ldap.bindDn=cn=sonar,ou=users,o=mycompany

# Bind Password is the password of the user to connect with. Leave this blank for anonymous access to the LDAP directory (optional)
# ldap.bindPassword=secret

# Possible values: simple | CRAM-MD5 | DIGEST-MD5 | GSSAPI See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html (default: simple)
# ldap.authentication=simple

# See :
#   * http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html
#   * http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html
# (optional)
# ldap.realm=example.org

# Context factory class (optional)
# ldap.contextFactoryClass=com.sun.jndi.ldap.LdapCtxFactory

# Enable usage of StartTLS (default : false)
# ldap.StartTLS=true

# Follow or not referrals. See http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html (default: true)
# ldap.followReferrals=false

# USER MAPPING

# Distinguished Name (DN) of the root node in LDAP from which to search for users (mandatory)
# ldap.user.baseDn=cn=users,dc=example,dc=org

# LDAP user request. (default: (&(objectClass=inetOrgPerson)(uid={login})) )
# ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))

# Attribute in LDAP defining the user’s real name. (default: cn)
# ldap.user.realNameAttribute=name

# Attribute in LDAP defining the user’s email. (default: mail)
# ldap.user.emailAttribute=email

# GROUP MAPPING

# Distinguished Name (DN) of the root node in LDAP from which to search for groups. (optional, default: empty)
# ldap.group.baseDn=cn=groups,dc=example,dc=org

# LDAP group request (default: (&(objectClass=groupOfUniqueNames)(uniqueMember={dn})) )
# ldap.group.request=(&(objectClass=group)(member={dn}))

# Property used to specifiy the attribute to be used for returning the list of user groups in the compatibility mode. (default: cn)
# ldap.group.idAttribute=sAMAccountName

#--------------------------------------------------------------------------------------------------
# COMPUTE ENGINE
# The Compute Engine is responsible for processing background tasks.
# Compute Engine is executed in a dedicated Java process. Default heap size is 512Mb.
# Use the following property to customize JVM options.
#    Recommendations:
#
#    The HotSpot Server VM is recommended. The property -server should be added if server mode
#    is not enabled by default on your environment:
#    http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
#
#sonar.ce.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError

# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.ce.javaAdditionalOpts=


#--------------------------------------------------------------------------------------------------
# ELASTICSEARCH
# Elasticsearch is used to facilitate fast and accurate information retrieval.
# It is executed in a dedicated Java process. Default heap size is 512Mb.
#
# --------------------------------------------------
# Word of caution for Linux users on 64bits systems
# --------------------------------------------------
# Please ensure Virtual Memory on your system is correctly configured for Elasticsearch to run properly
# (see https://www.elastic.co/guide/en/elasticsearch/reference/5.5/vm-max-map-count.html for details).
#
# When SonarQube runs standalone, a warning such as the following may appear in logs/es.log:
#      "max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]"
# When SonarQube runs as a cluster, however, Elasticsearch will refuse to start.
#

# JVM options of Elasticsearch process
#sonar.search.javaOpts=-Xms512m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError

# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.search.javaAdditionalOpts=

# Elasticsearch port. Default is 9001. Use 0 to get a free port.
# As a security precaution, should be blocked by a firewall and not exposed to the Internet.
sonar.search.port=9002

# Elasticsearch host. The search server will bind this address and the search client will connect to it.
# Default is loopback address.
# As a security precaution, should NOT be set to a publicly available address.
#sonar.search.host=


#--------------------------------------------------------------------------------------------------
# UPDATE CENTER

# Update Center requires an internet connection to request https://update.sonarsource.org
# It is enabled by default.
#sonar.updatecenter.activate=true

# HTTP proxy (default none)
#http.proxyHost=
#http.proxyPort=
# HTTPS proxy (defaults are values of http.proxyHost and http.proxyPort)
#https.proxyHost=
#https.proxyPort=

# NT domain name if NTLM proxy is used
#http.auth.ntlm.domain=

# SOCKS proxy (default none)
#socksProxyHost=
#socksProxyPort=

# Proxy authentication (used for HTTP, HTTPS and SOCKS proxies)
#http.proxyUser=
#http.proxyPassword=


#--------------------------------------------------------------------------------------------------
# LOGGING

# SonarQube produces logs in 4 logs files located in the same directory (see property sonar.path.logs below),
# one per process:
#   Main process (aka. App) logs in sonar.log
#   Web Server (aka. Web) logs in web.log
#   Compute Engine (aka. CE) logs in ce.log
#   Elasticsearch (aka. ES) logs in es.log
#
# All 4 files follow the same rolling policy (see sonar.log.rollingPolicy and sonar.log.maxFiles) but it applies
# individually (eg. if sonar.log.maxFiles=4, there can be at most 4 of each files, ie. 16 files in total).
#
# All 4 files have logs in the same format:
#           1           2    3           4                       5                                                   6
# |-----------------| |---| |-|--------------------||------------------------------| |------------------------------------------------------------------------------------------------------------------------------|
# 2016.11.16 16:47:00 INFO  ce[AVht0dNXFcyiYejytc3m][o.s.s.c.t.CeWorkerCallableImpl] Executed task | project=org.sonarqube:example-java-maven | type=REPORT | id=AVht0dNXFcyiYejytc3m | submitter=admin | time=1699ms
#
# 1: timestamp. Format is YYYY.MM.DD HH:MM:SS
#    YYYY: year on 4 digits
#    MM: month on 2 digits
#    DD: day on 2 digits
#    HH: hour of day on 2 digits in 24 hours format
#    MM: minutes on 2 digits
#    SS: seconds on 2 digits
# 2: log level.
#    Possible values (in order of descending criticality): ERROR, WARN, INFO, DEBUG and TRACE
# 3: process identifier. Possible values: app (main), web (Web Server), ce (Compute Engine) and es (Elasticsearch)
# 4: SQ thread identifier. Can be empty.
#    In the Web Server, if present, it will be the HTTP request ID.
#    In the Compute Engine, if present, it will be the task ID.
# 5: logger name. Usually a class canonical name.
#    Package names are truncated to keep the whole field to 20 characters max
# 6: log payload. Content of this field does not follow any specific format, can vary in length and include line returns.
#    Some logs, however, will follow the convention to provide data in payload in the format " | key=value"
#    Especially, log of profiled pieces of code will end with " | time=XXXXms".

# Global level of logs (applies to all 4 processes).
# Supported values are INFO (default), DEBUG and TRACE
#sonar.log.level=INFO

# Level of logs of each process can be controlled individually with their respective properties.
# When specified, they overwrite the level defined at global level.
# Supported values are INFO, DEBUG and TRACE
#sonar.log.level.app=INFO
#sonar.log.level.web=INFO
#sonar.log.level.ce=INFO
#sonar.log.level.es=INFO

# Path to log files. Can be absolute or relative to installation directory.
# Default is <installation home>/logs
#sonar.path.logs=logs

# Rolling policy of log files
#    - based on time if value starts with "time:", for example by day ("time:yyyy-MM-dd")
#      or by month ("time:yyyy-MM")
#    - based on size if value starts with "size:", for example "size:10MB"
#    - disabled if value is "none".  That needs logs to be managed by an external system like logrotate.
#sonar.log.rollingPolicy=time:yyyy-MM-dd

# Maximum number of files to keep if a rolling policy is enabled.
#    - maximum value is 20 on size rolling policy
#    - unlimited on time rolling policy. Set to zero to disable old file purging.
#sonar.log.maxFiles=7

# Access log is the list of all the HTTP requests received by server. If enabled, it is stored
# in the file {sonar.path.logs}/access.log. This file follows the same rolling policy as other log file
# (see sonar.log.rollingPolicy and sonar.log.maxFiles).
#sonar.web.accessLogs.enable=true

# Format of access log. It is ignored if sonar.web.accessLogs.enable=false. Possible values are:
#    - "common" is the Common Log Format, shortcut to: %h %l %u %user %date "%r" %s %b
#    - "combined" is another format widely recognized, shortcut to: %h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}"
#    - else a custom pattern. See http://logback.qos.ch/manual/layouts.html#AccessPatternLayout.
# The login of authenticated user is not implemented with "%u" but with "%reqAttribute{LOGIN}" (since version 6.1).
# The value displayed for anonymous users is "-".
# The SonarQube's HTTP request ID can be added to the pattern with "%reqAttribute{ID}" (since version 6.2).
# If SonarQube is behind a reverse proxy, then the following value allows to display the correct remote IP address:
#sonar.web.accessLogs.pattern=%i{X-Forwarded-For} %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"
# Default value (which was "combined" before version 6.2) is equivalent to "combined + SQ HTTP request ID":
#sonar.web.accessLogs.pattern=%h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"


#--------------------------------------------------------------------------------------------------
# OTHERS

# Delay in seconds between processing of notification queue. Default is 60 seconds.
#sonar.notifications.delay=60

# Paths to persistent data files (embedded database and search index) and temporary files.
# Can be absolute or relative to installation directory.
# Defaults are respectively <installation home>/data and <installation home>/temp
#sonar.path.data=data
#sonar.path.temp=temp

# Telemetry - Share anonymous SonarQube statistics
# By sharing anonymous SonarQube statistics, you help us understand how SonarQube is used so we can improve the product to work even better for you.
# We don't collect source code or IP addresses. And we don't share the data with anyone else.
# To see an example of the data shared: login as a global administrator, call the WS api/system/info and check the Statistics field.
#sonar.telemetry.enable=true


#--------------------------------------------------------------------------------------------------
# DEVELOPMENT - only for developers
# The following properties MUST NOT be used in production environments.

# Elasticsearch HTTP connector
#sonar.search.httpPort=-1

重新启动sonar,好了测试一下

 

 

3、安装sonar-scanner

  3.1 下载

    https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner

  3.2 解压

    下载后放在/usr/local目录下,并解压

unzip sonar-scanner-cli-3.2.0.1227-linux.zip

  3.3 配置环境变量

    和上面一样修改/etc/profile文件,修改完记得 source /etc/profile

#set sonarqube
export SONAR_HOME=/usr/local/sonarqube-7.4
export SONAR_SCANNER_HOME=/usr/local/sonar-scanner-3.2.0.1227-linux
PATH=$PATH:$SONAR_HOME/bin:$SONAR_SCANNER_HOME/bin

  修改完记得 source /etc/profile

  3.4 测试

    进入/usr/local/sonar-scanner-3.2.0.1227-linux/bin执行:

./sonar-scanner -h

    如果出现如下就说明安装好了

[root@iZbp1bb2egi7w0ueys548qZ bin]# ./sonar-scanner -h
INFO: 
INFO: usage: sonar-scanner [options]
INFO: 
INFO: Options:
INFO:  -D,--define <arg>     Define property
INFO:  -h,--help             Display help information
INFO:  -v,--version          Display version information
INFO:  -X,--debug            Produce execution debug output

4、在Jenkins中配置sonar

  SonarScanner和SonarQube的关系类似于客户端与服务端,由于SonarScanner工具需要把扫描的代码及结果发送到SonarQube服务器上,所以需要配置SonarQube服务地址。

  在Jenkins系统配置>>系统设中配置如下:

  

5、在Jenkins中配置sonar-scanner

  在全局工具配置中配置如下:

  

 

 6、增加构建步骤

  Analysis properties 内容如下

sonar.projectKey=e-auth
sonar.projectName=电商用户服务-auth
sonar.projectVersion=1.0
sonar.sources=./
sonar.language=java
sonar.sourceEncoding=UTF-8
sonar.java.binaries=./
sonar.login=admin
sonar.password=admin

 

 7、构建一下

  

8、添加自定义邮件模板

  在jenkins所在机器上/root/.jenkins目录下,新建/sonar_script文件夹,里面放如下脚本:sonar.py和table.html

sonar.py内容如下

#!/usr/bin/python
# -*- coding:utf-8 -*-

import pymysql,os,sys
from jinja2 import FileSystemLoader,Environment

def select_project_uuid(project_name):
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()
    select_p_uuid="SELECT project_uuid,kee FROM projects WHERE `name`= '%s'" %(project_name)
    cursor.execute(select_p_uuid)
    result = cursor.fetchone()
    p_uuid = result[0]
    projectKey = result[1]
    db.close()
    return(p_uuid, projectKey)

def select_total_info(p_uuid):
    total_info=[]
    # 使用cursor()方法获取操作游标
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    select_p_links = "SELECT text_value FROM project_measures WHERE text_value LIKE 'java=%' and component_uuid=" + "\'" + p_uuid + "\'"
    cursor.execute(select_p_links)
    p_links = cursor.fetchone()[0].split("=")[1]

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =%s"
    for leak in [2,3,1]:
        search_data = sql_info %(p_uuid, leak)
        cursor.execute(search_data)
        total_info.append(cursor.fetchone()[0])
    db.close()
    return p_links,total_info

def select_bugs(p_uuid):
    bugs=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =2 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        bugs.append(cursor.fetchone()[0])
    db.close()
    return bugs

def select_leaks(p_uuid):
    leaks=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =3 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        leaks.append(cursor.fetchone()[0])
    db.close()
    return leaks

def select_bad_tastes(p_uuid):
    tastes=[]
    db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")
    cursor = db.cursor()

    sql_info="SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =1 AND severity ='%s'"
    for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:
        search_data=sql_info  % (p_uuid,leak)
        cursor.execute(search_data)
        tastes.append(cursor.fetchone()[0])
    return tastes
    db.close()

curpath = os.getcwd()
table_tem_name="table.html"    
def generate_errmsg_table(s_lines="", total_data=[], bugs=[],leaks=[],tastes=[],report_url=""):
    env = Environment(loader=FileSystemLoader(curpath, 'utf-8'))  # 创建一个包加载器对象
    template = env.get_template(table_tem_name)
    html_content = (template.render(lins=s_lines,total_data=total_data, bugs=bugs,leaks = leaks,tastes=tastes,report_url=report_url))
    fh = open(report_html_path, 'w')
    fh.write(html_content)
    fh.close()

project_name = sys.argv[1]
report_html_path="report\\"+project_name+".html"
p_uuid, projectKey=select_project_uuid(project_name)
s_lines,total_data=select_total_info(p_uuid)
bugs=select_bugs(p_uuid)
leaks=select_leaks(p_uuid)
tastes=select_bad_tastes(p_uuid)
report_url="http://192.168.207.140:9000/dashboard?id=%s" %(projectKey)
generate_errmsg_table(s_lines,total_data,bugs,leaks,tastes,report_url)

 

 table.html内容:

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="GBK">
<body>
<p style="font-weight:bold;">一、总体情况:</p>
<ul>
<li style="font-weight:bold;">整体运行情况:扫描代码行数:<span style="color:blue">{{lins}}</span>, bugs:<span style="color:red">{{total_data[0]}}</span>, 漏洞:<span style="color:red">{{total_data[1]}}</span>, 坏味道:<span style="color:red">{{total_data[2]}}</span></li>
<li style="font-weight:bold;">URL地址:<a style="font-weight:bold;" href={{report_url}} >{{report_url}}</a></li>
</ul>
<p style="font-weight:bold;">二、错误信息详情:</p>
<table border="1" cellpadding="10" width="540" height="120">
    <tr ><th></th><th>阻断</th><th>严重</th><th>主要</th><th>次要</th><th>提示</th><th>总数</th></tr>
    <tr bgcolor=#ECFFFF><td>bugs</td><td align="center">{{bugs[0]}}</td><td align="center">{{bugs[1]}}</td><td align="center">{{bugs[2]}}</td><td align="center">{{bugs[3]}}</td><td align="center">{{bugs[4]}}</td><td align="center" style="color:red">{{total_data[0]}}</td></tr>
    <tr bgcolor=#D2E9FF><td>漏洞</td><td align="center">{{leaks[0]}}</td><td align="center">{{leaks[1]}}</td><td align="center">{{leaks[2]}}</td><td align="center">{{leaks[3]}}</td><td align="center">{{leaks[4]}}</td><td align="center" style="color:red">{{total_data[1]}}</td></tr>
    <tr bgcolor=#ECFFFF><td>坏味道</td><td align="center">{{tastes[0]}}</td><td align="center">{{tastes[1]}}</td><td align="center">{{tastes[2]}}</td><td align="center">{{tastes[3]}}</td><td align="center">{{tastes[4]}}</td><td align="center" style="color:red">{{total_data[2]}}</td></tr>
</table>
<br></br>
</body>
</html>

 

9、添加执行自定义生成邮件模板步骤

  前提:由于要执行sonar.py脚本,所以jenkins所在机器要有python3环境,且安装了pymysql、jinja2,

     centos安装python3:

  进入到sonar.py所在目录,执行命令:python3 sonar.py 项目名

      执行完成后会在/root/.jenkins/sonar_script目录下生成html文件,

 

 10、配置发送邮件

  10.1 安装插件:Email Extension

  10.2 在系统管理》》系统设置中设置

 

 

 

 

 11、发送邮件

  在job中添加步骤

内容选择HTML,打开高级选项

增加触发器,并打开高级选项

输入发送邮箱列表,以英文逗号分隔,和邮件内容,html就是上面步骤生成的

最终的邮件如下图:

 

 

转载于:https://www.cnblogs.com/gcgc/p/10829948.html

weixin_30950887
关注
  • 0
    点赞
  • 5
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
使用jenkins+sonar进行代码扫描,并发送自定义邮件.docx
06-22
使用jenkins+sonar进行代码扫描,并发送自定义邮件
Jenkins使用sonarqube代码扫描并发送扫描报告邮件
01-08
jenkins中使用例子: #定义sonar项目名称 sonar_url=bus-pub #邮件接收人 [email protected] [email protected] send3= #重新下载对应项目扫描报告 rm -f ${JOB_NAME}.pdf wget http://192.168.20.243:9000/api/pdfreport/get?componentKey=${sonar_url} -O ${JOB_NAME}.pdf #邮件内容 echo ${JOB_NAME}-第${BUILD_NUMBER}次代码扫描报告 > mail.txt ech
2024新版SonarQube+JenKins+Github联动代码扫描(3)-三者联动配置最终章
面向感觉挖洞,背向对象编程。欢迎关注VX公众号:EureKa安全团队
03-05 783
终于来到最后了。前面的两篇文章都是配置项,务必能成功启动和运行,才可以进行第三步的联动配置。SonarQube+JenKins+Github三者之间的自动化构建和代码扫描,听起来确实是非常高效率的,但是网上文章都是老版本,很多都是2018左右的版本,照着他们的步骤来,在2024年的今天,新版是完全不一样了,所以我当初配置的时候,也是花了2天的时间,最后总结成3篇文章,供大家参考。
Adobe Acrobat DC 扫描图片 文字颜色加深
淡然的博客
08-15 4998
Adobe Acrobat DC版本“工具”→“印刷制作”→“转换颜色” 只需把“转换配置文件”改为“Dot Gain 10% ”即可。 如果还是达不到效果,再做一次同样的操作,直到满意为止。
DFT设计 与 芯片测试 ;Scan Chain; DC里的DFT的扫描链设计; 存在异步复位触发器时的扫描链设计;Scan-In Scan-Out
Jie_MSD的博客
07-10 5215
DFT(Design for Testability )该设计有助于提高可测试性,从而促进制造过程中的测试和调试,提高了芯片的可测试性和可靠性。没有一个制造过程是完美的,所以生成出的所有的芯片不是都能正常工作,因此,进行测试(例如DFT)是非常重要的,以确保只有功能正常的芯片被送出去用于后续的封装和应用。对于任何芯片设计,都会存在一定的失效率(Yield)。
鉴源实验室 | 软件代码结构化覆盖测试-MC/DC覆盖
TICPSH的博客
12-15 1012
MC/DC的全称是Modified Condition/Decision Coverage,修正条件判定覆盖率。很多文章对于定义的解释都比较专业,通常也会让人感觉理解困难,本文我们用通俗易懂的说明给大家做介绍。
SonarQube+jenkins(三):SonarQube+jenkins生成pdf报告脚本发送至邮箱+邮箱使用
小轩的名古屋
07-03 1457
一、安装mailx # Centos,安装 mailx $ yum install -y mailx # 查看帮助 $ mail --h 二、解决SSL证书 不安装会报错“Error in certificate: Peer’s certificate issuer is not recognized # 生成证书 $ mkdir ~/.certs $ echo -n | openssl s_client -connect smtp.mxhichina.com:465 | sed -ne '/-BE
sonar-scanner连接sonarquebe7的sonar.java.binaries问题的解决方案
08-26
今天小编就为大家分享一篇关于sonar-scanner连接sonarquebe7的sonar.java.binaries问题的解决方案,小编觉得内容挺不错的,现在分享给大家,具有很好的参考价值,需要的朋友一起跟随小编来看看吧
SonarQube 9.x集成Jenkins生成PDF扫描报告并通过邮件附件的方式发送;
qq_44930876的博客
12-02 2435
SonarQube 9.x集成Jenkins生成PDF扫描报告并通过邮件附件的方式发送;
吐血整理,Jenkins配置邮件发送测试报告持续集成,看这一篇就够了...
测试逍遥子的博客
08-10 1531
开启SMTP服务这里我们以QQ邮箱为例进行学习,需要开启 SMTP 服务,登录QQ邮箱->设置->账户->开启 POP3/SMTP 服务。开启SMTP服务时,需要发送短信验证,按照提示信息操作后,就可以得到一个QQ邮箱授权码,将该授权码保存下来,当我们通过 Jenkins 配置邮件时,该授权码就相当于QQ邮箱的密码。配置Jenkins自带的邮件功能首先,需要在Jenkins控制台,进入系统管理->系统设置,配置系统管理员邮件地址,即发件人的邮箱地址。接着,拉到界面最下面,找到邮件通知,点击 高级。
dcweb:三方依赖库扫描系统
03-11
dcweb Dependency-Check是一种分析软件组成的工具,他会检测项目中依赖项的公开显示拆分,常用于扫描java和.NET项目。本项目就是基于此工具的包装。 目标 用于检测项目中使用依赖库的安全性。根据公司业务的情况: 对接代码管理平台,自动化扫描 业务提交扫描工单,安全人员帮助扫描和给修复建议 业务自行提交扫描 如果公司代码发布不多,推荐使用第二种方法,安全人员好跟进并提出针对性建议。 新项目是一种生成cve数据库的工具,可以配合Dependcy-Check使用。 安装 普通安装 1. git clone [email protected]:he1m4n6a/dcweb.git 2. pip -r requirements.txt 3. 从 https://bintray.com/jeremy-long/owasp/dependency-check 下载dependency-ch
jenkins持续集成sonar扫描代码
10-12
经过几个日夜的奋斗,在linux上总结出jenkins集成sonar的文档,过程中遇到过各种坑。
jenkins+Sonarqube(支持代码c&c++)+mysql安装部署配置.zip
09-27
DevOps工具链中最重要的环节,代码扫描检测,附件包含sonar软件包,插件,C、C++代码检测插件,jenkins+sonarqube+mysql的集成配置方法
zap-sonar-plugin:将OWASP Zed攻击代理报告集成SonarQube中
05-13
ZAP提供自动扫描程序以及一系列工具,可让您手动查找安全漏洞。 安装 将插件(jar文件)复制到$SONAR_INSTALL_DIR/extensions/plugins并重新启动SonarQube。 插件配置 典型的SonarQube配置将具有以下参数。 本示例...
【kettle001】访问国产达梦数据库并处理数据至execl文件
最新发布
kngines
04-22 368
一直以来想写下基于kettle的系列文章,作为较火的数据ETL工具,也是日常项目开发中常用的一款工具,最近刚好挤时间梳理、总结下这块儿的知识体系。熟悉、梳理、总结下达梦(DM)关系型数据库相关知识体系。
Linux配置腾讯云yum源(保姆级教学)
m0_67457606的博客
04-21 290
这里以 CentOS 7 为例,如果是其他版本的系统,可以将上述命令中的 `centos7` 替换为相应的版本号。
远程服务连接
aihua002的博客
04-19 358
root@client 桌面]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]。[root@client 桌面]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]。[root@client 桌面]# ssh-keygen -f /root/.ssh/id_rsa -P ""[root@server 桌面]# vim /etc/ssh/sshd_config。
如何解决Nginx的“413 Request Entity Too Large”错误
一勺菠萝丶的博客
04-18 464
当你尝试上传一个大文件到你的服务器时,你可能会遇到一个Nginx错误,提示“413 Request Entity Too Large”。这意味着客户端请求的数据量大于服务器愿意或能够处理的量。幸运的是,有一个简单的解决方案来处理这个问题。
Jenkins+sonar+tomcat+SVN集成搭建
05-19
JenkinsSonarQube、Tomcat和SVN可以进行集成搭建,可以实现代码的自动构建、测试、分析和部署。下面是具体步骤: 1. 安装JenkinsSonarQube JenkinsSonarQube都可以在官网下载安装包进行安装。 2. 安装...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值