docker安装jenkins+sonar 实现代码检测
一、sonarqube简介
SonarQube 是一款用于代码质量管理的开源工具,它主要用于管理源代码的质量。通过插件形式,可以支持众多计算机语言。
比如 java, C#, go,C/C++, PL/SQL,Cobol,JavaScrip,Groovy等。sonar可以通过PMD,CheckStyle,Findbugs等等代码规则检测工具来检测你的代码,帮助你发现代码的漏洞,Bug,异味等信息。
二、安装postgresql数据库
#注意:sonarqube7.9版本以上不再支持MySQL数据库,这里我们使用postgresql
1、拉取postgresql、sonarqube、jenkins的镜像
[root@VM-0-15-centos ~]# docker pull postgres:latest
Trying to pull repository docker.io/library/postgres ...
latest: Pulling from docker.io/library/postgres
ae13dd578326: Pull complete
723e40c35aaf: Pull complete
bf97ae6a09b4: Pull complete
2c965b3c8cbd: Pull complete
c3cefa46a015: Pull complete
64a7315fc25c: Pull complete
b9846b279f7d: Pull complete
ed988fb8e7d9: Pull complete
ed4bb4fd8bb5: Pull complete
ead27f1733c8: Pull complete
7d493bacd383: Pull complete
0920535e8417: Pull complete
db76d5bdbf2c: Pull complete
Digest: sha256:99aa522df573a6f117317ab9627c1ba4717513090fd013b937c91a288933ee90
Status: Downloaded newer image for docker.io/postgres:latest
[root@VM-0-15-centos ~]# docker pull sonarqube:latest
Trying to pull repository docker.io/library/sonarqube ...
latest: Pulling from docker.io/library/sonarqube
36ccefbf3d8a: Pull complete
afb294ac7ddc: Pull complete
7963d7b13fc9: Pull complete
Digest: sha256:90a68d1ac2c3ce072b54615d37f59644b988bb603fc7fb23e3d12914b854e41a
Status: Downloaded newer image for docker.io/sonarqube:latest
[root@VM-0-15-centos ~]# docker pull jenkins/jenkins:latest
Trying to pull repository docker.io/jenkins/jenkins ...
latest: Pulling from docker.io/jenkins/jenkins
e4d61adff207: Pull complete
eacef06daf30: Pull complete
ca581b0141a3: Pull complete
d872c65909bb: Pull complete
bcce550e05a9: Pull complete
3461f061a833: Pull complete
3b6f8a58a68d: Pull complete
6d47f55855ba: Pull complete
baa80a92c8e4: Pull complete
39889d888af7: Pull complete
18b5e0e36b4c: Pull complete
a53e22d026ad: Pull complete
a281963da5b5: Pull complete
2366689c95a7: Pull complete
27cbe8a0f233: Pull complete
fffccee1c284: Pull complete
a6afec98241f: Pull complete
Digest: sha256:a5215b81a7f6e111ed6625b342521145e24c232891615be29ce3a251a631feac
Status: Downloaded newer image for docker.io/jenkins/jenkins:latest
[root@VM-0-15-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/sonarqube latest f4599081097a 11 hours ago 520 MB
docker.io/postgres latest 5cd1494671e9 13 hours ago 376 MB
docker.io/jenkins/jenkins latest f7d565ddb272 2 days ago 460 MB
2、创建工作目录
[root@VM-0-15-centos ~]# mkdir -p /opt/apps/sonarqube/{extensions,logs,data}
[root@VM-0-15-centos ~]# mkdir -p /opt/apps/postgres/{postgresql,data}
[root@VM-0-15-centos ~]# mkdir -p /opt/apps/jenkins_mount/
3、启动容器
#启动postgresql镜像
docker run -d --name postgres -p 5432:5432 \
-v /opt/apps/postgres/postgresql:/var/lib/postgresql \
-v /opt/apps/postgres/data:/var/lib/postgresql/data \
-v /etc/localtime:/etc/localtime:ro \
-e POSTGRES_USER=sonar \
-e POSTGRES_PASSWORD=sonar \
-e POSTGRES_DB=sonar \
-e TZ=Asia/Shanghai \
--restart always \
postgres:latest
#启动sonarqube镜像
docker run -d --name sonarqube -p 6004:9000 \
--link postgres \
-v /opt/apps/sonarqube/extensions:/opt/sonarqube/extensions \
-v /opt/apps/sonarqube/logs:/opt/sonarqube/logs \
-v /opt/apps/sonarqube/data:/opt/sonarqube/data \
-e SONARQUBE_JDBC_URL=jdbc:postgresql://postgres:5432/sonar \
-e SONARQUBE_JDBC_USERNAME=sonar \
-e SONARQUBE_JDBC_PASSWORD=sonar \
--restart always \
--privileged=true \
sonarqube:latest
#sonarqube启动需要修改内核参数
vim /etc/sysctl.conf
# 增加以下配置
vm.max_map_count=262144
fs.file-max=65536
# 使配置生效
sysctl -p
# 启动jenkins镜像
docker run -d -p 10240:8080 -p 10241:50000 \
-v /var/jenkins_mount:/var/jenkins_home \
-v /etc/localtime:/etc/localtime \
-v /usr/local/jdk-11.0.14/:/usr/local/jdk-11.0.14/ \
--name myjenkins \
jenkins/jenkins
三、配置sonar
默认密码admin/admin
点击my account
按图操作,生成token
四、配置jenkins
#jenkin初始化过程略
1、系统管理-插件管理
安装sonar插件
2、系统管理-凭据管理
添加sonar凭据(在sonar上生成的token)
3、系统管理-系统配置
配置sonar
4、系统配置-全局工具配置
配置jdk(可使用自己配置的,也可以在线安装,在线安装需要oracle账号)
配置sonar,选择maven安装,安装最新版即可
五、配置流水线
1、新建流水线
2、选择jdk和配置代码地址
3、增加构建步骤,选择 Execute SonarQube Scanner
参数:
sonar.projectKey=自定义
sonar.projectName=自定义
sonar.projectVersion=1.0
sonar.language=java
sonar.sourceEncoding=UTF-8
sonar.sources=$WORKSPACE
sonar.java.binaries=$WORKSPACE
4、执行流水线
执行成功后可从工程界面跳转到sonar界面,查看代码检查结果
执行成功后可从工程界面跳转到sonar界面,查看代码检查结果