Get best of the week

Showing developers the status of quality control of source code in SonarQube

SonarQube is an open platform for continuous quality control of source code, supporting a large number of programming languages ​​and allowing you to receive reports on metrics such as code duplication, compliance with coding standards, test coverage, code complexity, potential errors, etc. SonarQube conveniently visualizes the results of the analysis and allows you to track the dynamics of the project over time.


Task: Show developers the status of source code quality control in SonarQube.


There are two solutions:


  • Run a script to check the status of the source code quality control in SonarQube. If the quality control of the source code in SonarQube fails, then the assembly fails.
  • Show the quality control status of the source code on the main page of the project.

Install SonarQube


To install sonarqube from rpm packages, we will use the https://harbottle.gitlab.io/harbottle-main repository .


Install the repository package for CentOS 7.


yum install -y https://harbottle.gitlab.io/harbottle-main/7/x86_64/harbottle-main-release.rpm

Install sonarqube itself.


yum install -y sonarqube

Most plugins will be installed during installation, but findbugs and pmd need to be installed


yum install -y sonarqube-findbugs sonarqube-pmd

We start the service and add it to autoload


systemctl start sonarqube
systemctl enable sonarqube

If it takes a long time to load, add the random number generator /dev/./urandom to the end of the sonar.web.javaOpts options


sonar.web.javaOpts=  -Djava.security.egd=file:/dev/urandom

Running a script to check the status of source code quality control in SonarQube.


, sonar-break-maven-plugin . .


https://github.com/uweplonus/spotbugs-examples.


Gitlab. .gitlab-ci.yml:


variables:
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
  SONAR_HOST_URL: "http://172.26.9.226:9000"
  LOGIN: "admin" #  sonarqube
  PASSWORD: "admin" #  sonarqube

cache:
  paths:
    - .m2/repository

build:
  image: maven:3.3.9-jdk-8
  stage: build
  script:
    - apt install -y jq || true
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
    - export URL=$(cat target/sonar/report-task.txt | grep ceTaskUrl | cut -c11- ) #URL where report gets stored
    - echo $URL
    - |
      while : ;do
          curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
          export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED, IN_PROGRESS or FAILED
          echo $status
          if [ ${status} == "SUCCESS" ];then
            echo "SONAR ANALYSIS SUCCESS";
            break
          fi
          sleep 5
      done
    - curl -k -u "$LOGIN":"$PASSWORD" "$URL" -o analysis.txt
    - export status=$(cat analysis.txt | jq -r '.task.status') #Status as SUCCESS, CANCELED or FAILED
    - export analysisId=$(cat analysis.txt | jq -r '.task.analysisId') #Get the analysis Id
    - |
      if [ "$status" == "SUCCESS" ]; then
        echo -e "SONAR ANALYSIS SUCCESSFUL...ANALYSING RESULTS";
        curl -k -u "$LOGIN":"$PASSWORD" "$SONAR_HOST_URL/api/qualitygates/project_status?analysisId=$analysisId" -o result.txt; #Analysis result like critical, major and minor issues
        export result=$(cat result.txt | jq -r '.projectStatus.status');

        if [ "$result" == "ERROR" ];then
          echo -e "91mSONAR RESULTS FAILED";
          echo "$(cat result.txt | jq -r '.projectStatus.conditions')"; #prints the critical, major and minor violations
          exit 1 #breaks the build for violations
        else
          echo -e "SONAR RESULTS SUCCESSFUL";
          echo "$(cat result.txt | jq -r '.projectStatus.conditions')";
          exit 0
        fi
      else
          echo -e "\e[91mSONAR ANALYSIS FAILED\e[0m";
          exit 1 #breaks the build for failure in Step2
      fi
  tags:
    - docker

.gitlab-ci.yml . sonarqube : "SUCCESS". . , .gitlab-ci.yml .



SonarQube


yum install -y sonarqube-qualinsight-badges

SonarQube http://172.26.9.115:9000/
, "badges".
SonarQube.



"My account", , "read_all_repository" "Genereate".



. 1 .


.


Configuration -> SVG Badges



"Activity badge token" save.



Administration -> Security -> Permission Templates -> Default template ( , ).


badges "Browse".


.


https://github.com/jitpack/maven-simple.


.


.gitlab-ci.yml .


variables:
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=~/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
  SONAR_HOST_URL: "http://172.26.9.115:9000"
  LOGIN: "admin" #  sonarqube
  PASSWORD: "admin" #  sonarqube

cache:
  paths:
    - .m2/repository

build:
  image: maven:3.3.9-jdk-8
  stage: build
  script:
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.failure.ignore=true org.jacoco:jacoco-maven-plugin:0.8.5:prepare-agent clean verify org.jacoco:jacoco-maven-plugin:0.8.5:report
    - mvn $MAVEN_CLI_OPTS -Dmaven.test.skip=true verify sonar:sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$LOGIN -Dsonar.password=$PASSWORD -Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
  tags:
    - docker

SonarQube :



bages README.md e :



The badges display code looks like this:



Parsing the display string of badges:


[![Quality Gate](http://172.26.9.115:9000/api/badges/gate?key=com.github.jitpack:maven-simple)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![](http://172.26.9.115:9000/api/badges/gate?key=Project Key)](http://172.26.9.115:9000/dashboard?id=id-)
[![Coverage](http://172.26.9.115:9000/api/badges/measure?key=com.github.jitpack:maven-simple&metric=coverage)](http://172.26.9.115:9000/dashboard?id=com.github.jitpack%3Amaven-simple)
[![ ](http://172.26.9.115:9000/api/badges/measure?key=Project Key&metric=)](http://172.26.9.115:9000/dashboard?id=id-)

Where to get / check Project Key and project id.


The Project Key is located in the lower right. The URL contains the project id.



Options for getting metrics can be found here .


All pull request for improvement, bug fixes send to this repository .


Telegram chat about SonarQube https://t.me/sonarqube_ru
Telegram chat about DevSecOps - safe DevOps https://t.me/sec_devops

Source: https://habr.com/ru/post/undefined/

More articles:


All Articles