docker-compose部署sonarqube开源代码审计和分析平台
mkdir -p /docker/sonar/postgres/postgresql mkdir -p /docker/sonar/postgres/data mkdir -p /docker/sonar/sonarqube chmod 777 -R /docker/sonar/sonarqube echo "vm.max_map_count=262144" > /etc/sysctl.conf sysctl -p
version: '3' services: postgres: image: postgres:latest container_name: postgres restart: always privileged: true volumes: - /docker/sonar/postgres/postgresql:/var/lib/postgresql - /docker/sonar/postgres/data:/var/lib/postgresql/data - /etc/localtime:/etc/localtime:ro ports: - "5432:5432" environment: POSTGRES_USER: sonar POSTGRES_PASSWORD: sonar POSTGRES_DB: sonar TZ: Asia/Shanghai sonar: image: sonarqube:8.9.10-community container_name: sonar restart: always privileged: true volumes: - /docker/sonar/sonarqube/logs:/opt/sonarqube/logs - /docker/sonar/sonarqube/conf:/opt/sonarqube/conf - /docker/sonar/sonarqube/data:/opt/sonarqube/data - /docker/sonar/sonarqube/extensions:/opt/sonarqube/extensions ports: - "9090:9000" links: - "postgres:postgres" environment: ALLOW_EMPTY_PASSWORD: "yes" SONARQUBE_JDBC_USERNAME: sonar SONARQUBE_JDBC_PASSWORD: sonar SONARQUBE_JDBC_URL: "jdbc:postgresql://postgres:5432/sonar"
默认账号密码:admin,admin
集成方式:
一、集成到mvn
1.1、在pom.xml文件中添加配置信息
<properties>
<sonar.host.url>http://192.168.2.216:9000/</sonar.host.url>
<sonar.login>19d86573857e7256302e2ea464a80da35acf7157</sonar.login>
</properties>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>
</plugin>
</plugins>
</pluginManagement>
</build>
运行mvn打包指令
mvn sonar:sonar
二、集成jenkins
2.1、先安装Sonar-scanner实现代码检测
-
下载Sonar-scanner:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-linux.zip
- 解压Sonar-scanner
- 配置Sonar-scanner到linux环境变量中
- 修改配置信息conf/sonar-scanner.properties并以文本编辑器打开
2.2、jenkins添加配置
2.3、item添加配置
学习文档
(5条消息) Jenkins集成Sonar Qube_jenkins sonarqube_南宫乘风的博客-CSDN博客
使用sonar-maven-plugin插件执行sonar扫描(一) - 简书 (jianshu.com)
(5条消息) Jenkins+sonarqube+sonarscanner实现代码自动化扫描_jenkins sonar 扫描报告_大鸟安全的博客-CSDN博客
(4条消息) 使用SonarQube实现自动化代码扫描_sonarqube代码扫描_Bypass--的博客-CSDN博客
