SonarQube

插件开发视频：https://www.bilibili.com/video/av55426820/

安装视频：http://www.iqiyi.com/w_19s1zq55gt.html

配置视频：http://www.iqiyi.com/w_19s1qruel9.html

sonartest脚本

#!/bin/bash
#sudo ${MAVENHOME}/bin/mvn -f pom.xml -s ${MAVENHOME}/tmp/settings.xml  -gs ${MAVENHOME}/tmp/settings.xml clean verify -Dmaven.test.skip=true sonar:sonar -Dsonar.host.url=${SONAR_HOST_URL} |grep "ANALYSIS SUCCESSFUL"
#后端测试项目，build_type 有2个类型：maven和npm
if [ "maven" == $BUILD_TYPE ];then
#mvn 用指定setting.xml 执行指定pom.xml
#mvn clean 清除目标目录中的生成结果（target）  -Dmaven.test.skip=true：跳过测试类
#mvn verify               运行任何检查，验证包是否有效且达到质量标准。
    ${MAVENHOME}/bin/mvn -f pom.xml -s ${MAVENHOME}/tmp/settings.xml clean verify -Dmaven.test.skip=true >/dev/null

#    http://www.pianshen.com/article/1971488113/
#https://www.cnblogs.com/BruceDu/p/9024918.html
    ${SONAR_SCA}/sonar-scanner -Dsonar.projectKey=${PROJECTNAME} -Dsonar.sources=./src/main/ -Dsonar.java.binaries=./target/classes/ ${SONAR_ARGS} |grep "ANALYSIS SUCCESSFUL"
elif [ "npm" == $BUILD_TYPE ];then
    ${SONAR_SCA}/sonar-scanner -Dsonar.projectKey=${PROJECTNAME} -Dsonar.sources=./src/ ${SONAR_ARGS} |grep "ANALYSIS SUCCESSFUL"
else
  echo "do gradle"
fi

流水线执行过程：
def sonarTest() {    if ("${SONAR_SERVER}") {        def sonarTestSh = libraryResource encoding: 'yss', resource: sonartest
        echo "SONAR_SERVER:${SONAR_SERVER}"
        withSonarQubeEnv("${SONAR_SERVER}") {//这个名字要与Jenkins配置的sonar插件一致
            withCredentials([usernamePassword(credentialsId: "${SONAR_CRED}", passwordVariable: 'SONAR_PD', usernameVariable: 'SONAR_USER')]) {
                env.SONAR_USER = "${SONAR_USER}"
                env.SONAR_PD = "${SONAR_PD}"
            }
            env.SONAR_ARGS = " -Dsonar.host.url=${SONAR_HOST_URL}  -Dsonar.login=${SONAR_USER} -Dsonar.password=${SONAR_PD} -Dsonar.verbose=true -Dsonar.log.level=DEBUG"
            dir("${WORKSPACE}/${JOB_BASE_NAME}") {
                sh(script: "${sonarTestSh}", label: '执行源码静态检测')
            }
        }
        timeout(10) {
            //利用sonar webhook功能通知pipeline代码检测结果，未通过质量阈，pipeline将会fail
            def qg = waitForQualityGate()
            if (qg.status != 'OK') {
                msgSonar = "未通过Sonarqube的代码质量阈检查，请及时修改！failure: ${qg.status}"
                mailMsg(msgSonar, "${MAILTO}", true, $ { WEIXINTO }, $ { DINGTALK_TO })
            }
        }
    } else {
        echo "未配置Jenkins的Sonar，无法进行源代码静态分析"
    }
}

posted on 2020-01-19 16:49 温暖的阳光阅读(290) 评论(0) 编辑收藏举报