sonarqube代码质量检测k8s环境部署
1. postgres
1.1 postgres-pvc.yaml
cat postgres-pvc.yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: jenkins
name: postgres-data
spec:
accessModes:
- ReadWriteMany
storageClassName: "managed-nfs-storage"
resources:
requests:
storage: 5Gi1.2 sonar-pgsql.yaml
cat sonar-pgsql.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: jenkins
name: postgres-sonar
labels:
app: postgres-sonar
spec:
replicas: 1
selector:
matchLabels:
app: postgres-sonar
template:
metadata:
labels:
app: postgres-sonar
spec:
containers:
- name: postgres-sonar
image: 192.168.64.33:5000/jenkins/postgres:14.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 5432
env:
- name: POSTGRES_DB
value: "sonarDB"
- name: POSTGRES_USER
value: "sonar"
- name: POSTGRES_PASSWORD
value: "sonar"
resources:
limits:
cpu: 1000m
memory: 2048Mi
requests:
cpu: 500m
memory: 1024Mi
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
volumes:
- name: data
persistentVolumeClaim:
claimName: postgres-data
---
apiVersion: v1
kind: Service
metadata:
namespace: jenkins
name: postgres-sonar
labels:
app: postgres-sonar
spec:
clusterIP: None
ports:
- port: 5432
protocol: TCP
targetPort: 5432
selector:
app: postgres-sonar2. sonar
2.1 sonar-pvc.yaml
cat sonar-pvc.yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: jenkins
name: sonarqube-data
spec:
accessModes:
- ReadWriteMany
storageClassName: "managed-nfs-storage"
resources:
requests:
storage: 10Gi2.2 sonar-deploy.yaml
cat sonar-deploy.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: sonar-config
namespace: jenkins
labels:
app: sonar
data:
sonar.properties: |
sonar.jdbc.url=jdbc:postgresql://postgres-sonar:5432/sonarDB
sonar.jdbc.username=sonar
sonar.jdbc.password=sonar
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: jenkins
name: sonarqube
labels:
app: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
template:
metadata:
labels:
app: sonarqube
spec:
initContainers:
- name: init-sysctl
image: 192.168.129.33:5000/k8s/busybox
imagePullPolicy: IfNotPresent
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
containers:
- name: sonarqube
image: 192.168.64.33:5000/jenkins/sonarqube:lts-community
ports:
- containerPort: 9000
#env:
#- name: SONARQUBE_JDBC_USERNAME
# value: "sonar"
#- name: SONARQUBE_JDBC_PASSWORD
# value: "sonar"
#- name: SONARQUBE_JDBC_URL
# value: "jdbc:postgresql://postgres-sonar:5432/sonarDB"
#envFrom:
#- configMapRef:
# name: sonar-config
livenessProbe:
httpGet:
path: /sessions/new
port: 9000
initialDelaySeconds: 60
periodSeconds: 30
readinessProbe:
httpGet:
path: /sessions/new
port: 9000
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 6
resources:
limits:
cpu: 2000m
memory: 2048Mi
requests:
cpu: 1000m
memory: 1024Mi
volumeMounts:
- mountPath: /opt/sonarqube/conf
name: config-volume
- mountPath: /opt/sonarqube/data
name: data
subPath: data
- mountPath: /opt/sonarqube/extensions
name: data
subPath: extensions
volumes:
- name: config-volume
configMap:
name: sonar-config
- name: data
persistentVolumeClaim:
claimName: sonarqube-data
---
apiVersion: v1
kind: Service
metadata:
namespace: jenkins
name: sonarqube
labels:
app: sonarqube
spec:
type: NodePort
ports:
- name: sonarqube
port: 9000
targetPort: 9000
nodePort: 32107
protocol: TCP
selector:
app: sonarqube3. 使用
Sonar Qube基本使用
Sonar Qube的使用方式很多,Maven可以整合,也可以采用sonar-scanner的方式,再查看Sonar Qube的检测效果3.1 Maven实现代码检测
# 修改Maven的settings.xml文件配置Sonar Qube信息
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<sonar.login>admin</sonar.login>
<sonar.password>123456789</sonar.password>
<sonar.host.url>http://192.168.64.11:9000</sonar.host.url>
</properties>
</profile>
<activeProfiles>
<activeProfile>sonar</activeProfile>
</activeProfiles>
# 在代码位置执行命令:mvn sonar:sonar3.2 Sonar-scanner实现代码检测
# 下载Sonar-scanner:https://binaries.sonarsource.com/?prefix=Distribution/sonar-scanner-cli/
# 下载4.6.x版本即可,要求Linux版本
https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
#解压压缩包
unzip sonar-scanner-cli-5.0.1.3006-linux.zip
配置sonarQube服务端地址,修改conf下的sonar-scanner.properties
cat conf/sonar-scanner.properties
#----- Default SonarQube server
sonar.host.url=http://192.168.64.11:9000
#----- Default source code encoding
sonar.sourceEncoding=UTF-8
# 执行命令检测代码
# 在项目所在目录执行以下命令
~/sonar-scanner/bin/sonar-scanner -Dsonar.sources=./ -Dsonar.projectname=demo -Dsonar.projectKey=java -Dsonar.java.binaries=target/
# jenkins 质量检测 需要安装插件(SonarQube Scanner) (-Dsonar.login在sonar页面-->A-->Security-->Tokens-->输入名称生成)
sh '/usr/local/sonar-scanner/bin/sonar-scanner -Dsonar.source=./ -Dsonar.projectname=${project_name} -Dsonar.projectKey=${project_name} -Dsonar.java.binaries=./target/ -Dsonar.login=sqa_84895325ade0ae399b8295bb304f6ba4255357ce'本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 悩姜!
