zoukankan      html  css  js  c++  java
  • Jenkins集成openshift容器中进行代码扫描

    1.Dockerfile

     sonarDockerfile: (基础slave镜像参考上篇博文)

    FROM registry.it.com/openshift/jenkins-slave:latest
    
    #tool maven
    ADD apache-maven-3.5.0.tar.gz /usr/local/
    
    #tool sonar
    ADD sonar-scanner.tar.gz /usr/local/

    2.Jenkinsfile

    def label = "mypod-${UUID.randomUUID().toString()}"
    
    //代码扫描
    def SonarScan(projectType,skipSonar,srcDir,serviceName){
        def scanHome = "/usr/local/sonar-scanner"
        if (projectType == 'java'){
            if ("${buildType}" == 'gradle'){
                codepath = 'build/classes'
            } else{
                codepath = 'target/classes'
            }
            try {
                sh """
                    cd ${srcDir} 
                    ${scanHome}/bin/sonar-scanner -Dsonar.projectName=${serviceName} -Dsonar.projectKey=${serviceName}  
                    -Dsonar.sources=src/main -Dsonar.tests=src/test -Dsonar.language=java -Dsonar.sourceEncoding=UTF-8 
                    -Dsonar.java.binaries=${codepath} -Dsonar.java.coveragePlugin=jacoco 
                    -Dsonar.jacoco.reportPath=target/jacoco.exec -Dsonar.junit.reportsPath=target/surefire-reports 
                    -Dsonar.surefire.reportsPath=target/surefire-reports -Dsonar.projectDescription='devopsdevops'
                 """ 
            } catch (e){
                currentBuild.description="代码扫描失败!"
                error '代码扫描失败!'
            }
        }
    }
    
    //docker
    podTemplate(
        label: label,
        cloud: 'kubernetes', 
        containers: [ 
            containerTemplate(
                name: 'jnlp',
                image: 'registry.it.com/openshift/slave-maven-sonar-jdk8u111:latest',
                ttyEnabled: true,
                privileged: false,
                alwaysPullImage: true,
                args: '${computer.jnlpmac} ${computer.name}',
                resourceRequestCpu: '8000m',
                resourceLimitCpu: '8000m',
                resourceRequestMemory: '16Gi',
                resourceLimitMemory: '16Gi',
                envVars: [
                    envVar(key: 'PATH', value: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/apache-maven-3.5.0/bin'),
                    envVar(key: 'CLASS_PATH', value: '/docker-java-home/jre/lib/rt.jar:/docker-java-home/jre/lib/dt.jar:/docker-java-home/jre/lib/tools.jar')]
            )
        ],
        volumes: [persistentVolumeClaim(mountPath: '/etc/data/', claimName: 'jenkins')],
        //idleMinutes: '60',
        //activeDeadlineSeconds: '60',
        slaveConnectTimeout: '60'
        ){
            node(label) {
                ws("${workspace}"){
                    stage('GetCode'){
                        .......
                    }
                    
                    stage('Build'){
     
                       .......
                    }
              
                    stage('CodeScan'){
                        SonarScan('java',skipSonar,srcDir,serviceName)
                    }
                    
                }
            }
    }  
  • 相关阅读:
    linux中编译C语言程序
    plsql 基础教程(二)
    plsql 基础教程(一)
    plsql开发笔记和小结
    表的约束
    一道面试题:说说进程和线程的区别
    HashTable实现原理
    HashMap、Hashtable、HashSet三种hash集合的区别
    Eclipse快捷键大全
    Statement、 PreparedStatement 、CallableStatement 区别和联系
  • 原文地址:https://www.cnblogs.com/mascot1/p/10191848.html
Copyright © 2011-2022 走看看