Jekins与sonarqube集成
1.sonarqube质量管理
http://www.idevops.site/jenkins/pipelineintegrated/chapter04/
https://www.codenong.com/cs87706871/
2.实现多分支管理
https://www.cnblogs.com/daodaotest/p/13164513.html
https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/tag/1.5.0
3.sonar-project配置的常用说明
https://blog.csdn.net/baidu_36943075/article/details/90634108
https://docs.sonarqube.org/latest/analysis/analysis-parameters/
4.sonarqube安装到应用
https://kubesphere.com.cn/docs/devops-user-guide/how-to-integrate/sonarqube/
5.sonarqube权限配置
https://www.cnblogs.com/anliven/p/11992868.html
https://blog.csdn.net/gaoxiang2005/article/details/53206027
6.jekins sonar插件下载
https://updates.jenkins.io/download/plugins/sonar/
7.golangci-lint检测目录下所有的文件
go-lint-xml:
golangci-lint run ./... -v --out-format=checkstyle > lint.xml //写到makefile中执行
golangci-lint run ./...
golangci-lint run --issues-exit-code 1 // 代码扫描
golangci-lint run ./... --skip-dirs ^test$ //跳过test目录扫描
https://golangci-lint.run/usage/quick-start/
8.sonarqube+jenkins-pipeline配置
stage('SonarQube analysis') {
when {
environment name:'Is_Execute_SonarQube',value:'true'
}
steps {
script {
scannerHome = tool 'SonarQube Scanner'
}
withSonarQubeEnv('SonarQube') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
// No need to occupy a node
stage("Quality Gate"){
when {
environment name:'Is_Execute_SonarQube',value:'true'
}
steps {
//最多等待1min,如果扫描没通过,超时失败
script {
timeout(time: 3, unit: 'MINUTES') {
sleep(5)
def qg = waitForQualityGate('SonarQube')
if (qg.status != 'OK') {
sh """
// 推送钉钉或者企微消息
"""
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
}
}
9.跳过golang-ci扫描
1.行内注释,跳过检测
var bad_name int //nolint
2.指定跳过某个监测
var bad_name int //nolint:golint,unused
3.跳过代码块
//nolint
func allIssuesInThisFunctionAreExcluded() *string {
// ...
}
4.跳过某个文件
//nolint:unparam
package pkg
//nolint: varcheck
package testdata
10.增加sonar-scanner扫码属性文件配置,在根目录下,新增sonar-project.properties文件
sonar.projectKey=my:key //扫描的项目唯一标识,自行更改
sonar.projectName=project_name //项目名称,自行更改
sonar.projectVersion=1.0
sonar.sources=.
sonar.exclusions=**/*_test.go,**/vendor/** // 需要跳过的目录,如测试目录
sonar.branch.name=dev // 需要扫描的分支
11.sonar-scanner本地扫描
(1.)下载sonar-scanner
下载地址:https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
(2.)安装java环境
sudo apt-get install openjdk-8-jdk
(3.)生成规则报告
golangci-lint run --out-format checkstyle > lint.xml
(4.)sonar-project.properties配置
sonar.projectKey=xxx
sonar.projectName=xxx
sonar.projectVersion=1.0
sonar.sources=.
sonar.exclusions=**/*_test.go,**/vendor/**
sonar.branch.name=feature-sonarqube
sonar.login=abcdefg
sonar.host.url=http://127.0.0.1:9000
#golangci-lint run --out-format checkstyle > report.xml //这里名称根据服务端配置来
sonar.go.golangci-lint.reportPaths=report.xml
#sonar.go.coverage.reportPaths=report/coverage.out #go的覆盖率报告文件位置
#sonar.go.tests.reportPaths=report/test.json #go的单元测试报告文件位置
#sonar.go.govet.reportPaths=report/govet-report.out #go的源码中静态错误报告文件位置
#sonar.go.gometalinter.reportPaths=report/gometalinter-report.out #go的gometalinter代码规范报告文件位置
#sonar.go.golint.reportPaths=report/golint-report.out #go的golint代码规范报告文件位置
sonarqube 本地扫描推送
sonar-scanner -Dsonar.projectKey=xxx -Dsonar.host.url=http://127.0.0.1:1765 -Dsonar.login=xxx -Dsonar.branch.name=dev -Dsonar.inclusions=**/*.go -Dsonar.go.coverage.reportPaths=coverage.out -Dsonar.go.tests.reportPaths=report.json -Dsonar.exclusions=**/*_test.go,proto/*,mocks/*,conf/*
相关文档:
https://golangci-lint.run/usage/false-positives/
https://github.com/golangci/golangci-lint/tree/master/pkg/result/processors/testdata