引导 您好,本章主要我们主要学习与质量管理平台Sonarqube集成。主要包含以下内容:1. 使用sonarqube接口 2. 配置多分支扫描 适合人群: 所有对DevOps感兴趣的同学。
1. 使用SonarQube接口
为什么要使用接口? 不知道大家有没有在使用SonarQube进行扫描的时候遇到这种问题: 当存在多个质量阈的时候,默认是给新项目配置默认的质量阈。也就是第一次扫描的项目直接使用的是默认的质量阈,而不是自己定义的质量阈。这种场景下就需要扫描前先指定质量阈再进行扫描了!
调研接口
可参考官方的文档,找到自己要操作的接口及使用方法。
代码语言:javascript复制//查找项目
api/projects/search?projects=${projectName}"
//创建项目
api/projects/create?name=${projectName}&project=${projectName}"
//更新语言规则集
api/qualityprofiles/add_project?language=${language}&qualityProfile=${qualityProfile}&project=${projectName}"
//项目授权
api/permissions/apply_template?projectKey=${projectKey}&templateName=${templateName}"
//更新质量阈
api/qualitygates/select?projectKey=${projectKey}&gateId=${gateId}"
共享库封装
代码语言:javascript复制package org.devops
//封装HTTP
def HttpReq(reqType,reqUrl,reqBody){
def sonarServer = "http://192.168.1.200:30090/api"
result = httpRequest authentication: 'sonar-admin-user',
httpMode: reqType,
contentType: "APPLICATION_JSON",
consoleLogResponseBody: true,
ignoreSslErrors: true,
requestBody: reqBody,
url: "${sonarServer}/${reqUrl}"
//quiet: true
return result
}
//获取Sonar质量阈状态
def GetProjectStatus(projectName){
apiUrl = "project_branches/list?project=${projectName}"
response = HttpReq("GET",apiUrl,'')
response = readJSON text: """${response.content}"""
result = response["branches"][0]["status"]["qualityGateStatus"]
//println(response)
return result
}
//搜索Sonar项目
def SerarchProject(projectName){
apiUrl = "projects/search?projects=${projectName}"
response = HttpReq("GET",apiUrl,'')
response = readJSON text: """${response.content}"""
result = response["paging"]["total"]
if(result.toString() == "0"){
return "false"
} else {
return "true"
}
}
//创建Sonar项目
def CreateProject(projectName){
apiUrl = "projects/create?name=${projectName}&project=${projectName}"
response = HttpReq("POST",apiUrl,'')
println(response)
}
//配置项目质量规则
def ConfigQualityProfiles(projectName,lang,qpname){
apiUrl = "qualityprofiles/add_project?language=${lang}&project=${projectName}&qualityProfile=${qpname}"
response = HttpReq("POST",apiUrl,'')
println(response)
}
//获取质量阈ID
def GetQualtyGateId(gateName){
apiUrl= "qualitygates/show?name=${gateName}"
response = HttpReq("GET",apiUrl,'')
response = readJSON text: """${response.content}"""
result = response["id"]
return result
}
//配置项目质量阈
def ConfigQualityGates(projectName,gateName){
gateId = GetQualtyGateId(gateName)
apiUrl = "qualitygates/select?gateId=${gateId}&projectKey=${projectName}"
response = HttpReq("POST",apiUrl,'')
println(response)println(response)
}
应用实践
代码语言:javascript复制stage("QA"){
steps {
script{
//搜索项目
result = sonarapi.SerarchProject("${JOB_NAME}")
println(result)
//判断项目是否存在
if (result == "false"){
println("${JOB_NAME}---项目不存在,准备创建项目---> ${JOB_NAME}!")
sonarapi.CreateProject("${JOB_NAME}")
} else {
println("${JOB_NAME}---项目已存在!")
}
//配置项目质量规则
qpName="${JOB_NAME}".split("-")[0] //Sonar way
sonarapi.ConfigQualityProfiles("${JOB_NAME}","java",qpName)
//配置质量阈
sonarapi.ConfigQualityGates("${JOB_NAME}",qpName)
//代码扫描
sonar.SonarScan("test","${JOB_NAME}","${JOB_NAME}","src")
sleep 30
//获取扫描结果
result = sonarapi.GetProjectStatus("${JOB_NAME}")
println(result)
if (result.toString() == "ERROR"){
error " 代码质量阈错误!请及时修复!"
} else {
println(result)
}
}
}
}
2. SonarQube配置多分支
将插件放到两个目录中,然后重启sonar
扫描参数增加 –Dsonar.branch.name=
效果