一、创建质量配置及关联项目
1.新建一个java代码质量配置
2.为配置添加规则
确认有4条规则了
为项目更换扫描配置
二、创建质量阈关联项目
1.创建质量阈
2.管理项目
3.添加指标
三、SonarSQube集成到pipeline
1.创建API访问凭证
2.创建sharelibrary
//封装HTTP def HttpReq(reqType,reqUrl,reqBody){ def sonarServer = "http://192.168.1.134:9000/api" result = httpRequest authentication: 'sonar-admin', httpMode: reqType, contentType: "APPLICATION_JSON", consoleLogResponseBody: true, ignoreSslErrors: true, requestBody: reqBody, url: "${sonarServer}/${reqUrl}" //quiet: true return result } //获取Sonar质量阈状态 def GetProjectStatus(projectName){ // http://192.168.1.134:9000/api/project_branches/list?project=demo-maven-service // {"branches":[{"name":"main","isMain":true,"type":"BRANCH","status":{"qualityGateStatus":"OK"},"analysisDate":"2023-03-15T21:54:57+0800","excludedFromPurge":true}]} apiUrl = "project_branches/list?project=${projectName}" response = HttpReq("GET",apiUrl,'') response = readJSON text: """${response.content}""" result = response["branches"][0]["status"]["qualityGateStatus"] //println(response) return result }
3.修改jenkinsfile,新增以下内容
def sonarapi = new org.devops.sonarapi() sleep 3 tools.PrintMes("获取扫描结果","green") result = sonarapi.GetProjectStatus("${JOB_NAME}") println(result) if (result.toString() == "ERROR"){ toemail.Email("代码质量阈错误!请及时修复!",userEmail) error " 代码质量阈错误!请及时修复!" } else { println(result) }
4.安装插件
5.验证
参考文档:
https://docs.sonarqube.org/latest/analyzing-source-code/analysis-parameters/
https://docs.sonarqube.org/latest/analyzing-source-code/languages/java/
