Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding builder for Sonarqube analysis
- Loading branch information
Showing
6 changed files
with
103 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
FROM alpine:latest | ||
|
||
LABEL maintainer "Ram Gopinathan" | ||
|
||
ARG SONARQUBE_SCANNER_CLI_VERSION="3.2.0.1227" | ||
|
||
ENV SONARQUBE_SCANNER_HOME /opt/sonar-scanner-${SONARQUBE_SCANNER_CLI_VERSION}-linux | ||
ENV SONARQUBE_SCANNER_BIN ${SONARQUBE_SCANNER_HOME}/bin | ||
ENV SONAR_SCANNER_CLI_DOWNLOAD_URL "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONARQUBE_SCANNER_CLI_VERSION}-linux.zip" | ||
|
||
RUN apk update \ | ||
&& apk upgrade \ | ||
&& apk add ca-certificates \ | ||
&& update-ca-certificates \ | ||
&& apk add --update openjdk8-jre tzdata curl unzip bash \ | ||
&& rm -rf /var/cache/apk/* \ | ||
&& mkdir -p /tmp/sonar-scanner \ | ||
&& curl -L --silent ${SONAR_SCANNER_CLI_DOWNLOAD_URL} > /tmp/sonar-scanner/sonar-scanner-cli-${SONARQUBE_SCANNER_CLI_VERSION}-linux.zip \ | ||
&& mkdir -p /opt \ | ||
&& unzip /tmp/sonar-scanner/sonar-scanner-cli-${SONARQUBE_SCANNER_CLI_VERSION}-linux.zip -d /opt \ | ||
&& rm -rf /tmp/sonar-scanner | ||
|
||
|
||
ENV PATH $PATH:$SONARQUBE_SCANNER_BIN | ||
RUN echo $PATH | ||
|
||
COPY launch.sh / | ||
|
||
WORKDIR ${SONARQUBE_SCANNER_HOME} | ||
|
||
ENTRYPOINT ["/launch.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# Sonarqube Scanning | ||
This builder allows you to run static code analysis using Sonarqube on your code. | ||
|
||
## Building this builder | ||
Run the command below to build this builder | ||
|
||
``` | ||
gcloud builds submit . --config=cloudbuild.yaml | ||
``` | ||
|
||
## Testing the example | ||
Before you can run the example. Perform following steps | ||
* Login to https://sonarcloud.io with your github account | ||
* Create a token by navigating to Account page then click on security tab | ||
* Next we need to use "Analyze New Project" option to set up project in sonarcloud. > Use setup manually option | ||
* Note down the token you created, project key and the organization name | ||
* Specify those values in the cloudbuild.yaml in examples | ||
|
||
## Running the analysis | ||
To perform the static code analysis on the example go project, run the command below | ||
|
||
``` | ||
gcloud builds submit . --config=cloudbuild.yaml | ||
``` | ||
|
||
This builder should work with other Sonarqune servers. If you decide to use this with a different sonar server rather than the sonarcloud, just specify sonar.host.URL arg along with login and password to authenticate with the sonar server if you are not using token based auth. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
steps: | ||
- name: 'gcr.io/cloud-builders/docker' | ||
args: | ||
- 'build' | ||
- '--build-arg' | ||
- 'SONARQUBE_SCANNER_CLI_VERSION=3.2.0.1227' | ||
- '-t' | ||
- 'gcr.io/$PROJECT_ID/sonar-scanner:latest' | ||
- '-t' | ||
- 'gcr.io/$PROJECT_ID/sonar-scanner:3.2.0.1227' | ||
- '.' | ||
|
||
images: | ||
- 'gcr.io/$PROJECT_ID/sonar-scanner:latest' | ||
- 'gcr.io/$PROJECT_ID/sonar-scanner:3.2.0.1227' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
steps: | ||
- name: 'gcr.io/$PROJECT_ID/sonar-scanner:latest' | ||
args: | ||
- '-Dsonar.host.url=https://sonarcloud.io' | ||
- '-Dsonar.login={specify}' | ||
- '-Dsonar.projectKey={specify}' | ||
- '-Dsonar.organization={specify}' | ||
- '-Dsonar.sources=.' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package main | ||
|
||
import ( | ||
log "github.com/sirupsen/logrus" | ||
) | ||
|
||
func init() { | ||
log.Info("Init: Example go project") | ||
} | ||
func main() { | ||
log.Info("Main: Example go project") | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
echo "START: Running sonar-scanner-cli on `date`" | ||
|
||
sed -i 's/use_embedded_jre=true/use_embedded_jre=false/g' $SONARQUBE_SCANNER_BIN/sonar-scanner | ||
|
||
sonar-scanner $@ | ||
echo "END: Running sonar-scanner-cli on `date`" |