创建CICD环境docker gitlab sonarbe
gitlab CI装配线配置文件.gitlab-ci.yml详解
软件环境: windows11 Docker version 20.10.11, build dea9396(docker destop) 安装gitlab gitlab-runner:
docker-compose -f .\docker-compose-gitlab-runner.yml up -d
文件docker-compose-gitlab-runner.yml内容如下:
version: '3' services: gitlab: image: 'twang2218/gitlab-ce-zh:11.1.4' restart: unless-stopped hostname: '192.168.3.53' container_name: 'gitlab' environment: # 设置时区 TZ: 'Asia/Shanghai' GITLAB_OMNIBUS_CONFIG: | external_url 'http://192.168.3.53' gitlab_rails['time_zone'] = 'Asia/Shanghai' ports: - '80:80' - '443:443' - '8922:22' volumes: - /d/ubuntu/gitlab/config:/etc/gitlab - /d/ubuntu/gitlab/data:/var/opt/gitlab - /d/ubuntu/gitlab/logs:/var/log/gitlab gitlab-runner: image: 'gitlab/gitlab-runner:latest' restart: unless-stopped container_name: 'gitlab-runner' depends_on: - gitlab privileged: true volumes: - /d/ubuntu/config:/etc/gitlab-runner - /d/ubuntu/docker.sock:/var/run/docker.sock
安装postgresql sonarbe:
docker-compose -f .\docker-compose-gitlab-sonarqube.yml up -d
文件docker-compose-gitlab-sonarqube.yml内容如下:
version: '2.1' services: # 使用 PostgreSQL 作为 SonarQube 持久计划 # 注:由于 SonarQube 7.9 后续版本不支持 MySQL,因此 MySQL 不作为考虑对象
postgres
:
image
: postgres
:
12
container_name
: sonarqube_postgres
privileged
:
true
ports
:
-
"5432:5432"
networks
:
- sonarnet
restart
: always
# 将 PostgreSQL 数据文件存放至宿主机
volumes
:
- /d/ubuntu/sonarqube/postgres
:/var/lib/postgresql/data
environment
:
POSTGRES_DB
: sonar
POSTGRES_USER
: sonar
POSTGRES_PASSWORD
: sonar
sonarqube
:
image
: sonarqube
:
6.7
container_name
: sonarqube
privileged
:
true
ports
:
-
"9000:9000"
restart
: always
networks
:
- sonarnet
depends_on
:
- postgres
# 将 SonarQube 日志文件、数据文件、配置文件、扩展插件存放至宿主机
volumes
:
- /d/ubuntu/sonarqube/data
:/opt/sonarqube/data
- /d/ubuntu/sonarqube/extensions
:/opt/sonarqube/extensions
- /d/ubuntu/sonarqube/logs
:/opt/sonarqube/logs
- /d/ubuntu/sonarqube/conf
:/opt/sonarqube/conf
# 配置 SonarQube 的数据源,本例为 PostgreSQL
environment
:
SONARQUBE_JDBC_USERNAME
: sonar
SONARQUBE_JDBC_PASSWORD
: sonar
SONARQUBE_JDBC_URL
: jdbc
:postgresql
://postgres
:5432/sonar
?useUnicode=true
&characterEncoding=utf8
# 由于 SonarQube 内部会启动 ElasticSearch,因此需要此配置
ulimits
:
nproc
:
65535
nofile
:
soft
:
65536
hard
:
65536
networks
:
sonarnet
:
driver
: bridge
注册gitlab-runner 其中
gitlab-runner register
Runtime platform arch=amd64 os=linux pid=36 revision=5316d4ac version=14.6.0
Running in system-mode.
Enter the GitLab instance URL (for example, https://gitlab.com/):
http://192.168.3.53/
Enter the registration token: # gitlab-->root登录-->项目里的设置--CICD--Runner--专用Runner--在安装过程中使用以下注册令牌
BywqZQGr1_bw9G-vC2Ys
Enter a description for the runner:
[7c930c703f0e]: test
Enter tags for the runner (comma-separated):
CQTrunner
Registering runner... succeeded runner=X8VjtNjV
Enter an executor: custom, docker, parallels, ssh, docker+machine, kubernetes, docker-ssh, shell, virtualbox, docker-ssh+machine:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
创建sonarbe项目: 创建一个令牌
在windows上部署sonar-scanner: 下载sonar-scanner 添加%PATH%环境 执行检测:
sonar-scanner.bat '-Dsonar.projectKey=sonarqube' '-Dsonar.sources=.' '-Dsonar.host.url=http://192.168.3.53:9000' '-Dsonar.login=f442dc936fc9a19d446a2e740b9cd9d0a47658a5'
登录gitlab-runner的docker微服务:
apt update
cd
wget
apt install wget
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.7.0.2747-linux.zip
ls
apt install unzip
unzip sonar-scanner-cli-4.7.0.2747-linux.zip
ls
mv sonar-scanner-4.7.0.2747-linux sonar-scanner
cd sonar-scanner
cd bin/
vim -v
apt install vim
vim /etc/profile
pwd
vim /etc/profile
source /etc/profile
在文件/etc/profile中添加的内容如下:
export M2_HOME=/root/sonar-scanner
export PATH=$PATH:$M2_HOME/bin
在开发的项目里的根目录创建.gitlab-ci.yml文件,内容如下:
stages:
- build
sonar: #这就是一个job名
stage: build #这个job属于build这个stage
tags:
- CQTrunner #这里引用到的就是上文gitlab runner register时配置的tags属性名
script: #触发CI后执行的具体脚本
- echo "运行 sonar-scanner 检测."
- sonar-scanner -Dsonar.projectKey=sonarqube -Dsonar.sources=. -Dsonar.host.url=http://192.168.3.53:9000 -Dsonar.login=f442dc936fc9a19d446a2e740b9cd9d0a47658a5 -Dsonar.java.binaries=.
- echo "检测完成"
only: #触发条件,这里的配置只有当issue1分支push操作时会触发这个job
- master