Mục lục
Sonar quality gate code
Sonarqube have feature quality code gate, but it’s not work for Community Edition. So, this plugin will be intergate to CI/CD, get quality code and push report to merge request when has change.
quality-gate is a command line interface for quality code gate.
- Analytics code: Use command
sonar-scannerto analytic code, report and push issues to sonar servers. - Push issue to code changes of merge request
- Generate report quality code of new code, and create note for merge request.
For Github and Gitlab
Result:
Getting Started
$ npm install -g sonar-quality-gate#
Show help $ quality-gate --help
Result:
__ _ _ _ __ _|
|
(_)|
|
_ _ _ __ _ __ _|
|
_ ___ / _`
|
|
|
|
|
/ _`
|
|
|
|
|
|
__|
|
|
|
|
_____ / _`
|
/ _`
|
|
__|
/ _ \|
(_|
|
|
|
_|
|
|
(_|
|
|
|
|
|
|
|
_|
|
_|
|
|
_____|
|
(_|
|
|
(_|
|
|
|
_|
__/\_
_,|
\_
_,_|
\_
_,_|
|
_|
|
_|
\_
_|
\_
_,|
\_
_,|
\_
_,_|
\_
_|
\_
__|
|
_|
|
___/|
___/ Usage: quality-gate [options] Global Options: -h, --help [boolean] -D, --define Define sonar property Authentication: sonar.login The authentication token or login of a SonarQube user with Execute Analysis permission on the project. More parameters: - https://docs.sonarqube.org/latest/analysis/analysis-parameters/ [array] --git Config git --git.url Git server URL. Default:$GIT_URL
--git.token Git token. Default:$GIT_TOKEN
--git.project_id Gitlab project ID or Github repository. Default:$CI_PROJECt_ID
or$GITHUB_REPOSITORY
--git.merge_id Git merge request IID. Default:$CI_MERGE_REQUEST_IID
[default: {}] --sonar Config sonar --sonar.url Sonarqube server URL. Default:$SONAR_URL
or sonar.host.urlin
file sonar-project.properties. --sonar.token The authentication token of a SonarQube user with Execute Analysis permission on the project. Default:$SONAR_TOKEN
--sonar.project_key Sonar project key. Default: sonar.projectKeyin
file sonar-project.properties [default: {}] -v, --version Show version [boolean] -X, --debug Produce execution debug output [boolean] [default: false] -p, --provide [default:"
gitlab"
]
To run check quality code gate:
quality-gate -p=github -D sonar.login="
<token>"
--sonar.url="
<sonar url>"
--sonar.token="
<sonar token>"
--sonar.project_key="
<sonar token>"
--git.url="
https://gitlab.com"
--git.token="
xxx"
--git.project_id=123 --git.merge_id=345
if set env for bellow parameters:
GIT_URL="
"
GIT_TOKEN="
"
CI_PROJECt_ID="
"
CI_MERGE_REQUEST_IID="
"
SONAR_URL="
"
SONAR_TOKEN="
"
and has file sonar-project.properties:
sonar.host.url=
sonar.projectKey=
We can use short command:
quality-gate -Dsonar.login="
"
Run with Gitlab-CI
Use quality-gate instead of sonar-scanner.
Example:
quality-gate -Dsonar.login=$SONAR_KEY
And config for gitlab-ci:
stages
: -CheckSonar
.CheckSonarqube
:&CheckSonarqube |
quality-gate -Dsonar.login=$SONAR_KEY
Sonar
:stage
:CheckSonar
image
:dieuhd/sonar-quality-gate
rules
: -if
:'
$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "master"'
script
:- *CheckSonarqube
P/S: Only work for merge request. Becase, the plugin need Merge Request IID.
Example:
name
:Check sonarqube
on
:[pull_request]
jobs
:build
:name
:Build
runs-on
:ubuntu-latest
steps
: -name
:Checkout
uses
:actions/[email protected]
with
:fetch-depth
:0
#
Shallow clones should be disabled for a better relevancy of analysis -name
:Set up Sonar Quality Gate
uses
:dieuhd/sonar-quality-gate@v1
env
:GITHUB_TOKEN
:${{ secrets.GITHUB_TOKEN }}
GIT_URL
:"
https://api.github.com"
GIT_TOKEN
:${{ secrets.GIT_TOKEN }}
SONAR_URL
:${{ secrets.SONAR_URL }}
SONAR_TOKEN
:${{ secrets.SONAR_TOKEN }}
SONAR_PROJECT_KEY
:${{ secrets.SONAR_PROJECT_KEY }}
with
:login
:${{ secrets.SONAR_TOKEN }}
url
:${{ secrets.SONAR_URL }}
projectKey
:${{ secrets.SONAR_PROJECT_KEY }}
Contribute
$ git clone https://github.com/dieuhd/sonar-quality-gate.git $cd
sonar-quality-gate $ npm install $ husky install&&
chmod ug+x .husky/*
$ npm run start:dev
License
MIT. See LICENSE.txt.
