1、GitLab-Runner安装
(1)在Admin面板 -- >Runners,查看-Runner安装方式
(2)下载安装
- # Download the binary for your system
- sudo curl -L --output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64
-
- # Give it permissions to execute
- sudo chmod +x /usr/local/bin/gitlab-runner
-
- # Create a GitLab CI user
- sudo useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
-
- # Install and run as service
- sudo gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner
- sudo gitlab-runner start
(3)命令注册
sudo gitlab-runner register --url http://192.168.44.136/ --registration-token hiSDonwf--4gtjqvcbMb
(4)返回gitlab页面,软件系统开发定制可以看到刚注册的runner。
2、软件系统开发定制在项目根目录创建.gitlab-ci.yml文件
配置 .gitlab-ci.yml 文件内容:
- stages:
- - sonarqube_scan
- - sendmail
-
- sonarqube_scan_job:
- stage: sonarqube_scan
- script:
- - mvn clean package
- - sonar-scanner -Dsonar.projectName=$CI_PROJECT_NAME -Dsonar.projectKey=$CI_PROJECT_NAME -Dsonar.language=java -Dsonar.host.url=http://192.168.44.137:9000 -Dsonar.login=admin -Dsonar.password=abc123! -Dsonar.sources=src -Dsonar.java.binaries=target/classes -Dsonar.java.test.binaries=target/test-classes -Dsonar.ws.timeout=30 -Dsonar.sources=src -Dsonar.sourceEncoding=UTF-8 -Dsonar.java.binaries=target/classes -Dsonar.java.test.binaries=target/test-classes -Dsonar.java.surefire.report=target/surefire-reports
- tags:
- - demo
- when: always
-
- sendmail_job:
- stage: sendmail
- script:
- - echo $GITLAB_USER_EMAIL
- - echo $CI_PROJECT_NAME
- - echo $CI_COMMIT_REF_NAME
- - python3 /opt/sonarqube_api.py $CI_PROJECT_NAME $CI_COMMIT_REF_NAME $GITLAB_USER_EMAIL
-
- tags:
- - demo
sonarqube_api.py代码如下:
- #!/usr/bin/python
- # -*- coding: UTF-8 -*-
-
- import requests,json,sys,time
- import smtplib
- from email.mime.text import MIMEText
- from email.header import Header
-
- from_addr='543395404@qq.com' #邮件发送账号
- qqCode='lejuimybvccobehh' #授权码
- smtp_server='smtp.qq.com'
- smtp_port=465
-
- def getSonarinfo(component):
- sonar_url="http://192.168.44.137:9000/api/measures/component?component={0}&metricKeys=bugs,vulnerabilities,code_smells,ncloc".format(component,)
- print(sonar_url)
- sonar_token ="d5519a4e9018084b98ba39d8f9cd82bee0142505"
- session = requests.Session()
- session.auth = sonar_token,''
- call = getattr(session, 'get')
- res = call(sonar_url)
- binary = res.content
- result = json.loads(binary)
- result_dict = {}
- for info_dict in result["component"]["measures"]:
- result_dict[info_dict["metric"]] = info_dict["value"]
- #print(result_dict)
- return result_dict
-
- def sendmail(to_addrs,mail_msg):
- stmp=smtplib.SMTP_SSL(smtp_server,smtp_port)
- stmp.login(from_addr,qqCode)
- message = MIMEText(mail_msg, 'html', 'utf-8')
- message['From'] = Header("管理员", 'utf-8')
- message['To'] = Header("Me", 'utf-8')
- subject = 'Gitlab代码安全检测结果'
- message['Subject'] = Header(subject, 'utf-8')
-
- try:
- stmp.sendmail(from_addr, to_addrs, message.as_string())
- except Exception as e:
- print ('邮件发送失败--' + str(e))
- print ('邮件发送成功')
-
- if __name__ == '__main__':
- project = sys.argv[1]
- branch = sys.argv[2]
- user_email = sys.argv[3]
- time.sleep(10)
- sonarqube_data = getSonarinfo(component=project,)
- project_url = "http://192.168.44.137:9000/dashboard?id={0}".format(project,)
- print(sonarqube_data)
-
- html_text = """
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <title></title>
- <meta charset="utf-8">
- </head>
- <body>
- <div class="page" style="margin-left: 30px">
- <h3>{user_email}, 你好!</h3>
- <h3> 本次提交代码检查结果如下:</h3>
- <h3> 项目名称:{project} </h3>
- <h3> 分支:{branch} </h3>
- <h3>一、总体情况</h3>
- <ul>
- <li style="font-weight:bold;">
- 本次扫描代码行数: <span style="color:blue">{lines} </span>,
- bugs: <span style="color:red">{bugs}</span>,
- Vulnerabilities: <span style="color:red">{vulnerabilities}</span>,
- Code Smells: <span style="color:red">{code_smells}</span>
- </li>
- <li style="font-weight:bold;margin-top: 10px;">
- URL地址:
- <a style="font-weight:bold;"
- href={project_url}>{project_url}
- </a>
- </li>
- </ul>
-
- </div>
- </body>
- </html>
- """.format(user_email=user_email,project=project,branch=branch,lines=sonarqube_data["ncloc"],bugs=sonarqube_data["bugs"],vulnerabilities=sonarqube_data["vulnerabilities"],code_smells=sonarqube_data["code_smells"],project_url=project_url)
-
- #print(html_text)
- sendmail(to_addrs=user_email,mail_msg=html_text)
3、实现效果
(1)模拟用户提交代码,新建测试文件填写测试字符,然后commit提交。
(2)在GitLab,CI/CD-->Pipelines,可以查看运行状态,点击进入可查看详情。
(3)完成后,用户邮箱收到代码检测报告。
(4)在可以查看到对应的项目检测情况。
参考链接:
Gitlab集成Sonarqube自动检测代码并发送报告给提交者
https://www.cnblogs.com/Sunzz/p/13731675.html
https://blog.csdn.net/a49963775222/article/details/110120319