?
前提:
Jenkins
JDK
目錄:
1、安裝sonar插件:SonarQube Scanner for Jenkins
重啟jenkins?2、安裝SonarQube
3、安裝sonar-scanner
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1.安裝sonar插件:SonarQube Scanner for Jenkins
2、安裝SonarQube,并配置mysql數據庫
sonarqube是什么? 2.1 下載
下載地址:https://www.sonarqube.org/downloads/
2.2 解壓
下載后放在/usr/local目錄下,并解壓
unzip sonarqube-7.4.zip
Jenkins, 2.3 配置環境變量
vi /etc/profile
里面寫如下
#set sonarqube export SONAR_HOME=/usr/local/sonarqube-7.4 PATH=$PATH:$SONAR_HOME/bin
使配置生效
source /etc/profile
2.4 啟動并測試
sonar? 進入到啟動目錄
/usr/local/sonarqube-7.4/bin/linux-x86-64
執行啟動命令
./sonar.sh start
啟動時要查看es.log和sonar.log日志,還有web.log,關于數據庫配置的錯誤會在此處顯示
tail -f /usr/local/sonarqube-6.7.6/logs/es.log
tail -f /usr/local/sonarqube-6.7.6/logs/sonar.log
tail -f /usr/local/sonarqube-6.7.6/logs/web.log
?
jenkins集成sonar、 用root啟動會報錯,請參考我的另一篇文章:https://www.cnblogs.com/gcgc/p/10239590.html
所有問題解決完后啟動,并測試,訪問ip+port,OK了
如果默認的9000端口被占用了,則修改默認端口 vi?/usr/local/sonarqube-7.4/conf/sonar.properties
注意sonar中還集成了elastic search默認端口為9001,所以要查看9001否也被占用lsof -i:9001,如果被占用,也是修改上面的文件
代碼掃描工具sonar。
2.5 sonar配置mysql數據庫
sonar自帶測試數據庫,但是具體應用還是的換其他數據,這里我們使用mysql,
創建sonar數據庫
DROP DATABASE sonar;CREATE DATABASE sonar CHARACTER SET utf8 COLLATE utf8_general_ci;CREATE USER 'sonar' IDENTIFIED BY 'sonar';GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';FLUSH PRIVILEGES;
sonar代碼掃描?
2.6 修改配置文件
? 修改vi?/usr/local/sonarqube-7.4/conf/sonar.properties文件,如下的藍色加粗字體
# Property values can: # - reference an environment variable, for example sonar.jdbc.url= ${env:SONAR_JDBC_URL} # - be encrypted. See https://redirect.sonarsource.com/doc/settings-encryption.html #-------------------------------------------------------------------------------------------------- # DATABASE # # IMPORTANT: # - The embedded H2 database is used by default. It is recommended for tests but not for # production use. Supported databases are MySQL, Oracle, PostgreSQL and Microsoft SQLServer. # - Changes to database connection URL (sonar.jdbc.url) can affect SonarSource licensed products.# User credentials. # Permissions to create tables, indices and triggers must be granted to JDBC user. # The schema must be created first. #sonar.jdbc.username= #sonar.jdbc.password=sonar.jdbc.username=sonar sonar.jdbc.password=sonarsonar.sorceEncoding=UTF-8 sonar.login=admin sonar.password=admin#----- Embedded Database (default) # H2 embedded database server listening port, defaults to 9092 #sonar.embeddedDatabase.port=9092#----- DEPRECATED #----- MySQL >=5.6 && <8.0 # Support of MySQL is dropped in Data Center Editions and deprecated in all other editions # Only InnoDB storage engine is supported (not myISAM). # Only the bundled driver is supported. It can not be changed. sonar.jdbc.url=jdbc:mysql://192.168.207.160:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false #----- Oracle 11g/12c # The Oracle JDBC driver must be copied into the directory extensions/jdbc-driver/oracle/. # Only the thin client is supported, and only the versions 11.2.x or 12.2.x must be used. See # https://jira.sonarsource.com/browse/SONAR-9758 for more details. # If you need to set the schema, please refer to http://jira.sonarsource.com/browse/SONAR-5000 #sonar.jdbc.url=jdbc:oracle:thin:@localhost:1521/XE#----- PostgreSQL 9.3 or greater # By default the schema named "public" is used. It can be overridden with the parameter "currentSchema". #sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube?currentSchema=my_schema #----- Microsoft SQLServer 2014/2016 and SQL Azure # A database named sonar must exist and its collation must be case-sensitive (CS) and accent-sensitive (AS) # Use the following connection string if you want to use integrated security with Microsoft Sql Server # Do not set sonar.jdbc.username or sonar.jdbc.password property if you are using Integrated Security # For Integrated Security to work, you have to download the Microsoft SQL JDBC driver package from # https://www.microsoft.com/en-us/download/details.aspx?id=55539 # and copy sqljdbc_auth.dll to your path. You have to copy the 32 bit or 64 bit version of the dll # depending upon the architecture of your server machine. #sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar;integratedSecurity=true # Use the following connection string if you want to use SQL Auth while connecting to MS Sql Server. # Set the sonar.jdbc.username and sonar.jdbc.password appropriately. #sonar.jdbc.url=jdbc:sqlserver://localhost;databaseName=sonar #----- Connection pool settings # The maximum number of active connections that can be allocated # at the same time, or negative for no limit. # The recommended value is 1.2 * max sizes of HTTP pools. For example if HTTP ports are # enabled with default sizes (50, see property sonar.web.http.maxThreads) # then sonar.jdbc.maxActive should be 1.2 * 50 = 60. #sonar.jdbc.maxActive=60# The maximum number of connections that can remain idle in the # pool, without extra ones being released, or negative for no limit. #sonar.jdbc.maxIdle=5# The minimum number of connections that can remain idle in the pool, # without extra ones being created, or zero to create none. #sonar.jdbc.minIdle=2# The maximum number of milliseconds that the pool will wait (when there # are no available connections) for a connection to be returned before # throwing an exception, or <= 0 to wait indefinitely. #sonar.jdbc.maxWait=5000#sonar.jdbc.minEvictableIdleTimeMillis=600000 #sonar.jdbc.timeBetweenEvictionRunsMillis=30000#-------------------------------------------------------------------------------------------------- # WEB SERVER # Web server is executed in a dedicated Java process. By default heap size is 512Mb. # Use the following property to customize JVM options. # Recommendations: # # The HotSpot Server VM is recommended. The property -server should be added if server mode # is not enabled by default on your environment: # http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html # # Startup can be long if entropy source is short of entropy. Adding # -Djava.security.egd=file:/dev/./urandom is an option to resolve the problem. # See https://wiki.apache.org/tomcat/HowTo/FasterStartUp#Entropy_Source # #sonar.web.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError# Same as previous property, but allows to not repeat all other settings like -Xmx #sonar.web.javaAdditionalOpts=# Binding IP address. For servers with more than one IP address, this property specifies which # address will be used for listening on the specified ports. # By default, ports will be used on all IP addresses associated with the server. #sonar.web.host=0.0.0.0# Web context. When set, it must start with forward slash (for example /sonarqube). # The default value is root context (empty value). #sonar.web.context= # TCP port for incoming HTTP connections. Default value is 9000. sonar.web.port=9000# The maximum number of connections that the server will accept and process at any given time. # When this number has been reached, the server will not accept any more connections until # the number of connections falls below this value. The operating system may still accept connections # based on the sonar.web.connections.acceptCount property. The default value is 50. #sonar.web.http.maxThreads=50# The minimum number of threads always kept running. The default value is 5. #sonar.web.http.minThreads=5# The maximum queue length for incoming connection requests when all possible request processing # threads are in use. Any requests received when the queue is full will be refused. # The default value is 25. #sonar.web.http.acceptCount=25# By default users are logged out and sessions closed when server is restarted. # If you prefer keeping user sessions open, a secret should be defined. Value is # HS256 key encoded with base64. It must be unique for each installation of SonarQube. # Example of command-line: # echo -n "type_what_you_want" | openssl dgst -sha256 -hmac "key" -binary | base64 #sonar.auth.jwtBase64Hs256Secret=# The inactivity timeout duration of user sessions, in minutes. After the configured # period of time, the user is logged out. # The default value is set to 3 days (4320 minutes) # and cannot be greater than 3 months. Value must be strictly positive. #sonar.web.sessionTimeoutInMinutes=4320# A passcode can be defined to access some web services from monitoring # tools without having to use the credentials of a system administrator. # Check the Web API documentation to know which web services are supporting this authentication mode. # The passcode should be provided in HTTP requests with the header "X-Sonar-Passcode". # By default feature is disabled. #sonar.web.systemPasscode=#-------------------------------------------------------------------------------------------------- # SSO AUTHENTICATION# Enable authentication using HTTP headers #sonar.web.sso.enable=false# Name of the header to get the user login. # Only alphanumeric, '.' and '@' characters are allowed #sonar.web.sso.loginHeader=X-Forwarded-Login# Name of the header to get the user name #sonar.web.sso.nameHeader=X-Forwarded-Name# Name of the header to get the user email (optional) #sonar.web.sso.emailHeader=X-Forwarded-Email# Name of the header to get the list of user groups, separated by comma (optional). # If the sonar.sso.groupsHeader is set, the user will belong to those groups if groups exist in SonarQube. # If none of the provided groups exists in SonarQube, the user will only belong to the default group. # Note that the default group will always be set. #sonar.web.sso.groupsHeader=X-Forwarded-Groups# Interval used to know when to refresh name, email and groups. # During this interval, if for instance the name of the user is changed in the header, it will only be updated after X minutes. #sonar.web.sso.refreshIntervalInMinutes=5#-------------------------------------------------------------------------------------------------- # LDAP CONFIGURATION# Enable the LDAP feature # sonar.security.realm=LDAP# Set to true when connecting to a LDAP server using a case-insensitive setup. # sonar.authenticator.downcase=true# URL of the LDAP server. Note that if you are using ldaps, then you should install the server certificate into the Java truststore. # ldap.url=ldap://localhost:10389 # Bind DN is the username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory (optional) # ldap.bindDn=cn=sonar,ou=users,o=mycompany# Bind Password is the password of the user to connect with. Leave this blank for anonymous access to the LDAP directory (optional) # ldap.bindPassword=secret# Possible values: simple | CRAM-MD5 | DIGEST-MD5 | GSSAPI See http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html (default: simple) # ldap.authentication=simple# See : # * http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html # * http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html # (optional) # ldap.realm=example.org# Context factory class (optional) # ldap.contextFactoryClass=com.sun.jndi.ldap.LdapCtxFactory# Enable usage of StartTLS (default : false) # ldap.StartTLS=true# Follow or not referrals. See http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html (default: true) # ldap.followReferrals=false# USER MAPPING# Distinguished Name (DN) of the root node in LDAP from which to search for users (mandatory) # ldap.user.baseDn=cn=users,dc=example,dc=org# LDAP user request. (default: (&(objectClass=inetOrgPerson)(uid={login})) ) # ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))# Attribute in LDAP defining the user’s real name. (default: cn) # ldap.user.realNameAttribute=name# Attribute in LDAP defining the user’s email. (default: mail) # ldap.user.emailAttribute=email# GROUP MAPPING# Distinguished Name (DN) of the root node in LDAP from which to search for groups. (optional, default: empty) # ldap.group.baseDn=cn=groups,dc=example,dc=org# LDAP group request (default: (&(objectClass=groupOfUniqueNames)(uniqueMember={dn})) ) # ldap.group.request=(&(objectClass=group)(member={dn}))# Property used to specifiy the attribute to be used for returning the list of user groups in the compatibility mode. (default: cn) # ldap.group.idAttribute=sAMAccountName#-------------------------------------------------------------------------------------------------- # COMPUTE ENGINE # The Compute Engine is responsible for processing background tasks. # Compute Engine is executed in a dedicated Java process. Default heap size is 512Mb. # Use the following property to customize JVM options. # Recommendations: # # The HotSpot Server VM is recommended. The property -server should be added if server mode # is not enabled by default on your environment: # http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html # #sonar.ce.javaOpts=-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError# Same as previous property, but allows to not repeat all other settings like -Xmx #sonar.ce.javaAdditionalOpts=#-------------------------------------------------------------------------------------------------- # ELASTICSEARCH # Elasticsearch is used to facilitate fast and accurate information retrieval. # It is executed in a dedicated Java process. Default heap size is 512Mb. # # -------------------------------------------------- # Word of caution for Linux users on 64bits systems # -------------------------------------------------- # Please ensure Virtual Memory on your system is correctly configured for Elasticsearch to run properly # (see https://www.elastic.co/guide/en/elasticsearch/reference/5.5/vm-max-map-count.html for details). # # When SonarQube runs standalone, a warning such as the following may appear in logs/es.log: # "max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]" # When SonarQube runs as a cluster, however, Elasticsearch will refuse to start. ## JVM options of Elasticsearch process #sonar.search.javaOpts=-Xms512m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError# Same as previous property, but allows to not repeat all other settings like -Xmx #sonar.search.javaAdditionalOpts=# Elasticsearch port. Default is 9001. Use 0 to get a free port. # As a security precaution, should be blocked by a firewall and not exposed to the Internet. sonar.search.port=9002# Elasticsearch host. The search server will bind this address and the search client will connect to it. # Default is loopback address. # As a security precaution, should NOT be set to a publicly available address. #sonar.search.host=#-------------------------------------------------------------------------------------------------- # UPDATE CENTER# Update Center requires an internet connection to request https://update.sonarsource.org # It is enabled by default. #sonar.updatecenter.activate=true# HTTP proxy (default none) #http.proxyHost= #http.proxyPort= # HTTPS proxy (defaults are values of http.proxyHost and http.proxyPort) #https.proxyHost= #https.proxyPort=# NT domain name if NTLM proxy is used #http.auth.ntlm.domain=# SOCKS proxy (default none) #socksProxyHost= #socksProxyPort=# Proxy authentication (used for HTTP, HTTPS and SOCKS proxies) #http.proxyUser= #http.proxyPassword=#-------------------------------------------------------------------------------------------------- # LOGGING# SonarQube produces logs in 4 logs files located in the same directory (see property sonar.path.logs below), # one per process: # Main process (aka. App) logs in sonar.log # Web Server (aka. Web) logs in web.log # Compute Engine (aka. CE) logs in ce.log # Elasticsearch (aka. ES) logs in es.log # # All 4 files follow the same rolling policy (see sonar.log.rollingPolicy and sonar.log.maxFiles) but it applies # individually (eg. if sonar.log.maxFiles=4, there can be at most 4 of each files, ie. 16 files in total). # # All 4 files have logs in the same format: # 1 2 3 4 5 6 # |-----------------| |---| |-|--------------------||------------------------------| |------------------------------------------------------------------------------------------------------------------------------| # 2016.11.16 16:47:00 INFO ce[AVht0dNXFcyiYejytc3m][o.s.s.c.t.CeWorkerCallableImpl] Executed task | project=org.sonarqube:example-java-maven | type=REPORT | id=AVht0dNXFcyiYejytc3m | submitter=admin | time=1699ms # # 1: timestamp. Format is YYYY.MM.DD HH:MM:SS # YYYY: year on 4 digits # MM: month on 2 digits # DD: day on 2 digits # HH: hour of day on 2 digits in 24 hours format # MM: minutes on 2 digits # SS: seconds on 2 digits # 2: log level. # Possible values (in order of descending criticality): ERROR, WARN, INFO, DEBUG and TRACE # 3: process identifier. Possible values: app (main), web (Web Server), ce (Compute Engine) and es (Elasticsearch) # 4: SQ thread identifier. Can be empty. # In the Web Server, if present, it will be the HTTP request ID. # In the Compute Engine, if present, it will be the task ID. # 5: logger name. Usually a class canonical name. # Package names are truncated to keep the whole field to 20 characters max # 6: log payload. Content of this field does not follow any specific format, can vary in length and include line returns. # Some logs, however, will follow the convention to provide data in payload in the format " | key=value" # Especially, log of profiled pieces of code will end with " | time=XXXXms".# Global level of logs (applies to all 4 processes). # Supported values are INFO (default), DEBUG and TRACE #sonar.log.level=INFO# Level of logs of each process can be controlled individually with their respective properties. # When specified, they overwrite the level defined at global level. # Supported values are INFO, DEBUG and TRACE #sonar.log.level.app=INFO #sonar.log.level.web=INFO #sonar.log.level.ce=INFO #sonar.log.level.es=INFO# Path to log files. Can be absolute or relative to installation directory. # Default is <installation home>/logs #sonar.path.logs=logs# Rolling policy of log files # - based on time if value starts with "time:", for example by day ("time:yyyy-MM-dd") # or by month ("time:yyyy-MM") # - based on size if value starts with "size:", for example "size:10MB" # - disabled if value is "none". That needs logs to be managed by an external system like logrotate. #sonar.log.rollingPolicy=time:yyyy-MM-dd# Maximum number of files to keep if a rolling policy is enabled. # - maximum value is 20 on size rolling policy # - unlimited on time rolling policy. Set to zero to disable old file purging. #sonar.log.maxFiles=7# Access log is the list of all the HTTP requests received by server. If enabled, it is stored # in the file {sonar.path.logs}/access.log. This file follows the same rolling policy as other log file # (see sonar.log.rollingPolicy and sonar.log.maxFiles). #sonar.web.accessLogs.enable=true# Format of access log. It is ignored if sonar.web.accessLogs.enable=false. Possible values are: # - "common" is the Common Log Format, shortcut to: %h %l %u %user %date "%r" %s %b # - "combined" is another format widely recognized, shortcut to: %h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" # - else a custom pattern. See http://logback.qos.ch/manual/layouts.html#AccessPatternLayout. # The login of authenticated user is not implemented with "%u" but with "%reqAttribute{LOGIN}" (since version 6.1). # The value displayed for anonymous users is "-". # The SonarQube's HTTP request ID can be added to the pattern with "%reqAttribute{ID}" (since version 6.2). # If SonarQube is behind a reverse proxy, then the following value allows to display the correct remote IP address: #sonar.web.accessLogs.pattern=%i{X-Forwarded-For} %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}" # Default value (which was "combined" before version 6.2) is equivalent to "combined + SQ HTTP request ID": #sonar.web.accessLogs.pattern=%h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" "%reqAttribute{ID}"#-------------------------------------------------------------------------------------------------- # OTHERS# Delay in seconds between processing of notification queue. Default is 60 seconds. #sonar.notifications.delay=60# Paths to persistent data files (embedded database and search index) and temporary files. # Can be absolute or relative to installation directory. # Defaults are respectively <installation home>/data and <installation home>/temp #sonar.path.data=data #sonar.path.temp=temp# Telemetry - Share anonymous SonarQube statistics # By sharing anonymous SonarQube statistics, you help us understand how SonarQube is used so we can improve the product to work even better for you. # We don't collect source code or IP addresses. And we don't share the data with anyone else. # To see an example of the data shared: login as a global administrator, call the WS api/system/info and check the Statistics field. #sonar.telemetry.enable=true#-------------------------------------------------------------------------------------------------- # DEVELOPMENT - only for developers # The following properties MUST NOT be used in production environments.# Elasticsearch HTTP connector #sonar.search.httpPort=-1
重新啟動sonar,好了測試一下
?
?
3、安裝sonar-scanner
3.1 下載
https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
3.2 解壓
下載后放在/usr/local目錄下,并解壓
unzip sonar-scanner-cli-3.2.0.1227-linux.zip
3.3 配置環境變量
和上面一樣修改/etc/profile文件,修改完記得 source /etc/profile
#set sonarqube export SONAR_HOME=/usr/local/sonarqube-7.4 export SONAR_SCANNER_HOME=/usr/local/sonar-scanner-3.2.0.1227-linux PATH=$PATH:$SONAR_HOME/bin:$SONAR_SCANNER_HOME/bin
修改完記得 source /etc/profile
3.4 測試
進入/usr/local/sonar-scanner-3.2.0.1227-linux/bin執行:
./sonar-scanner -h
如果出現如下就說明安裝好了
[root@iZbp1bb2egi7w0ueys548qZ bin]# ./sonar-scanner -h INFO: INFO: usage: sonar-scanner [options] INFO: INFO: Options: INFO: -D,--define <arg> Define property INFO: -h,--help Display help information INFO: -v,--version Display version information INFO: -X,--debug Produce execution debug output
4、在Jenkins中配置sonar
SonarScanner和SonarQube的關系類似于客戶端與服務端,由于SonarScanner工具需要把掃描的代碼及結果發送到SonarQube服務器上,所以需要配置SonarQube服務地址。
在Jenkins系統配置>>系統設置中配置如下:
5、在Jenkins中配置sonar-scanner
在全局工具配置中配置如下:
?
?6、增加構建步驟
Analysis properties 內容如下
sonar.projectKey=e-auth sonar.projectName=電商用戶服務-auth sonar.projectVersion=1.0 sonar.sources=./ sonar.language=java sonar.sourceEncoding=UTF-8 sonar.java.binaries=./ sonar.login=admin sonar.password=admin
?
?7、構建一下
8、添加自定義郵件模板
在jenkins所在機器上/root/.jenkins目錄下,新建/sonar_script文件夾,里面放如下腳本:sonar.py和table.html
sonar.py內容如下
#!/usr/bin/python # -*- coding:utf-8 -*-import pymysql,os,sys from jinja2 import FileSystemLoader,Environmentdef select_project_uuid(project_name):db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")cursor = db.cursor()select_p_uuid="SELECT project_uuid,kee FROM projects WHERE `name`= '%s'" %(project_name)cursor.execute(select_p_uuid)result = cursor.fetchone()p_uuid = result[0]projectKey = result[1]db.close()return(p_uuid, projectKey)def select_total_info(p_uuid):total_info=[]# 使用cursor()方法獲取操作游標db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")cursor = db.cursor()select_p_links = "SELECT text_value FROM project_measures WHERE text_value LIKE 'java=%' and component_uuid=" + "\'" + p_uuid + "\'"cursor.execute(select_p_links)p_links = cursor.fetchone()[0].split("=")[1]sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =%s"for leak in [2,3,1]:search_data = sql_info %(p_uuid, leak)cursor.execute(search_data)total_info.append(cursor.fetchone()[0])db.close()return p_links,total_infodef select_bugs(p_uuid):bugs=[]db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")cursor = db.cursor()sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =2 AND severity ='%s'"for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:search_data=sql_info % (p_uuid,leak)cursor.execute(search_data)bugs.append(cursor.fetchone()[0])db.close()return bugsdef select_leaks(p_uuid):leaks=[]db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")cursor = db.cursor()sql_info = "SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =3 AND severity ='%s'"for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:search_data=sql_info % (p_uuid,leak)cursor.execute(search_data)leaks.append(cursor.fetchone()[0])db.close()return leaksdef select_bad_tastes(p_uuid):tastes=[]db = pymysql.connect(host="192.168.207.160", port=3306, user="sonar", passwd="sonar", db="sonar")cursor = db.cursor()sql_info="SELECT count(*) FROM issues WHERE project_uuid='%s' and issue_type =1 AND severity ='%s'"for leak in ['BLOCKER','CRITICAL',"MAJOR",'MINOR','INFO']:search_data=sql_info % (p_uuid,leak)cursor.execute(search_data)tastes.append(cursor.fetchone()[0])return tastesdb.close()curpath = os.getcwd() table_tem_name="table.html" def generate_errmsg_table(s_lines="", total_data=[], bugs=[],leaks=[],tastes=[],report_url=""):env = Environment(loader=FileSystemLoader(curpath, 'utf-8')) # 創建一個包加載器對象template = env.get_template(table_tem_name)html_content = (template.render(lins=s_lines,total_data=total_data, bugs=bugs,leaks = leaks,tastes=tastes,report_url=report_url))fh = open(report_html_path, 'w')fh.write(html_content)fh.close()project_name = sys.argv[1] report_html_path="report\\"+project_name+".html" p_uuid, projectKey=select_project_uuid(project_name) s_lines,total_data=select_total_info(p_uuid) bugs=select_bugs(p_uuid) leaks=select_leaks(p_uuid) tastes=select_bad_tastes(p_uuid) report_url="http://192.168.207.140:9000/dashboard?id=%s" %(projectKey) generate_errmsg_table(s_lines,total_data,bugs,leaks,tastes,report_url)
?
?table.html內容:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="GBK"> <body> <p style="font-weight:bold;">一、總體情況:</p> <ul> <li style="font-weight:bold;">整體運行情況:掃描代碼行數:<span style="color:blue">{{lins}}</span>, bugs:<span style="color:red">{{total_data[0]}}</span>, 漏洞:<span style="color:red">{{total_data[1]}}</span>, 壞味道:<span style="color:red">{{total_data[2]}}</span></li> <li style="font-weight:bold;">URL地址:<a style="font-weight:bold;" href={{report_url}} >{{report_url}}</a></li> </ul> <p style="font-weight:bold;">二、錯誤信息詳情:</p> <table border="1" cellpadding="10" width="540" height="120"><tr ><th></th><th>阻斷</th><th>嚴重</th><th>主要</th><th>次要</th><th>提示</th><th>總數</th></tr><tr bgcolor=#ECFFFF><td>bugs</td><td align="center">{{bugs[0]}}</td><td align="center">{{bugs[1]}}</td><td align="center">{{bugs[2]}}</td><td align="center">{{bugs[3]}}</td><td align="center">{{bugs[4]}}</td><td align="center" style="color:red">{{total_data[0]}}</td></tr><tr bgcolor=#D2E9FF><td>漏洞</td><td align="center">{{leaks[0]}}</td><td align="center">{{leaks[1]}}</td><td align="center">{{leaks[2]}}</td><td align="center">{{leaks[3]}}</td><td align="center">{{leaks[4]}}</td><td align="center" style="color:red">{{total_data[1]}}</td></tr><tr bgcolor=#ECFFFF><td>壞味道</td><td align="center">{{tastes[0]}}</td><td align="center">{{tastes[1]}}</td><td align="center">{{tastes[2]}}</td><td align="center">{{tastes[3]}}</td><td align="center">{{tastes[4]}}</td><td align="center" style="color:red">{{total_data[2]}}</td></tr> </table> <br></br> </body> </html>
?
9、添加執行自定義生成郵件模板步驟
前提:由于要執行sonar.py腳本,所以jenkins所在機器要有python3環境,且安裝了pymysql、jinja2,
centos安裝python3:
進入到sonar.py所在目錄,執行命令:python3 sonar.py 項目名
執行完成后會在/root/.jenkins/sonar_script目錄下生成html文件,
?
?10、配置發送郵件
10.1 安裝插件:Email Extension
10.2 在系統管理》》系統設置中設置
?
?
?
?
?11、發送郵件
在job中添加步驟
內容選擇HTML,打開高級選項
增加觸發器,并打開高級選項
輸入發送郵箱列表,以英文逗號分隔,和郵件內容,html就是上面步驟生成的
最終的郵件如下圖:
?
?
