# Integrate SonarQube and GitLab CI via Docker 在開始這篇文章前，你 **可能** 需要有基本的 Linux 跟 Docker 基礎，才比較好嚼 ## Install Linux Ubuntu 20.4 已經有很詳細的中文文章，我就不花時間廢話了，[點我](https://learningsky.io/install-ubuntu-on-oracle-virtualbox/) *註：建議 Memory 給到 16G UP* --- ## Install Docker 官方的教學淺顯易懂，[點我](https://docs.docker.com/engine/install/ubuntu/) 下面是擷取官方的重點 #### Set up the repository 1. Update the apt package index and install packages to allow apt to use a repository over HTTPS: ```bash= sudo apt-get update sudo apt-get install \ ca-certificates \ curl \ gnupg \ lsb-release ``` 2. Add Docker’s official GPG key: ```bash curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg ``` 3. Use the following command to set up the stable repository. To add the nightly or test repository, add the word nightly or test (or both) after the word stable in the commands below. Learn about nightly and test channels. ```bash= echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` #### Install Docker Engine Update the apt package index, and install the latest version of Docker Engine and containerd, or go to the next step to install a specific version: ```bash= sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io ``` --- ## Install PostgreSQL 這邊先啟動 SonarQube 要使用的 External DB :::info 使用 Embedded DB 會有諸多限制，單純實驗用 ::: 很簡單，就照著官方 Docker Image 文件操作即可，如果你有特別的需求也是可以抓 Dockerfile 來自己產 Image ```bash= docker run --name postgres --restart always \ -e POSTGRES_USER=sonar \ -e POSTGRES_PASSWORD=sonar \ -v postgresql_data:/var/lib/postgresql/data \ -d postgres:latest ``` --- ## Install SonarQube 這時候你的 DB 應該已經順利啟動 ```bash docker ps ```  再來起 SonarQube 服務，第一次啟動會花不少時間在 DB 建表 有額外的插件(jar) 就丟進 sonarqube_extensions 裡，SonarQube 啟動會自動安裝 因為 Community-Edition 沒有提供 Branch 功能，所以這裡我會丟免付費版本的 Branch 套件： sonarqube-community-branch-plugin.jar ```bash= docker run --name sonarqube --restart always \ -e SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/sonar \ -e SONAR_JDBC_USERNAME=sonar \ -e SONAR_JDBC_PASSWORD=sonar \ -v sonarqube_data:/opt/sonarqube/data \ -v sonarqube_extensions:/opt/sonarqube/extensions \ -v sonarqube_logs:/opt/sonarqube/logs \ -d sonarqube:latest ``` --- ## Install GitLab Runner 如果你的 GitLab 已經有可以使用的 Runner，那你可以跳過這個步驟 官方文件在 [這裡](https://docs.gitlab.com/runner/install/docker.html) ```bash= docker run --name gitlab-runner --restart always \ -v /srv/gitlab-runner/config:/etc/gitlab-runner \ -v /var/run/docker.sock:/var/run/docker.sock \ -d gitlab/gitlab-runner:latest ``` --- ## Register Runner 1. Run the register command based on the mount type: ```bash= docker run --rm \ -v /srv/gitlab-runner/config:/etc/gitlab-runner \ -it gitlab/gitlab-runner \ register ``` 2. Enter your GitLab instance URL (also known as the gitlab-ci coordinator URL). ```bash https://your-gitlab-location/ ```  3. Enter the token you obtained to register the runner. ```bash your-registration-token ```  4. Enter a description for the runner. You can change this value later in the GitLab user interface. ```bash your-description // e.g. SonarQube ``` 5. Enter the tags associated with the runner, separated by commas. You can change this value later in the GitLab user interface. ```bash your-tages // e.g. Docker,SonarQube ``` 6. Provide the runner executor. For most use cases, enter docker. ```bash docker ``` 7. If you entered docker as your executor, you’ll be asked for the default image to be used for projects that do not define one in .gitlab-ci.yml. ```bash sonarqube:latest ``` --- ## Import Projects from GitLab 按照 [文件](https://docs.sonarqube.org/latest/analysis/gitlab-integration/) 一步一步來，應該沒啥問題 你可以跳過這個步驟，直接設定單個 GitLab Project，只是我認為大量匯入，之後會比較方便 --- ## Set up a Project 終於到了建立 SonarQube 分析專案的步驟了 前面我們建立了 GitLab Runner 並且註冊 GitLab Project 都是為了讓 GitLab CI 運作 這裡選 GitLab CI 去執行分析工作  接下來 SonarQube 會按步驟幫助你建立 SonarQube 跟 GitLab CI 的關係 ### sonar-project.properties 排除多個指定資料夾 ``` sonar.exclusions=bin/**,template/** ``` ### .gitlab-ci.yml 如果需要在 branch 使用, 要移除 **only** 區塊 ## Analysis Reports 報告的規則、問題解決流程、分析數據，[官方](https://docs.sonarqube.org/latest/user-guide/concepts/) 都有一一解釋  ## docker-compose 分別起 container 實在太麻煩，你可以直接用 docker-compose 一次啟動這些服務 #### Install docker-compose [官方安裝手冊](https://docs.docker.com/compose/install/) ```bash sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose ``` ```bash sudo chmod +x /usr/local/bin/docker-compose ``` #### create docker-compose GitLab Runner 相對比較獨立，於是沒放進 docker-compose 預期他會在其他地方，如：GKE, K8S ```yaml= version: "3.7" services: sonarqube: image: sonarqube:latest container_name: sonarqube depends_on: - db environment: SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar SONAR_JDBC_USERNAME: sonar SONAR_JDBC_PASSWORD: sonar volumes: - sonarqube_data:/opt/sonarqube/data - sonarqube_extensions:/opt/sonarqube/extensions - sonarqube_logs:/opt/sonarqube/logs ports: - "9000:9000" db: image: postgres:latest container_name: db environment: POSTGRES_USER: sonar POSTGRES_PASSWORD: sonar volumes: - postgresql:/var/lib/postgresql - postgresql_data:/var/lib/postgresql/data volumes: sonarqube_data: sonarqube_extensions: sonarqube_logs: postgresql: postgresql_data: ``` #### run docker-compose ```bash docker-compose up -d ``` ###### tags: `SonarQube` `Docker` `Linux` `GitLab`