2020-10-31
linux
00
请注意,本文编写于 1210 天前,最后修改于 1210 天前,其中某些信息可能已经过时。

目录

0. 准备工作
1. 安装PostgreSQL
2. 安装sonarqube
2.1 安装jdk11
2.2 安装sonarqube
2.3 开机自启动
3. 汉化
4. jenkins服务器部署扫描器sonar-scanner
排错
1. 未关闭服务,直接关机导致服务无法启动。

0. 准备工作

基础环境 宿主机环境:Ubuntu 18.04.4 LTS 安装版本:sonarqube-7.9.2.zip 安装目录:/home/sonarqube java版本:openjdk version "11.0.9" 2020-10-20 数据库:psql (PostgreSQL) 10.14 (Ubuntu 10.14-0ubuntu0.18.04.1)

内核参数修改

bash
vim /etc/sysctl.conf #sonar参数优化 vm.max_map_count=262144 fs.file-max=65536 #生效 sysctl -p

创建启动用户:

bash
# sonarqube不能使用root用户启动 useradd -r -m -s /bin/bash sonarqube # 修改资源限制: vim /etc/security/limits.conf sonarqube - nofile 65536 sonarqube - nproc 65536

1. 安装PostgreSQL

查看支持的版本:

bash
root@sonar:/usr/local/src# apt-cache madison postgresql

安装pgsql默认系统支持版本:

bash
root@sonar:/usr/local/src# apt install postgresql

配置pgsql:

bash
#进入postgres创建数据库和用户 root@sonar:/usr/local/src# su - postgres postgres@sonar:~$ psql -U postgres #创建数据库 postgres=# CREATE DATABASE sonar; #创建用户 postgres=# CREATE USER sonar WITH ENCRYPTED PASSWORD '123456'; #授权 postgres=# GRANT ALL PRIVILEGES ON DATABASE sonar TO sonar; #授权生效 postgres=# ALTER DATABASE sonar OWNER TO sonar; #修改配置文件 修改数据库监听地址:vim /etc/postgresql/10/main/postgresql.conf listen_addresses = '*' # what IP address(es) to listen on; 默认监听端口为5432 #开启远程访问:vim /etc/postgresql/10/main/pg_hba.conf # IPv4 local connections: host all all 0.0.0.0/0 md5 #重启pgsql: root@sonar:/usr/local/src# systemctl restart postgresql root@sonar:/usr/local/src# systemctl enable postgresql Synchronizing state of postgresql.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable postgresql #查看端口是否开启 root@sonar:/usr/local/src# ss -ntlp|grep 5432 LISTEN 0 224 0.0.0.0:5432 0.0.0.0:* users:(("postgres",pid=10080,fd=7)) LISTEN 0 224 [::]:5432 [::]:* users:(("postgres",pid=10080,fd=8))

2. 安装sonarqube

2.1 安装jdk11

bash
root@sonar:/usr/local/src# apt install openjdk-11-jdk

2.2 安装sonarqube

博文使用的安装包下载地址:sonarqube-7.9.2.zip

bash
root@sonar:/usr/local/src# unzip sonarqube-7.9.2.zip root@sonar:/usr/local/src# ln -sv /usr/local/src/sonarqube-7.9.2 /usr/local/sonarqube # 需要普通用户去启动,root不支持,会报错。 root@sonar:/usr/local/src# chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R root@sonar:/usr/local/src# su - sonarqube # 修改配置文件 sonarqube@sonar:/usr/local/sonarqube/conf$ vim sonar.properties # 修改数据库密码 sonar.jdbc.username=sonar sonar.jdbc.password=123456 # 修改数据库连接地址 sonar.jdbc.url=jdbc:postgresql://192.168.0.216/sonar #启动 sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh --help Usage: ./sonar.sh { console | start | stop | force-stop | restart | status | dump } sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh start #访问 http://192.168.0.216:9000/about 默认用户名和密码:admin/admin

2.3 开机自启动

bash
#配置服务 vim /etc/systemd/system/sonarqube.service [Unit] Description=SonarQube service After=syslog.target network.target [Service] Type=simple User=sonarqube Group=sonarqube PermissionsStartOnly=true ExecStart=/usr/bin/nohup /usr/bin/java -Xms2048m -Xmx2048m -Djava.net.preferIPv4Stack=true -jar /usr/local/sonarqube/lib/sonar-application-7.9.2.jar StandardOutput=syslog LimitNOFILE=65536 LimitNPROC=65536 TimeoutStartSec=5 Restart=always [Install] WantedBy=multi-user.target #设置开机启动 systemctl daemon-reload systemctl restart sonarqube systemctl enable sonarqube

3. 汉化

去插件市场:http://192.168.0.216:9000/admin/marketplace => "Plugins" 搜索"chinese" 安装"Chinese Pack" 重启服务。 插件安装位置:

bash
root@sonar:/usr/local/sonarqube/extensions/plugins# ll total 88048 drwxr-xr-x 2 sonarqube sonarqube 4096 Nov 1 11:03 ./ drwxr-xr-x 5 sonarqube sonarqube 4096 Nov 1 10:52 ../ -rw-r--r-- 1 sonarqube sonarqube 224 Dec 9 2019 README.txt -rw-r--r-- 1 sonarqube sonarqube 287504 Dec 9 2019 sonar-auth-github-plugin-1.5.0.870.jar -rw-r--r-- 1 sonarqube sonarqube 3388540 Dec 9 2019 sonar-auth-saml-plugin-1.1.0.181.jar -rw-r--r-- 1 sonarqube sonarqube 4094975 Dec 9 2019 sonar-csharp-plugin-7.15.0.8572.jar -rw-r--r-- 1 sonarqube sonarqube 7015434 Dec 9 2019 sonar-css-plugin-1.1.1.1010.jar -rw-r--r-- 1 sonarqube sonarqube 1544789 Dec 9 2019 sonar-flex-plugin-2.5.1.1831.jar -rw-r--r-- 1 sonarqube sonarqube 3903342 Dec 9 2019 sonar-go-plugin-1.1.1.2000.jar -rw-r--r-- 1 sonarqube sonarqube 1727846 Dec 9 2019 sonar-html-plugin-3.1.0.1615.jar -rw-r--r-- 1 sonarqube sonarqube 15098 Dec 9 2019 sonar-jacoco-plugin-1.0.2.475.jar -rw-r--r-- 1 sonarqube sonarqube 8302745 Dec 9 2019 sonar-java-plugin-5.13.1.18282.jar -rw-r--r-- 1 sonarqube sonarqube 6866969 Dec 9 2019 sonar-javascript-plugin-5.2.1.7778.jar -rw-r--r-- 1 sonarqube sonarqube 7595999 Dec 9 2019 sonar-kotlin-plugin-1.5.0.315.jar -rw-r--r-- 1 sonarqube sonarqube 49222 Nov 1 11:02 sonar-l10n-zh-plugin-1.29.jar -rw-r--r-- 1 sonarqube sonarqube 300503 Dec 9 2019 sonar-ldap-plugin-2.2.0.608.jar -rw-r--r-- 1 sonarqube sonarqube 5105268 Dec 9 2019 sonar-php-plugin-3.2.0.4868.jar -rw-r--r-- 1 sonarqube sonarqube 2752167 Dec 9 2019 sonar-python-plugin-1.14.1.3143.jar -rw-r--r-- 1 sonarqube sonarqube 10036210 Dec 9 2019 sonar-ruby-plugin-1.5.0.315.jar -rw-r--r-- 1 sonarqube sonarqube 9202024 Dec 9 2019 sonar-scala-plugin-1.5.0.315.jar -rw-r--r-- 1 sonarqube sonarqube 2622236 Dec 9 2019 sonar-scm-git-plugin-1.8.0.1574.jar -rw-r--r-- 1 sonarqube sonarqube 7229293 Dec 9 2019 sonar-scm-svn-plugin-1.9.0.1295.jar -rw-r--r-- 1 sonarqube sonarqube 2239156 Dec 9 2019 sonar-typescript-plugin-1.9.0.3766.jar -rw-r--r-- 1 sonarqube sonarqube 3580236 Dec 9 2019 sonar-vbnet-plugin-7.15.0.8572.jar -rw-r--r-- 1 sonarqube sonarqube 2242738 Dec 9 2019 sonar-xml-plugin-2.0.1.2020.jar

安装插件也可以将相关的jar包放在该目录。

安装汉化插件

4. jenkins服务器部署扫描器sonar-scanner

jenkins服务器上,博文使用的安装包下载地址:sonar-scanner-cli-4.3.0.2102-linux.zip 准备scanner包:

bash
root@jenkins:~# ll /usr/local/src/sonar-scanner-cli-4.3.0.2102-linux.zip -rw-r--r-- 1 root root 42393648 Aug 12 12:13 /root/sonar-scanner-cli-4.3.0.2102-linux.zip root@jenkins:~# unzip sonar-scanner-cli-4.3.0.2102-linux.zip root@jenkins:/usr/local/src# ln -sv /usr/local/src/sonar-scanner-4.3.0.2102-linux/ /usr/local/sonar-scanner-4.3.0 '/usr/local/sonar-scanner-4.3.0' -> '/usr/local/src/sonar-scanner-4.3.0.2102-linux/'

修改配置文件:

bash
root@jenkins:/usr/local/sonar-scanner-4.3.0/conf# cat sonar-scanner.properties #Configure here general information about the environment, such as SonarQube server connection details for example #No information about specific project should appear here #----- Default SonarQube server sonar.host.url=http://192.168.0.216:9000 #----- Default source code encoding sonar.sourceEncoding=UTF-8

扫描: 博文使用的源码包下载地址:sonar-examples-master.zip

bash
#准备待扫码的代码,官网提供测试使用 sonar-examples-master 解压 在项目下定义扫描配置: root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# cat sonar-project.properties # Required metadata sonar.projectKey=org.sonarqube:python-simple-sonar-scanner sonar.projectName=Python :: Simple Project : SonarQube Scanner sonar.projectVersion=1.0 # Comma-separated paths to directories with sources (required) # 相对路径 sonar.sources=src # Language # 定义语言类型 sonar.language=py # Encoding of the source files # 编码 sonar.sourceEncoding=UTF-8 ## 在想扫描的文件下直接运行sonar-scanner root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# /usr/local/sonar-scanner-4.3.0/bin/sonar-scanner 出现INFO: EXECUTION SUCCESS字样表示完成

查看扫描结果: 可以通过前面搭建的sonarqube的web页面进行查看。 image-20201101123554179

jenkins插件扫描(难以自定义相关路径,不推荐。) 安装插件 image-20201101132057802

安装完成会出现相关配置项

  1. 告诉jenkin,sonarqube服务器的位置 image-20201101132949850
  2. 让jenkins添加sonar-scanner扫描器 jebkins-系统管理-全局工具配置 image-20201101133537866
  3. 在job里配置项目属性 jod-配置-构建 image-20201101134139806 image-20201101134352534

排错

1. 未关闭服务,直接关机导致服务无法启动。

bash
启动日志片段:tail -f /usr/local/sonarqube/logs/*.log --> Wrapper Started as Daemon Launching a JVM... Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved. 2020.11.01 11:55:45 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /usr/local/src/sonarqube-7.9.2/temp #需要创建一个temp文件,但是这个文件是root权限的,普通用户无法删除 2020.11.01 11:55:45 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001 2020.11.01 11:55:45 ERROR app[][o.s.a.p.ManagedProcessHandler] Fail to launch process [es] java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file # 直接错误原因。 at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53) at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152) at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84) at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192) at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72) at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190) at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142) at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134) at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108) at org.sonar.application.App.start(App.java:69) at org.sonar.application.App.main(App.java:96) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219) at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478) at java.base/java.nio.file.Files.newOutputStream(Files.java:219) at java.base/java.nio.file.Files.write(Files.java:3424) at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51) ... 16 common frames omitted 2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Process[es] is stopped 2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Hard stopping SonarQube 2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped WrapperSimpleApp: Encountered an error running main: java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53) at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152) at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84) at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192) at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72) at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190) at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142) at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134) at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108) at org.sonar.application.App.start(App.java:69) at org.sonar.application.App.main(App.java:96) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219) at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478) at java.base/java.nio.file.Files.newOutputStream(Files.java:219) at java.base/java.nio.file.Files.write(Files.java:3424) at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51) ... 16 more <-- Wrapper Stopped

处理办法:

  1. 直接删除/usr/local/src/sonarqube-7.9.2/temp 文件
  2. 给该文件设置权限:chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R

本文作者:mykernel

本文链接:

版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!