请注意,本文编写于 946 天前,最后修改于 946 天前,其中某些信息可能已经过时。
目录
0. 准备工作
基础环境 宿主机环境:Ubuntu 18.04.4 LTS 安装版本:sonarqube-7.9.2.zip 安装目录:/home/sonarqube java版本:openjdk version "11.0.9" 2020-10-20 数据库:psql (PostgreSQL) 10.14 (Ubuntu 10.14-0ubuntu0.18.04.1)
内核参数修改
bashvim /etc/sysctl.conf
#sonar参数优化
vm.max_map_count=262144
fs.file-max=65536
#生效
sysctl -p
创建启动用户:
bash# sonarqube不能使用root用户启动
useradd -r -m -s /bin/bash sonarqube
# 修改资源限制:
vim /etc/security/limits.conf
sonarqube - nofile 65536
sonarqube - nproc 65536
1. 安装PostgreSQL
查看支持的版本:
bashroot@sonar:/usr/local/src# apt-cache madison postgresql
安装pgsql默认系统支持版本:
bashroot@sonar:/usr/local/src# apt install postgresql
配置pgsql:
bash#进入postgres创建数据库和用户
root@sonar:/usr/local/src# su - postgres
postgres@sonar:~$ psql -U postgres
#创建数据库
postgres=# CREATE DATABASE sonar;
#创建用户
postgres=# CREATE USER sonar WITH ENCRYPTED PASSWORD '123456';
#授权
postgres=# GRANT ALL PRIVILEGES ON DATABASE sonar TO sonar;
#授权生效
postgres=# ALTER DATABASE sonar OWNER TO sonar;
#修改配置文件
修改数据库监听地址:vim /etc/postgresql/10/main/postgresql.conf
listen_addresses = '*' # what IP address(es) to listen on;
默认监听端口为5432
#开启远程访问:vim /etc/postgresql/10/main/pg_hba.conf
# IPv4 local connections:
host all all 0.0.0.0/0 md5
#重启pgsql:
root@sonar:/usr/local/src# systemctl restart postgresql
root@sonar:/usr/local/src# systemctl enable postgresql
Synchronizing state of postgresql.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable postgresql
#查看端口是否开启
root@sonar:/usr/local/src# ss -ntlp|grep 5432
LISTEN 0 224 0.0.0.0:5432 0.0.0.0:* users:(("postgres",pid=10080,fd=7))
LISTEN 0 224 [::]:5432 [::]:* users:(("postgres",pid=10080,fd=8))
2. 安装sonarqube
2.1 安装jdk11
bashroot@sonar:/usr/local/src# apt install openjdk-11-jdk
2.2 安装sonarqube
博文使用的安装包下载地址:sonarqube-7.9.2.zip
bashroot@sonar:/usr/local/src# unzip sonarqube-7.9.2.zip
root@sonar:/usr/local/src# ln -sv /usr/local/src/sonarqube-7.9.2 /usr/local/sonarqube
# 需要普通用户去启动,root不支持,会报错。
root@sonar:/usr/local/src# chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R
root@sonar:/usr/local/src# su - sonarqube
# 修改配置文件
sonarqube@sonar:/usr/local/sonarqube/conf$ vim sonar.properties
# 修改数据库密码
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
# 修改数据库连接地址
sonar.jdbc.url=jdbc:postgresql://192.168.0.216/sonar
#启动
sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh --help
Usage: ./sonar.sh { console | start | stop | force-stop | restart | status | dump }
sonarqube@sonar:/usr/local/sonarqube/bin/linux-x86-64# ./sonar.sh start
#访问
http://192.168.0.216:9000/about
默认用户名和密码:admin/admin
2.3 开机自启动
bash#配置服务
vim /etc/systemd/system/sonarqube.service
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=simple
User=sonarqube
Group=sonarqube
PermissionsStartOnly=true
ExecStart=/usr/bin/nohup /usr/bin/java -Xms2048m -Xmx2048m -Djava.net.preferIPv4Stack=true -jar /usr/local/sonarqube/lib/sonar-application-7.9.2.jar
StandardOutput=syslog
LimitNOFILE=65536
LimitNPROC=65536
TimeoutStartSec=5
Restart=always
[Install]
WantedBy=multi-user.target
#设置开机启动
systemctl daemon-reload
systemctl restart sonarqube
systemctl enable sonarqube
3. 汉化
去插件市场:http://192.168.0.216:9000/admin/marketplace => "Plugins" 搜索"chinese" 安装"Chinese Pack" 重启服务。 插件安装位置:
bashroot@sonar:/usr/local/sonarqube/extensions/plugins# ll
total 88048
drwxr-xr-x 2 sonarqube sonarqube 4096 Nov 1 11:03 ./
drwxr-xr-x 5 sonarqube sonarqube 4096 Nov 1 10:52 ../
-rw-r--r-- 1 sonarqube sonarqube 224 Dec 9 2019 README.txt
-rw-r--r-- 1 sonarqube sonarqube 287504 Dec 9 2019 sonar-auth-github-plugin-1.5.0.870.jar
-rw-r--r-- 1 sonarqube sonarqube 3388540 Dec 9 2019 sonar-auth-saml-plugin-1.1.0.181.jar
-rw-r--r-- 1 sonarqube sonarqube 4094975 Dec 9 2019 sonar-csharp-plugin-7.15.0.8572.jar
-rw-r--r-- 1 sonarqube sonarqube 7015434 Dec 9 2019 sonar-css-plugin-1.1.1.1010.jar
-rw-r--r-- 1 sonarqube sonarqube 1544789 Dec 9 2019 sonar-flex-plugin-2.5.1.1831.jar
-rw-r--r-- 1 sonarqube sonarqube 3903342 Dec 9 2019 sonar-go-plugin-1.1.1.2000.jar
-rw-r--r-- 1 sonarqube sonarqube 1727846 Dec 9 2019 sonar-html-plugin-3.1.0.1615.jar
-rw-r--r-- 1 sonarqube sonarqube 15098 Dec 9 2019 sonar-jacoco-plugin-1.0.2.475.jar
-rw-r--r-- 1 sonarqube sonarqube 8302745 Dec 9 2019 sonar-java-plugin-5.13.1.18282.jar
-rw-r--r-- 1 sonarqube sonarqube 6866969 Dec 9 2019 sonar-javascript-plugin-5.2.1.7778.jar
-rw-r--r-- 1 sonarqube sonarqube 7595999 Dec 9 2019 sonar-kotlin-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 49222 Nov 1 11:02 sonar-l10n-zh-plugin-1.29.jar
-rw-r--r-- 1 sonarqube sonarqube 300503 Dec 9 2019 sonar-ldap-plugin-2.2.0.608.jar
-rw-r--r-- 1 sonarqube sonarqube 5105268 Dec 9 2019 sonar-php-plugin-3.2.0.4868.jar
-rw-r--r-- 1 sonarqube sonarqube 2752167 Dec 9 2019 sonar-python-plugin-1.14.1.3143.jar
-rw-r--r-- 1 sonarqube sonarqube 10036210 Dec 9 2019 sonar-ruby-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 9202024 Dec 9 2019 sonar-scala-plugin-1.5.0.315.jar
-rw-r--r-- 1 sonarqube sonarqube 2622236 Dec 9 2019 sonar-scm-git-plugin-1.8.0.1574.jar
-rw-r--r-- 1 sonarqube sonarqube 7229293 Dec 9 2019 sonar-scm-svn-plugin-1.9.0.1295.jar
-rw-r--r-- 1 sonarqube sonarqube 2239156 Dec 9 2019 sonar-typescript-plugin-1.9.0.3766.jar
-rw-r--r-- 1 sonarqube sonarqube 3580236 Dec 9 2019 sonar-vbnet-plugin-7.15.0.8572.jar
-rw-r--r-- 1 sonarqube sonarqube 2242738 Dec 9 2019 sonar-xml-plugin-2.0.1.2020.jar
安装插件也可以将相关的jar包放在该目录。
4. jenkins服务器部署扫描器sonar-scanner
jenkins服务器上,博文使用的安装包下载地址:sonar-scanner-cli-4.3.0.2102-linux.zip 准备scanner包:
bashroot@jenkins:~# ll /usr/local/src/sonar-scanner-cli-4.3.0.2102-linux.zip
-rw-r--r-- 1 root root 42393648 Aug 12 12:13 /root/sonar-scanner-cli-4.3.0.2102-linux.zip
root@jenkins:~# unzip sonar-scanner-cli-4.3.0.2102-linux.zip
root@jenkins:/usr/local/src# ln -sv /usr/local/src/sonar-scanner-4.3.0.2102-linux/ /usr/local/sonar-scanner-4.3.0
'/usr/local/sonar-scanner-4.3.0' -> '/usr/local/src/sonar-scanner-4.3.0.2102-linux/'
修改配置文件:
bashroot@jenkins:/usr/local/sonar-scanner-4.3.0/conf# cat sonar-scanner.properties
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here
#----- Default SonarQube server
sonar.host.url=http://192.168.0.216:9000
#----- Default source code encoding
sonar.sourceEncoding=UTF-8
扫描: 博文使用的源码包下载地址:sonar-examples-master.zip
bash#准备待扫码的代码,官网提供测试使用
sonar-examples-master
解压
在项目下定义扫描配置:
root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# cat sonar-project.properties
# Required metadata
sonar.projectKey=org.sonarqube:python-simple-sonar-scanner
sonar.projectName=Python :: Simple Project : SonarQube Scanner
sonar.projectVersion=1.0
# Comma-separated paths to directories with sources (required)
# 相对路径
sonar.sources=src
# Language
# 定义语言类型
sonar.language=py
# Encoding of the source files
# 编码
sonar.sourceEncoding=UTF-8
## 在想扫描的文件下直接运行sonar-scanner
root@jenkins:/opt/data/sonar-examples-master/projects/languages/python/python-sonar-runner# /usr/local/sonar-scanner-4.3.0/bin/sonar-scanner
出现INFO: EXECUTION SUCCESS字样表示完成
查看扫描结果:
可以通过前面搭建的sonarqube的web页面进行查看。
jenkins插件扫描(难以自定义相关路径,不推荐。)
安装插件
安装完成会出现相关配置项
- 告诉jenkin,sonarqube服务器的位置
- 让jenkins添加sonar-scanner扫描器
jebkins-系统管理-全局工具配置
- 在job里配置项目属性
jod-配置-构建
排错
1. 未关闭服务,直接关机导致服务无法启动。
bash启动日志片段:tail -f /usr/local/sonarqube/logs/*.log
--> Wrapper Started as Daemon
Launching a JVM...
Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
2020.11.01 11:55:45 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /usr/local/src/sonarqube-7.9.2/temp #需要创建一个temp文件,但是这个文件是root权限的,普通用户无法删除
2020.11.01 11:55:45 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
2020.11.01 11:55:45 ERROR app[][o.s.a.p.ManagedProcessHandler] Fail to launch process [es]
java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file # 直接错误原因。
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53)
at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152)
at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84)
at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192)
at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72)
at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190)
at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142)
at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134)
at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108)
at org.sonar.application.App.start(App.java:69)
at org.sonar.application.App.main(App.java:96)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:219)
at java.base/java.nio.file.Files.write(Files.java:3424)
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51)
... 16 common frames omitted
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Process[es] is stopped
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] Hard stopping SonarQube
2020.11.01 11:55:45 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped
WrapperSimpleApp: Encountered an error running main: java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file
java.lang.IllegalStateException: Cannot write Elasticsearch yml settings file
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:53)
at org.sonar.application.ProcessLauncherImpl.writeConfFiles(ProcessLauncherImpl.java:152)
at org.sonar.application.ProcessLauncherImpl.launch(ProcessLauncherImpl.java:84)
at org.sonar.application.SchedulerImpl.lambda$tryToStartProcess$2(SchedulerImpl.java:192)
at org.sonar.application.process.ManagedProcessHandler.start(ManagedProcessHandler.java:72)
at org.sonar.application.SchedulerImpl.tryToStartProcess(SchedulerImpl.java:190)
at org.sonar.application.SchedulerImpl.tryToStartEs(SchedulerImpl.java:142)
at org.sonar.application.SchedulerImpl.tryToStartAll(SchedulerImpl.java:134)
at org.sonar.application.SchedulerImpl.schedule(SchedulerImpl.java:108)
at org.sonar.application.App.start(App.java:69)
at org.sonar.application.App.main(App.java:96)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.nio.file.AccessDeniedException: /usr/local/src/sonarqube-7.9.2/temp/conf/es/elasticsearch.yml
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:219)
at java.base/java.nio.file.Files.write(Files.java:3424)
at org.sonar.application.es.EsYmlSettings.writeToYmlSettingsFile(EsYmlSettings.java:51)
... 16 more
<-- Wrapper Stopped
处理办法:
- 直接删除/usr/local/src/sonarqube-7.9.2/temp 文件
- 给该文件设置权限:chown sonarqube.sonarqube /usr/local/sonarqube /usr/local/src/sonarqube-7.9.2 -R
本文作者:mykernel
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
目录