1
0
mirror of https://github.com/tektoncd/catalog.git synced 2024-11-25 06:17:50 +00:00
catalog/task/sonarqube-scanner/0.1
PuneetPunamiya 5a3e5f630f Adds category field as an annotation as tekton.dev/categories
- Initially all tags were mapped to categories in Hub,
     for e.g. config.yaml: https://github.com/tektoncd/hub/blob/master/config.yaml,
     so whenever a new tag was added in a task it was mapped to a category called `others`.
     Hence before every release we had to manually map these new tags to some category,
     hence after the discussion in Catalog and Hub WG, a proposal was created for adding
     a category as an annotation.

   - PR to update the TEP-0003-Tekton Catalog Organization: https://github.com/tektoncd/community/pull/352

Signed-off-by: Puneet Punamiya <ppunamiy@redhat.com>
2021-07-26 13:15:08 +01:00
..
samples Modifies directory names based on the proposal 2020-07-14 19:01:58 +01:00
README.md Improves url links in the README 2021-05-24 17:47:52 +01:00
sonarqube-scanner.yaml Adds category field as an annotation as tekton.dev/categories 2021-07-26 13:15:08 +01:00

SonarQube

SonarQube™ is the leading tool for continuously inspecting the Code Quality and Security™ of your codebases, all while empowering development teams. Analyze over 25 popular programming languages including C#, VB.Net, JavaScript, TypeScript and C++. It detects bugs, vulnerabilities and code smells across project branches and pull requests.

The following task can be used to perform static analysis on the source code provided the SonarQube server is hosted.

For creating your own sonar-project.properties please follow the guide here. Sample properties file can be found here

Install the Task

kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/sonarqube-scanner/0.1/sonarqube-scanner.yaml

Pre-requisite

Install the git-clone task from the catalog

https://raw.githubusercontent.com/tektoncd/catalog/v1beta1/git/git-clone.yaml

Parameters

  • SONAR_HOST_URL: Host URL where the sonarqube server is running
  • SONAR_PROJECT_KEY: Project's unique key

Note

: Parameters are provided in that case when we want to override the corresponding values in sonar-project.properties or there is no sonar-project.properties present for the project which needs to be analyzed

Workspaces

  • source-dir: PersistentVolumeClaim-type so that volume can be shared among git-clone and sonarqube task. Sample PVC can be found here

  • sonar-settings: To mount the sonar-project.properties via the ConfigMap. (Default : emptyDir:{})

    To mount via the ConfigMap:

    kubectl create configmap sonar-properties --from-file="sonar-project.properties"
    

Running SonarQube Server locally using Docker

  1. Boot SonarQube

    docker run --name="sonarqube" -d sonarqube
    
  2. Get the IP address exposed by docker image to access sonarqube server

    docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container_id or container_name>
    

Sample IPAddress we will obtain using above command is like http://172.17.0.2:9000

Usage

  1. sonar-project.properties present in Github Repository. For example :- following repo contains the properties file and Sonar Host URL needs to be updated via the params. The sample run for this scenario can be found here

  2. In case when no sonar-project.properties file is present then above two parameters are mandatory to create a sonar-project.properties file with the required fields or the file can be mounted via the ConfigMap.

---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: sonarqube-pipeline
spec:
  workspaces:
    - name: shared-workspace
    - name: sonar-settings
  tasks:
    - name: fetch-repository
      taskRef:
        name: git-clone
      workspaces:
        - name: output
          workspace: shared-workspace
      params:
        - name: url
          value: https://github.com/vinamra28/replace-tokens-plugin
        - name: subdirectory
          value: ""
        - name: deleteExisting
          value: "true"
    - name: code-analysis
      taskRef:
        name: sonarqube-scanner
      runAfter:
        - fetch-repository
      params:
        - name: SONAR_HOST_URL
          value: http://172.17.0.2:9000
        - name: SONAR_PROJECT_KEY
          value: testapp
      workspaces:
        - name: source-dir
          workspace: shared-workspace
        - name: sonar-settings
          workspace: sonar-settings
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: sonarqube-run
spec:
  pipelineRef:
    name: sonarqube-pipeline
  workspaces:
    - name: shared-workspace
      persistentvolumeclaim:
        claimName: sonar-source-pvc
    - name: sonar-settings
      emptyDir: {}