5a3e5f630f
- Initially all tags were mapped to categories in Hub, for e.g. config.yaml: https://github.com/tektoncd/hub/blob/master/config.yaml, so whenever a new tag was added in a task it was mapped to a category called `others`. Hence before every release we had to manually map these new tags to some category, hence after the discussion in Catalog and Hub WG, a proposal was created for adding a category as an annotation. - PR to update the TEP-0003-Tekton Catalog Organization: https://github.com/tektoncd/community/pull/352 Signed-off-by: Puneet Punamiya <ppunamiy@redhat.com> |
||
---|---|---|
.. | ||
samples | ||
README.md | ||
sonarqube-scanner.yaml |
SonarQube
SonarQube™ is the leading tool for continuously inspecting the Code Quality and Security™ of your codebases, all while empowering development teams. Analyze over 25 popular programming languages including C#, VB.Net, JavaScript, TypeScript and C++. It detects bugs, vulnerabilities and code smells across project branches and pull requests.
The following task can be used to perform static analysis on the source code provided the SonarQube server is hosted.
For creating your own sonar-project.properties
please follow the guide here. Sample properties file can be found here
Install the Task
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/sonarqube-scanner/0.1/sonarqube-scanner.yaml
Pre-requisite
Install the git-clone
task from the catalog
https://raw.githubusercontent.com/tektoncd/catalog/v1beta1/git/git-clone.yaml
Parameters
- SONAR_HOST_URL: Host URL where the sonarqube server is running
- SONAR_PROJECT_KEY: Project's unique key
Note
: Parameters are provided in that case when we want to override the corresponding values in
sonar-project.properties
or there is nosonar-project.properties
present for the project which needs to be analyzed
Workspaces
-
source-dir:
PersistentVolumeClaim
-type so that volume can be shared among git-clone and sonarqube task. Sample PVC can be found here -
sonar-settings: To mount the
sonar-project.properties
via theConfigMap
. (Default :emptyDir:{}
)To mount via the
ConfigMap
:kubectl create configmap sonar-properties --from-file="sonar-project.properties"
Running SonarQube Server locally using Docker
-
Boot SonarQube
docker run --name="sonarqube" -d sonarqube
-
Get the IP address exposed by docker image to access sonarqube server
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container_id or container_name>
Sample IPAddress we will obtain using above command is like http://172.17.0.2:9000
Usage
-
sonar-project.properties
present in Github Repository. For example :- following repo contains the properties file and Sonar Host URL needs to be updated via theparams
. The sample run for this scenario can be found here -
In case when no
sonar-project.properties
file is present then above two parameters are mandatory to create asonar-project.properties
file with the required fields or the file can be mounted via theConfigMap
.
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: sonarqube-pipeline
spec:
workspaces:
- name: shared-workspace
- name: sonar-settings
tasks:
- name: fetch-repository
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-workspace
params:
- name: url
value: https://github.com/vinamra28/replace-tokens-plugin
- name: subdirectory
value: ""
- name: deleteExisting
value: "true"
- name: code-analysis
taskRef:
name: sonarqube-scanner
runAfter:
- fetch-repository
params:
- name: SONAR_HOST_URL
value: http://172.17.0.2:9000
- name: SONAR_PROJECT_KEY
value: testapp
workspaces:
- name: source-dir
workspace: shared-workspace
- name: sonar-settings
workspace: sonar-settings
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: sonarqube-run
spec:
pipelineRef:
name: sonarqube-pipeline
workspaces:
- name: shared-workspace
persistentvolumeclaim:
claimName: sonar-source-pvc
- name: sonar-settings
emptyDir: {}