Gitlab Step w/ Sonar

Once with running docker images inside a continuation integration pipeline, things got to a new level.

One improvement, we can see it for static code analysis, where there is no need of having a separate instance of sonar, we can have it on the fly.

So, to have a step for this scenario, the CI pipeline, will need to:

  • lunch a Sonar instance
  • maybe add some configurations/plugins
  • run static analysis with the sonar instance
  • using Sonar API to retrieve the entire coverage
    - docker run -d --name sonarqube-$CI_BUILD_ID sonarqube

# if we want to add a plugin just copy it to the running image / eg. sonar
    - wget
    - docker cp sonar-gitlab-plugin-3.0.2.jar sonarqube-$CI_BUILD_ID:/opt/sonarqube/extensions/plugins/sonar-gitlab-plugin-3.0.2.jar
    - docker restart sonarqube-$CI_BUILD_ID

# normal step run test &amp; sonar analysis, giving the path to the sonar instance
    - export SONAR_IP=`docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' sonarqube-$CI_BUILD_ID`
    - ./gradlew test sonarqube$SONAR_IP:9000</code>

The additional scripts used by this step are the following:


# Inspired from


function jsonval {
    temp=`echo $json | sed 's/\\\\\//\//g' | sed 's/&#91;{}]//g' | awk -v k="text" '{n=split($0,a,","); for (i=1; i&lt;=n; i++) print a&#91;i]}' | sed 's/\"\:\"/\|/g' | sed 's/&#91;\,]/ /g' | sed 's/\"//g' | grep -w $PROP`
    echo ${temp##*|}

json=`curl -u admin:admin -d "name=$NAME" -H "Content-Type: application/x-www-form-urlencoded" -X POST http://$SONAR_IP:9000/api/user_tokens/generate`


echo $data</code>

And `` uses two scripts (maybe with time I will update them)

  • The bash scripts calls a specific python script with the coverage details retrieved from SONAR



sonar=$(curl -u $SONAR_TOKEN: "$2/api/measures/component?component=d2&amp;metricKeys=coverage")

echo $sonar

exitValue=$(python ci/ $sonar 2&gt;&amp;1)

echo $exitValue

exit $exitValue</code>

The python script `` will validate if the coverage retrieved from sonar fulfills or not, the expected value of the project

<code>import json
import sys
from decimal import Decimal

resp = json.loads(sys.argv&#91;1])

# extract the coverage value
val = Decimal(resp&#91;'component']&#91;'measures']&#91;0]&#91;'value'])

if val &gt;= 80:
    print 0
    print 1</code>

When the entire step is finished, it will be nice to do some cleanup.

<code>  after_script:
    - docker stop sonarqube-$CI_BUILD_ID
    - docker rm sonarqube-$CI_BUILD_ID

1 comment

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.