Jenkins集成openshift容器中进行代码扫描
Posted mascot1
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Jenkins集成openshift容器中进行代码扫描相关的知识,希望对你有一定的参考价值。
1.Dockerfile
sonarDockerfile: (基础slave镜像参考上篇博文)
FROM registry.it.com/openshift/jenkins-slave:latest #tool maven ADD apache-maven-3.5.0.tar.gz /usr/local/ #tool sonar ADD sonar-scanner.tar.gz /usr/local/
2.Jenkinsfile
def label = "mypod-${UUID.randomUUID().toString()}" //代码扫描 def SonarScan(projectType,skipSonar,srcDir,serviceName){ def scanHome = "/usr/local/sonar-scanner" if (projectType == ‘java‘){ if ("${buildType}" == ‘gradle‘){ codepath = ‘build/classes‘ } else{ codepath = ‘target/classes‘ } try { sh """ cd ${srcDir} ${scanHome}/bin/sonar-scanner -Dsonar.projectName=${serviceName} -Dsonar.projectKey=${serviceName} -Dsonar.sources=src/main -Dsonar.tests=src/test -Dsonar.language=java -Dsonar.sourceEncoding=UTF-8 -Dsonar.java.binaries=${codepath} -Dsonar.java.coveragePlugin=jacoco -Dsonar.jacoco.reportPath=target/jacoco.exec -Dsonar.junit.reportsPath=target/surefire-reports -Dsonar.surefire.reportsPath=target/surefire-reports -Dsonar.projectDescription=‘devopsdevops‘ """ } catch (e){ currentBuild.description="代码扫描失败!" error ‘代码扫描失败!‘ } } } //docker podTemplate( label: label, cloud: ‘kubernetes‘, containers: [ containerTemplate( name: ‘jnlp‘, image: ‘registry.it.com/openshift/slave-maven-sonar-jdk8u111:latest‘, ttyEnabled: true, privileged: false, alwaysPullImage: true, args: ‘${computer.jnlpmac} ${computer.name}‘, resourceRequestCpu: ‘8000m‘, resourceLimitCpu: ‘8000m‘, resourceRequestMemory: ‘16Gi‘, resourceLimitMemory: ‘16Gi‘, envVars: [ envVar(key: ‘PATH‘, value: ‘/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/apache-maven-3.5.0/bin‘), envVar(key: ‘CLASS_PATH‘, value: ‘/docker-java-home/jre/lib/rt.jar:/docker-java-home/jre/lib/dt.jar:/docker-java-home/jre/lib/tools.jar‘)] ) ], volumes: [persistentVolumeClaim(mountPath: ‘/etc/data/‘, claimName: ‘jenkins‘)], //idleMinutes: ‘60‘, //activeDeadlineSeconds: ‘60‘, slaveConnectTimeout: ‘60‘ ){ node(label) { ws("${workspace}"){ stage(‘GetCode‘){ ....... } stage(‘Build‘){ ....... } stage(‘CodeScan‘){ SonarScan(‘java‘,skipSonar,srcDir,serviceName) } } } }
以上是关于Jenkins集成openshift容器中进行代码扫描的主要内容,如果未能解决你的问题,请参考以下文章