质量平台-sonarlint-接入项目gitlab配置

一、git相关配置

1、项目增加sonar账号，角色developer。用于拉取代码和执行sonarqube检查

2、merge requests配置，pipelines must succeed  (阻断merge)

3、webhook配置

URL：http://qa.rd.com/sonar/gitCallBack

如果是java项目mvn项目，则配置：Secret token：java

如果是前端项目react项目，则配置：Secret token：react

事件勾选，push events、merge request events

4、CICD，gitlab runner配置

允许使用共享runner

5、pipeline顺序运行

6、保护分支设定

master需要做强制保护，不允许直接push进入，其他分支可以视项目而定，严格程度来讲，只能通过merge进入，防止人为提交代码进入

二、历史版本生成

前提条件：

当前接入项目不存在进行中的merge request，检查方式，比如http://gitlab.rd.com/qike_back_end/scrm-websocket-parent/-/merge_requests

1、在接入工程的dev分支新增gitlab-ci.yml文件

创建.gitlab-ci.yml，内容如下

# This file is a template, and might need editing before it works on your project.
# This is a sample GitLab CI/CD configuration file that should run without any modifications.
# It demonstrates a basic 3 stage CI/CD pipeline. Instead of real tests or scripts,
# it uses echo commands to simulate the pipeline execution.
#
# A pipeline is composed of independent jobs that run scripts, grouped into stages.
# Stages run in sequential order, but jobs within stages run in parallel.
#
# For more information, see: https://docs.gitlab.com/ee/ci/yaml/README.html#stages
 
stages:          # List of stages for jobs, and their order of execution
  - scan
 
sonar-merge:
  stage: scan
  script:
    - echo "merge"
    - /var/opt/sonar-merge-check.sh
    - echo "merge over"
  only:
    - merge_requests
  tags:
    - share-runner-1
 

2、发起一次dev到master的merge，并merge完成。此步骤为了生成历史版本的merge request版本

三、质量平台使用

地址：http://qa.rd.com/#/sonar

登录LDAP账号： chentaolian(无须邮箱)

四、sonar平台

地址：http://172.30.100.251:9000/projects

账号：dev

密码：123456