From 2d5bd081abfd67f2594da115a2da420b98d820d4 Mon Sep 17 00:00:00 2001 From: bossardme Date: Sat, 27 Jul 2024 19:12:56 -0700 Subject: [PATCH] updated readme for sonarqube --- docker-compose_spring-petclinic.yml | 1 + readme.md | 36 +++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/docker-compose_spring-petclinic.yml b/docker-compose_spring-petclinic.yml index 32f18431e..7771d2831 100644 --- a/docker-compose_spring-petclinic.yml +++ b/docker-compose_spring-petclinic.yml @@ -107,6 +107,7 @@ services: - ./:/usr/src environment: - SONAR_HOST_URL=http://sonarqube:9000/ + - SONAR_TOKEN=$MY_SONAR_TOKEN depends_on: - sonarqube diff --git a/readme.md b/readme.md index 7b03f1f8a..f08a24cab 100644 --- a/readme.md +++ b/readme.md @@ -92,3 +92,39 @@ docker exec -it spring-petclinic-petclinic-1 bash - Go back to the Jenkins dashboard. - Select your pipeline job. - Click on **Build Now** to run the pipeline. + +## Steps 3: Running Static Analysis with Sonarqube +1. Access Sonarqube: Open [http://localhost:9000](http://localhost:9000) and set up Sonarqube. Install the suggested plugins. + +2. Login to Sonarqube with the following user and password: + - Username: admin + - Password: admin (update password when prompted after login) + +3. Create project on Sonarqube + - Navigate over to create project + - set the following variables: + Project display name = petclinic + Project key = petclinic + Main branch name = main + - Choose the following option: global branch setting + - Choose the following Analysis Method: Locally + - Generate a project token + +3. Set sonar token + - Copy the generated project token to clipboard + - In your workspace, set the token environment variable (MY_SONAR_TOKEN) + + ```bash + export MY_SONAR_TOKEN= + ``` + +4. Run static analysis + + ```bash + docker run \ + --rm \ + -e SONAR_HOST_URL=http://sonarqube:9000/ \ + -e SONAR_TOKEN=$MY_SONAR_TOKEN \ + -v "./:/usr/src" --network=spring-petclinic_custom-network\ + sonarsource/sonar-scanner-cli + ``` \ No newline at end of file