Merge branch 'tautaus:FinalProject_main' into FinalProject_main

.gitignore

@@ -15,3 +15,11 @@ _site/
 !petclinic.css
 zap-report/*
 .DS_Store
+sonarqube_data
+sonarqube_extensions
+sonarqube_logs
+sonarqube_bundled-plugins
+sonarqube_conf
+jenkins_data
+postgresql
+postgresql_data

docker-compose_spring-petclinic.yml

@@ -65,20 +65,65 @@ services:
     depends_on:
       - petclinic
 
-  sonarqube:
+  db:
-    image: sonarqube:latest
+    image: postgres:12
-    ports:
+    environment:
-      - "9000:9000"
+      POSTGRES_USER: sonar
+      POSTGRES_PASSWORD: sonar
+    volumes:
+      - ./postgresql:/var/lib/postgresql
+      - ./postgresql_data:/var/lib/postgresql/data
     networks:
       - custom-network
-    depends_on:
-      - petclinic
 
+  sonarqube:
+    image: sonarqube:community
+    depends_on:
+      - db
+    environment:
+      SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
+      SONAR_JDBC_USERNAME: sonar
+      SONAR_JDBC_PASSWORD: sonar
+    volumes:
+      - ./sonarqube_conf:/opt/sonarqube/conf
+      - ./sonarqube_data:/opt/sonarqube/data
+      - ./sonarqube_logs:/opt/sonarqube/logs
+      - ./sonarqube_extensions:/opt/sonarqube/extensions
+      - ./sonarqube_bundled-plugins:/opt/sonarqube/lib/bundled-plugins
+    ports:
+      - "9000:9000"
+      - "9092:9092"
+    networks:
+      - custom-network
+
+
+
+  sonarscanner:
+    image: sonarsource/sonar-scanner-cli
+
+    # need this for macOS Apple M1
+#    platform: linux/amd64
+    networks:
+      - custom-network
+    volumes:
+      - ./:/usr/src
+    environment:
+      - SONAR_HOST_URL=http://sonarqube:9000/
+      - SONAR_TOKEN=$MY_SONAR_TOKEN
+    depends_on:
+      - sonarqube
 
 volumes:
   prometheus_data:
   grafana_data:
   jenkins_data:
+  sonarqube_conf:
+  sonarqube_data:
+  sonarqube_logs:
+  sonarqube_extensions:
+  sonarqube_bundled-plugins:
+  postgresql:
+  postgresql_data:
 
 networks:
   custom-network:

readme.md

@@ -1,4 +1,4 @@
-# Getting started
+# Getting started - Final Project
 
 ## Running a build pipeline
 
@@ -92,3 +92,39 @@ docker exec -it  spring-petclinic-petclinic-1  bash
     - Go back to the Jenkins dashboard.
     - Select your pipeline job.
     - Click on **Build Now** to run the pipeline.
+
+## Steps 3: Running Static Analysis with Sonarqube
+1. Access Sonarqube: Open [http://localhost:9000](http://localhost:9000) and set up Sonarqube. Install the suggested plugins.
+
+2. Login to Sonarqube with the following user and password:
+    - Username: admin
+    - Password: admin (update password when prompted after login)
+
+3. Create project on Sonarqube
+    - Navigate over to create project
+    - set the following variables:
+        Project display name = petclinic
+        Project key = petclinic
+        Main branch name = main
+    - Choose the following option: global branch setting
+    - Choose the following Analysis Method: Locally
+    - Generate a project token
+
+3. Set sonar token
+    - Copy the generated project token to clipboard
+    - In your workspace, set the token environment variable (MY_SONAR_TOKEN)
+
+        ```bash
+            export MY_SONAR_TOKEN=<paste_token_here>
+    ```
+
+4. Run static analysis
+
+        ```bash
+            docker run \                                              
+                --rm \
+                -e SONAR_HOST_URL=http://sonarqube:9000/ \
+                -e SONAR_TOKEN=$MY_SONAR_TOKEN \
+                -v "./:/usr/src" --network=spring-petclinic_custom-network\
+                sonarsource/sonar-scanner-cli
+    ```

sonar-project.properties

@@ -0,0 +1,5 @@
+sonar.projectKey=petclinic
+sonar.projectName=petclinic
+sonar.projectVersion=1.0
+sonar.sources=.
+sonar.exclusions=**/*.java