Skip to main content

Secure nginx with Let's Encrypt on Ubuntu 18.04

Analize code with Sonar Scanner - Linux Guru

Setting Up the SonarCode Scanner.

SonarQube's code scanner is a package that you can install on different machine, it's not good idea to install it with sonarqube server, You can install it on testing setver or in your local machine. There are packages available for Windows, MacOS, and Linux which you can find at the SonarQube web site. In the previous article we have setup Sonarqube server on kubernetes. Click here to read the post.
  • Create a directory for sonar scanner
mkdir /opt/sonarscanner
cd /opt/sonarscanner

Download the SonarQube scanner for Linux using wget. you can download as per your OS.

wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip

Unzip, Extract the scanner.

unzip sonar-scanner-cli-3.2.0.1227-linux.zip
After that, we have to modify a few settings to get the scanner working with our server install. Edit the configuration file and un-comment the line starting with sonar.host.url and add yours.
vim sonar-scanner-3.2.0.1227-linux/conf/sonar-scanner.properties
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here

#----- Default SonarQube server
#add your sonarqube server ip.
sonar.host.url=https://mysonarqube.com

#----- Default source code encoding
#sonar.sourceEncoding=UTF-8

Make the binary executable.

chmod +x sonar-scanner-3.2.0.1227-linux/bin/sonar-scanner

Create the symbolic link so that you don't need to specify full path.

ln -s /opt/sonarscanner/sonar-scanner-3.2.0.1227-linux/bin/sonar-scanner /usr/local/bin/sonar-scanner
Now the scanner is up and running, Now run your fisrt code scan.

Run code scan for your project.

Go to your project directory and create a file name "sonar-project.properties", Define the project name, Project key, project version and the current directory.
sonar.projectKey=my-project
sonar.projectName=my-project
sonar.projectVersion=1.0

sonar.sources=.
Now you can run the code scan from your machine. To run code scan you will need token of the sonarqube server. So create sonarsqube user token first.
Go to My account > Security and generate the token.

Run the code scan now.

sonar-scanner -D sonar.login=your_token_here
Once the scan is complete, you'll see a summary screen similar to this:
INFO: Task total time: 7.933 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 19.249s
INFO: Final Memory: 19M/296M
And the project's code quality report will now be on the SonarQube dashboard. You can check it on your sonarqube server.


Gitlab CI/CD integration with SonarQube.

As with sonnar-scanner, you will need to have a sonar.properties file in your project's root folder. To run the scan, add the following to your gitlab-ci.yml
For preview mode :
preview_mode:
  image: emeraldsquad/sonar-scanner
  stage: analysis
  artifacts:
  script: sonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.unique_issue_per_inline=true

  only:
    - master
For analysis mode :
analysis_mode:
  image: emeraldsquad/sonar-scanner
  stage: analysis
  artifacts:
  script: sonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.unique_issue_per_inline=true

  only:
    - master

Variables :

SONAR_URL=URL
SONAR_TOKEN=YOURTOKEN

Comments

Popular posts from this blog

Another instance of Certbot is already running - Solved - Linux guru

Error : Another instance of Certbot is already runningcertbot --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns --installer nginx -d *.vishalvyas.com Another instance of Certbot is already running Reason : when you run certbot form your machine and unexpectedly stop the command, Then cert bot is not running but it left some .certbot.lock files behind.You need to kill the certbot instance form your machine. Solution : Run the below command to find killed certbot.find / -type f -name ".certbot.lock" You can see result of the command, If there are, you can remove them. Run below command to remove them.find / -type f -name ".certbot.lock" -exec rm {} \; And try again.

Install Apache Using Ansible Playbooks

Ansible is a automation tool which is widely used, you can install and install, configure and manage number of system and services remotely. you can install software and manage services and tasks without needing manually log in to each servers. you have to install ansible in one machine and use ssh to communicate host each other.



Ansible uses Playbooks which is written in YAML format. it's uses module base format. with playbook can run multiple tasks at time and provide more advance functionality, YAML file always start with "---" syntax. In this article we will see how to install and configure apahce2 using ansible YAML script. Master server : 10.80.253.11 [Ansible server, ] Slave 1 : 10.80.253.12 [need to install apache2 in slave 1] Slave 2 : 10.80.253.13 [need to install apache2 in slave 2] We need to configure slave server info in our ansible configuration file, click here to know how to add client machine to ansible. Let's update our apache2.yml file and install…

Create aws s3 bucket using cli

In this article i will explain you to how to manage s3 bucket and objects using AWS cli command line interface. for that you will have to configure AWS cli interface to your local linux machine. You can configure cli from. HERE.




After configured aws cli to your local machine, you can run all below commands. How to create bucket using AWS Cli.root@master:~# aws s3 mb s3://linuxgurubucket make_bucket: linuxgurubucket Listing Bucket : To list all bucket : root@master:~# aws s3 ls 2018-05-01 15:28:37 linuxgurubucket To list all objects from bucket :root@master:~# aws s3 ls s3://linuxgurubucket 2018-05-01 15:32:16 71515 vishal.jpg How to copy local file to s3 using aws cp command :root@master:~# aws s3 cp ansible.sh s3://linuxgurubucket/ upload: ./ansible.sh to s3://linuxgurubucket/ansible.sh To check it's upload or not :root@master:~# aws s3 ls s3://linuxgurubucket/ 2018-05-01 15:34:19 82 ansible.sh 2018-05-01 15:32:16 71515 vishal.jpg To remove file from s3 bucket using cli: