[Sonarqube] Install Sonarqube on Kubernetes and integrate with GitHub Action.

1) Installing Sonarqube on Kubernetes

To install the chart:

helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube
helm repo update
kubectl create namespace sonarqube
helm upgrade --install -n sonarqube sonarqube sonarqube/sonarqube

Helm values:

Nếu bạn cần tạo ingress cho Sonarqube.

ingress:
  enabled: true
  ingressClassName: nginx
  hosts:
    - name: sonarqube.nimtechnology.com

2) Integrate GitHub Action with Sonarqube.

2.1) Create a Token on Sonarqube

2.2) Create a project on Sonarqube.

2.3) Set up GitHub Action.

Nếu bạn chưa quen với github action thì có thể tham khảo:
https://nimtechnology.com/2022/12/21/github-action-lets-use-github-action-to-build-and-push-the-docker-image-to-the-docker-hub/

tiếp đến tạo folder và yaml cho github action.
https://github.com/SonarSource/sonar-scanner-cli/blob/master/.github/workflows/release.yml

name: Main Workflow

on:
  push:
    branches:
      - "master"

jobs:
  sonarqube:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting
          fetch-depth: 0
      - name: SonarQube Scan
        uses: sonarsource/sonarqube-scan-action@master
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

Giờ bạn sẽ tạo file sonar-project.properties
https://github.com/mrnim94/taurus/blob/master/sonar-project.properties

Bạn sẽ cần để info project trên sonarqube để match repo với project nào trên sonarqube.

sonar.projectKey=taurus

Bạn có thể thấy github action run

https://github.com/mrnim94/taurus/actions

How to ignored the Sonar Recomadation.

Cách chung thì bạn sẽ dụng command //NOSONAR với code.

nhưng với Dockerfile hay yaml thì bạn không sài command được.

Page demo:

http://209.126.99.144:9000/
http://101.201.140.51:9000/