Sonar安裝設置完成

a4b828fb · Peter Cheng · a8a6f062 · a4b828fb · a4b828fb · a4b828fb
Commit a4b828fb authored Nov 28, 2019 by Peter Cheng
15 changed files
--- a/.env swp
+++ b/.env swp
+[server]
+ci_cd_test ansible_host=127.0.0.1
\ No newline at end of file
--- a/.gitignore
+++ b/.gitignore
+\.env
--- a/README.md
+++ b/README.md
 # build_server
-編譯伺服器
+編譯伺服器，透過Ansible Playbook操作，讓服務器可以自己Git抓程式碼下來，自己做程式碼分析、自動化測試、自動編譯、自動上版
+## 資料夾結構
+resources 用來存放軟體相關設定檔用
+tasks 用來存放分類存放要安裝、設定的Ansible Playbook排程
+.env.swp Ansible Playbook主機參數檔
+install.yml 用來安裝所需之套件
+config.yml 用來設定相關之設定
+## Ansible Playbook 操作流程
+1. 將./env/env.swp檔名改成.env
+2. 設定.env中，對應的主機名與IP，可一次設定多台
+3. 運行以下指令安裝所需之套件
+```
+ansible-playbook -i .env install.yml --ask-become-pass
+```
+4. 輸入登入用密碼
+5. 等全部的所需套件都安裝完成，並且沒有跳Fail
+6. 運行以下指令設定服務器
+```
+ansible-playbook -i .env config.yml --ask-become-pass
+```
+7. 輸入登入用密碼
+8. 等全部的所需套件都安裝完成，並且沒有跳Fail
\ No newline at end of file
--- a/config.yml
+++ b/config.yml
+# 設定安裝SonarQube所需資料庫環境
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  become_user: postgres
+  tasks:
+    - name: "設定SonarQube所需資料庫環境"
+      include_tasks: tasks/config/postgres.yml
+# 設定SonarQube相關設定
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  become_user: root
+  tasks:
+    - name: "設定SonarQube相關設定"
+      include_tasks: tasks/config/sonarQube.yml
\ No newline at end of file
--- a/install.yml
+++ b/install.yml
+---
+- hosts: ci_cd_test
+  remote_user: petercheng
+  become: yes
+  tasks:
+    # 初始化系統
+    - name: "全系統更新"
+      include_tasks: tasks/install/init.yml
+    - name: "安裝Git"
+      include_tasks: tasks/install/git.yml
+    # 安裝Golang 1.13.4
+    - name: "安裝Golang 1.13.4"
+      include_tasks: tasks/install/golang.yml
+    # 安裝PostgreSQL
+    - name: "安裝PostgreSQL"
+      include_tasks: tasks/install/postgres.yml
+    # 安裝SonarQube
+    - name: "安裝SonarQube 7.9.1 LTS"
+      include_tasks: tasks/install/sonarQube.yml
\ No newline at end of file
--- a/resources/jvm.options
+++ b/resources/jvm.options
+## JVM configuration
+################################################################
+## IMPORTANT: JVM heap size
+################################################################
+##
+## You should always set the min and max JVM heap
+## size to the same value. For example, to set
+## the heap to 4 GB, set:
+##
+## -Xms4g
+## -Xmx4g
+##
+## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
+## for more information
+##
+################################################################
+# Xms represents the initial size of total heap space
+# Xmx represents the maximum size of total heap space
+-Xms1g
+-Xmx1g
+################################################################
+## Expert settings
+################################################################
+##
+## All settings below this section are considered
+## expert settings. Don't tamper with them unless
+## you understand what you are doing
+##
+################################################################
+## GC configuration
+-XX:+UseConcMarkSweepGC
+-XX:CMSInitiatingOccupancyFraction=75
+-XX:+UseCMSInitiatingOccupancyOnly
+## G1GC Configuration
+# NOTE: G1GC is only supported on JDK version 10 or later.
+# To use G1GC uncomment the lines below.
+# 10-:-XX:-UseConcMarkSweepGC
+# 10-:-XX:-UseCMSInitiatingOccupancyOnly
+# 10-:-XX:+UseG1GC
+# 10-:-XX:InitiatingHeapOccupancyPercent=75
+## DNS cache policy
+# cache ttl in seconds for positive DNS lookups noting that this overrides the
+# JDK security property networkaddress.cache.ttl; set to -1 to cache forever
+-Des.networkaddress.cache.ttl=60
+# cache ttl in seconds for negative DNS lookups noting that this overrides the
+# JDK security property networkaddress.cache.negative ttl; set to -1 to cache
+# forever
+-Des.networkaddress.cache.negative.ttl=10
+## optimizations
+# pre-touch memory pages used by the JVM during initialization
+-XX:+AlwaysPreTouch
+## basic
+# explicitly set the stack size
+-Xss1m
+# set to headless, just in case
+-Djava.awt.headless=true
+# ensure UTF-8 encoding by default (e.g. filenames)
+-Dfile.encoding=UTF-8
+# use our provided JNA always versus the system one
+-Djna.nosys=true
+# turn off a JDK optimization that throws away stack traces for common
+# exceptions because stack traces are important for debugging
+-XX:-OmitStackTraceInFastThrow
+# flags to configure Netty
+-Dio.netty.noUnsafe=true
+-Dio.netty.noKeySetOptimization=true
+-Dio.netty.recycler.maxCapacityPerThread=0
+# log4j 2
+-Dlog4j.shutdownHookEnabled=false
+-Dlog4j2.disable.jmx=true
+-Djava.io.tmpdir=/tmp
+## heap dumps
+# generate a heap dump when an allocation from the Java heap fails
+# heap dumps are created in the working directory of the JVM
+-XX:+HeapDumpOnOutOfMemoryError
+# specify an alternative path for heap dumps; ensure the directory exists and
+# has sufficient space
+#-XX:HeapDumpPath=data
+# specify an alternative path for JVM fatal error logs
+#-XX:ErrorFile=logs/hs_err_pid%p.log
+## JDK 8 GC logging
+#8:-XX:+PrintGCDetails
+#8:-XX:+PrintGCDateStamps
+#8:-XX:+PrintTenuringDistribution
+#8:-XX:+PrintGCApplicationStoppedTime
+#8:-Xloggc:logs/gc.log
+#8:-XX:+UseGCLogFileRotation
+#8:-XX:NumberOfGCLogFiles=32
+#8:-XX:GCLogFileSize=64m
+# JDK 9+ GC logging
+#9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m
+# due to internationalization enhancements in JDK 9 Elasticsearch need to set the provider to COMPAT otherwise
+# time/date parsing will break in an incompatible way for some date patterns and locals
+#9-:-Djava.locale.providers=COMPAT
+# temporary workaround for C2 bug with JDK 10 on hardware with AVX-512
+#10-:-XX:UseAVX=2
--- a/resources/sonar.properties
+++ b/resources/sonar.properties
--- a/resources/sonar.service
+++ b/resources/sonar.service
+[Unit]
+Description=SonarQube service
+After=syslog.target network.target
+[Service]
+Type=forking
+ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
+ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
+User=root
+Group=root
+Restart=always
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
--- a/tasks/config/postgres.yml
+++ b/tasks/config/postgres.yml
+---
+  #新增資料庫與使用者
+  - postgresql_db:
+      name: sonar
+      encoding: UTF-8
+      lc_collate: en_US.UTF-8
+      lc_ctype: en_US.UTF-8
+      template: template0
+  - postgresql_user:
+      db: sonar
+      name: sonar
+      password: sonar
+      priv: "ALL"
\ No newline at end of file
--- a/tasks/config/sonarQube.yml
+++ b/tasks/config/sonarQube.yml
+---
+  - name: "置換SonarQube設定檔"
+    copy:
+      src: ./resources/sonar.properties
+      dest: /opt/sonarqube/conf/sonar.properties
+      follow: yes
+  - name: "置換Elasticsearch設定檔"
+    copy:
+      src: ./resources/jvm.options
+      dest: /opt/sonarqube/elasticsearch/config/jvm.options
+      follow: yes
+  - name: "設定Elasticsearch目錄權限"
+    file: 
+      path: /opt/sonarqube
+      recurse: yes
+      mode: 0777
+  - name: "將SonarQube設成服務"
+    copy:
+      src: ./resources/sonar.service
+      dest: /etc/systemd/system/sonar.service
+      follow: yes
+  - name: "啟用SonarQube服務"
+    command: "{{ item }}"
+    with_items: 
+      - systemctl enable sonar
+      - systemctl start sonar
\ No newline at end of file
--- a/tasks/install/git.yml
+++ b/tasks/install/git.yml
+---
+# 安裝Git
+- name: "安裝Git"
+  apt:
+    name: git
+    state: present
\ No newline at end of file
--- a/tasks/install/golang.yml
+++ b/tasks/install/golang.yml
+---
+# 安裝GVM
+- name: "移除舊版GVM"
+  file:
+    path: /root/.gvm
+    state: absent
+- name: "下載GVM安裝程式"
+  get_url:
+    url: https://raw.githubusercontent.com/moovweb/gvm/master/binscripts/gvm-installer
+    dest: /tmp/gvm-installer
+    mode: "0755"
+- name: "執行GVM安裝程式"
+  command: /tmp/gvm-installer
+# 安裝編譯用相依套件
+- name: "安裝編譯用相依套件"
+  apt:
+    pkg:
+      - mercurial 
+      - make 
+      - binutils 
+      - bison 
+      - gcc 
+      - build-essential
+    state: present
+# 安裝Golang
+- name: "安裝Golang"
+  shell: "source /root/.gvm/scripts/gvm && gvm install go1.13.4 -B && gvm use go1.13.4"
+  args:
+    executable: /bin/bash
\ No newline at end of file
--- a/tasks/install/init.yml
+++ b/tasks/install/init.yml
+---
+# 初始化系統
+- name: "全系統更新"
+  apt: 
+    upgrade: dist
\ No newline at end of file
--- a/tasks/install/postgres.yml
+++ b/tasks/install/postgres.yml
+---
+- name: "安裝PostgreSQL"
+  apt:
+    pkg: 
+      - postgresql
+      - python-psycopg2
+    state: present
+    update_cache: yes
+- name: "修改資料庫管理員預設密碼"
+  user:
+    name: postgres
+    password: "{{ '1qazse4rfvgy7' | password_hash('sha512') }}"
\ No newline at end of file
--- a/tasks/install/sonarQube.yml
+++ b/tasks/install/sonarQube.yml
+---
+  #安裝SonarQube
+  - name: "移除舊版SonarQube壓縮包"
+    file: 
+      path: /tmp/sonarQube-LTS.zip
+      state: absent
+  - name: "移除舊版SonarQube安裝包"
+    file:
+      path: /opt/sonarqube
+      state: absent
+  - name: "下載SonarQube"
+    get_url: 
+      url: https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.9.1.zip
+      dest: /tmp/sonarQube-LTS.zip
+      mode: 444
+  - name: "安裝Unzip套件"
+    apt:
+      pkg:
+        - unzip 
+        - openjdk-11-jdk
+        - openjdk-11-jdk-headless
+      state: present
+  - name: "解壓SonarQube"
+    unarchive: 
+      src: /tmp/sonarQube-LTS.zip
+      dest: /opt
+      remote_src: yes
+  - name: "修改目錄名稱"
+    command: mv /opt/sonarqube-7.9.1 /opt/sonarqube
\ No newline at end of file