0

tl;博士

CodePipeline 在mvn sonar:sonar我的buildspec.yml文件行中崩溃并显示以下日志(我对其进行了一些格式化以提高可读性):

[ERROR] SonarQube server [http://localhost:9000] can not be reached 
...
[ERROR] Failed to execute goal 
        org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar 
        (default-cli) on project myproject: 
        Unable to execute SonarQube: 
        Fail to get bootstrap index from server: 
        Failed to connect to localhost/127.0.0.1:9000: 
        Connection refused (Connection refused) -> [Help 1] 

目标

这是我在 AWS 上的第一个项目,如果我提供了不相关的信息,非常抱歉。

我正在尝试部署我的后端 API,以便公众可以访问它。除其他外,我希望 CI/CD 设置为自动运行测试并在失败或未通过某个质量门时中止。如果一切顺利,那么新版本应该会自动在线部署。


当前状态

当其中一项测试失败时,我的管道会自动中止,但这就是我要做的所有事情。

我还没有弄清楚如何部署(甚至手动)API 以便能够向它发送请求。也许它已经完成了,但我只是不知道要使用哪个 URL。

无论如何,事实上,CodePipeline 在mvn sonar:sonar我的buildspec.yml文件行崩溃。

文件

这是我的buildspec.yml

version: 0.2 

phases: 
  install: 
    runtime-versions: 
      java: openjdk8 
    commands: 
      ############################################################################################## 
      ##### "cd / && ls" returns: [bin, boot, codebuild, dev, etc, go, home, lib, lib32, lib64, 
      #####                        media, mnt, opt, proc, root, run, sbin, srv, sys, tmp, usr, var] 
      ##### Initial directory where this starts is $CODEBUILD_SRC_DIR 
      ##### That variable contains something like "/codebuild/output/src511423169/src"
      ############################################################################################## 
      # Upgrade AWS CLI to the latest version 
      - pip install --upgrade awscli 
      # Folder organization 
      - cd /root 
      - codeAnalysisFolder="Sonar" # todo: refactor to include "/root" 
      - mkdir $codeAnalysisFolder && cd $codeAnalysisFolder 
      # Get SonarQube 
      - wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.1.0.31237.zip 
      - unzip ./sonarqube-8.1.0.31237.zip 
      # Launch SonarQube server locally 
      - cd ./sonarqube-8.1.0.31237/bin/linux-x86-64 
      - sh ./sonar.sh start 
      # Get SonarScanner 
      - cd /root/$codeAnalysisFolder 
      - wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.2.0.1873-linux.zip 
      - unzip ./sonar-scanner-cli-4.2.0.1873-linux.zip 
      - export PATH=$PATH:/root/$codeAnalysisFolder/sonar-scanner-cli-4.2.0.1873-linux.zip/bin/ # todo: .zip ?! 
  pre_build: 
    commands: 
      - cd $CODEBUILD_SRC_DIR 
      - mvn clean compile test 
      - mvn sonar:sonar 
  build: 
    commands: 
      - mvn war:exploded 
  post_build: 
    commands: 
      - cp -r .ebextensions/ target/ROOT/ 
      - aws cloudformation package --template template.yml --s3-bucket $S3_BUCKET --output-template-file template-export.yml 
      # Do not remove this statement. This command is required for AWS CodeStar projects. 
      # Update the AWS Partition, AWS Region, account ID and project ID in the project ARN on template-configuration.json file so AWS CloudFormation can tag project resources. 
      - sed -i.bak 's/\$PARTITION\$/'${PARTITION}'/g;s/\$AWS_REGION\$/'${AWS_REGION}'/g;s/\$ACCOUNT_ID\$/'${ACCOUNT_ID}'/g;s/\$PROJECT_ID\$/'${PROJECT_ID}'/g' template-configuration.json 
artifacts: 
  type: zip 
  files: 
    - 'template-export.yml' 
    - 'template-configuration.json' 

以下是构建失败日志的最后几行:

[INFO] User cache: /root/.sonar/cache 
[ERROR] SonarQube server [http://localhost:9000] can not be reached 
[INFO] ------------------------------------------------------------------------ 
[INFO] BUILD FAILURE 
[INFO] ------------------------------------------------------------------------ 
[INFO] Total time:  6.071 s 
[INFO] Finished at: 2019-12-18T21:27:23Z 
[INFO] ------------------------------------------------------------------------ 
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project myproject: Unable to execute SonarQube: Fail to get bootstrap index from server: Failed to connect to localhost/127.0.0.1:9000: Connection refused (Connection refused) -> [Help 1] 
[ERROR]  
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. 
[ERROR] Re-run Maven using the -X switch to enable full debug logging. 
[ERROR]  
[ERROR] For more information about the errors and possible solutions, please read the following articles: 
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException 

[Container] 2019/12/18 21:27:23 Command did not exit successfully mvn sonar:sonar exit status 1 
[Container] 2019/12/18 21:27:23 Phase complete: PRE_BUILD State: FAILED 
[Container] 2019/12/18 21:27:23 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: mvn sonar:sonar. Reason: exit status 1

并且因为您可能也有兴趣了解与sh ./sonar.sh start命令相关的构建日志:

[Container] 2019/12/18 21:25:49 Running command sh ./sonar.sh start 
Starting SonarQube... 
Started SonarQube. 

此外,这是我的sonar-project.properties文件:

# SONAR SCANNER CONFIGS 
sonar.projectKey=bullhubs 
# SOURCES 
sonar.java.source=8 
sonar.sources=src/main/java 
sonar.java.binaries=target/classes 
sonar.sourceEncoding=UTF-8 
# EXCLUSIONS 
# (exclusion of Lombok-generated stuff comes from the `lombok.config` file) 
sonar.coverage.exclusions=**/*Exception.java
# TESTS 
sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml 
sonar.junit.reportsPath=target/surefire-reports/TEST-*.xml 
sonar.tests=src/test/java 

环境

(抱歉隐藏信息:不确定什么应该保密,我为了安全起见。如果您需要任何具体信息,请告诉我!)

我设置了具有以下属性的Elastic Beanstalk :

EB 实例

我还启动并运行了一个EC2实例:

EC2 实例

我也使用VPC


我试过的

我尝试将一堆条目添加到我的 EC2 的入站规则中Security Group

安全组

我从开始0.0.0.0/0 : 9000,到然后尝试127.0.0.1/32 : 9000,到最后尝试All traffic。它都不起作用,所以问题似乎出在其他地方。

我还尝试更改sonar-project.properties文件的一些属性,即sonar.web.hostand sonar.host.url,以尝试重定向 SonarQube 服务器的托管位置(我想也许我应该将它指向 EC2 的 IPv4 公共 IP 地址或其附加的公共 DNS(IPv4)),但不知何故,失败的构建日志localhost:9000在尝试联系 SonarQube 服务器时一直显示连接失败。

4

1 回答 1

2

我已经想通了。

不知何故,SonarQube 报告已正常启动,尽管这不是真的。因此,当您在运行sh ./sonar.sh start命令后看到此日志时:

[Container] 2019/12/18 21:25:49 Running command sh ./sonar.sh start 
Starting SonarQube... 
Started SonarQube.

SonarQube 的本地服务器未必已成功启动。必须进入logsSonarQube 安装文件夹的文件夹并阅读该sonar.log文件才能确定确实有问题并且服务器已停止......

就我而言,它报告了运行服务器需要 JDK11 的错误。为了解决这个问题,我将我的java: openjdk8buildspec.yml改为java: openjdk11.

然后,我必须弄清楚现在有一个新的日志文件可供读取:es.log. 在控制台中打印该文件时,我发现最新的 ElasticSearch 版本(由最新的 SonarQube 服务器版本使用)不允许自己由 root 用户运行。因此,我必须创建一个新用户组并编辑一些配置文件以使用该用户运行服务器:

  # Set up non-root user to run SonarQube
  - groupadd sonar
  - useradd -c "Sonar System User" -d $sonarPath/$sonarQube -g sonar -s /bin/bash sonar
  - chown -R sonar:sonar $sonarPath/$sonarQube  # recursively changing the folder's ownership
  # Launch SonarQube server locally
  - cd ./$sonarQube/bin/linux-x86-64
  - sed -i 's/#RUN_AS_USER=/RUN_AS_USER=sonar/g' sonar.sh  # enabling user execution of server
  - sh ./sonar.sh start

完整的解决方案

这为我们提供了以下工作版本buildspec.yml

version: 0.2

phases:
  install:
    runtime-versions:
      java: openjdk11
    commands:
      ##############################################################################################
      ##### "cd / && ls" returns: [bin, boot, codebuild, dev, etc, go, home, lib, lib32, lib64,
      #####                        media, mnt, opt, proc, root, run, sbin, srv, sys, tmp, usr, var]
      ##### Initial directory where this starts is $CODEBUILD_SRC_DIR
      ##### That variable contains something like "/codebuild/output/src511423169/src"
      ##### This folder contains the whole structure of the CodeCommit repository. This means that
      ##### the actual Java classes are accessed through "cd src" from there, for example.
      ##############################################################################################
      # Upgrade AWS CLI to the latest version
      - pip install --upgrade awscli
      # Folder organization
      - preSonarPath="/opt/"
      - codeAnalysisFolder="Sonar"
      - sonarPath="$preSonarPath$codeAnalysisFolder"
      - cd $preSonarPath && mkdir $codeAnalysisFolder
      # Get SonarQube
      - cd $sonarPath
      - sonarQube="sonarqube-8.1.0.31237"
      - wget https://binaries.sonarsource.com/Distribution/sonarqube/$sonarQube.zip
      - unzip ./$sonarQube.zip
      # Set up non-root user to run SonarQube
      - groupadd sonar
      - useradd -c "Sonar System User" -d $sonarPath/$sonarQube -g sonar -s /bin/bash sonar
      - chown -R sonar:sonar $sonarPath/$sonarQube  # recursively changing the folder's ownership
      # Launch SonarQube server locally
      - cd ./$sonarQube/bin/linux-x86-64
      - sed -i 's/#RUN_AS_USER=/RUN_AS_USER=sonar/g' sonar.sh  # enabling user execution of server
      - sh ./sonar.sh start
      # Get SonarScanner and add to PATH
      - sonarScanner="sonar-scanner-cli-4.2.0.1873-linux"
      - cd $sonarPath
      - wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/$sonarScanner.zip
      - unzip ./$sonarScanner.zip
      - export PATH=$PATH:$sonarPath/$sonarScanner.zip/bin/ # todo: .zip ?!
  pre_build:
    commands:
      - cd $CODEBUILD_SRC_DIR
      - mvn clean compile test
#      - cd $sonarPath/$sonarQube/logs
#      - cat access.log
#      - cat es.log
#      - cat sonar.log
#      - cat web.log
#      - cd $CODEBUILD_SRC_DIR
      - mvn sonar:sonar
  build:
    commands:
      - mvn war:exploded
  post_build:
    commands:
      - cp -r .ebextensions/ target/ROOT/
      - aws cloudformation package --template template.yml --s3-bucket $S3_BUCKET --output-template-file template-export.yml
      # Do not remove this statement. This command is required for AWS CodeStar projects.
      # Update the AWS Partition, AWS Region, account ID and project ID in the project ARN on template-configuration.json file so AWS CloudFormation can tag project resources.
      - sed -i.bak 's/\$PARTITION\$/'${PARTITION}'/g;s/\$AWS_REGION\$/'${AWS_REGION}'/g;s/\$ACCOUNT_ID\$/'${ACCOUNT_ID}'/g;s/\$PROJECT_ID\$/'${PROJECT_ID}'/g' template-configuration.json
artifacts:
  type: zip
  files:
    - 'template-export.yml'
    - 'template-configuration.json'

干杯!

于 2019-12-25T19:05:07.297 回答