Analyzing your Node project in Sonarqube using Tekton Pipelines on IBM Cloud
This article will focus on setting up Sonarqube instance in your K8 cluster using Tekton and analyze a Node project.
Sonarqube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.
~ WikipediaTekton is a powerful yet flexible Kubernetes-native open-source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
~ cloud.google.com/tekton
This is how the end architecture of what we are trying to achieve should look like.
The source code is posted here
https://github.com/prav10194/tekton-sonarqube-example
The node application for sonar has been built using this article https://medium.com/swlh/nodejs-code-evaluation-using-jest-sonarqube-and-docker-f6b41b2c319d
Setting up Cloud for K8
In this case, I have used IBM Cloud (free for a month for first-time devs) for setting up and installing Tekton and Sonarqube. Here are the steps to setup a cluster on IBM Cloud
- Logon to IBM Cloud and go to this link https://cloud.ibm.com/kubernetes/catalog/create
- Select pricing plan to be Free and provide it with a cluster name — and Create.
- On the next page, you will see a list of commands. Copy them and keep them safe somewhere.
We can get Cluster ID from our 2nd command, which we will reference in our future sections.
4. Next step would be to create an Apikey for your account. So follow the steps in here to create an API Key — https://cloud.ibm.com/docs/account?topic=account-federated_id
Login to ibmcloud using the following command —
ibmcloud login — ssoNext step would be to run the following command, note down the API key.
ibmcloud iam api-key-create <random_key_name>5. From your CLI — you need to run the following commands to login and install Tekton —
ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-<CLUSTER_NAME>.ymlkubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yamlkubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/tekton-dashboard-release.yaml#to check if pods are installed or not
kubectl get pods -n tekton-pipleines
6. Check the dashboard by running this command in another terminal window —
kubectl proxyAnd in your browser open the following link —
http://localhost:8001/api/v1/namespaces/tekton-pipelines/services/tekton-dashboard:http/proxy/
Running the Tekton pipeline
- Clone the following repo —
- Open terminal in the project folder and run the following commands — (the scope of these commands is sometimes not global)
ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-test-cluster.yml#install K8 resources using this script
sh resources.sh
3. Check the application in your dashboard —
Verify results on Sonarqube
To see results of the scan, you need to create another port-forward for Sonarqube container. The Sonarqube application is open on port 9004 and to connect to the port, we will be running the following commands in a new terminal— (again the first three commands are for setting the kube context)
ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-test-cluster.yml#port-forward on port 9004
kubectl port-forward svc/sonarqube-service 9004:9004 -n tekton-pipelines
Logon to http://localhost:9004, and you will see the authentication page. Default username/password is admin/admin
You will be asked to setup a new password. After you are done you will see the main dashboard.
That is the end of the article. Please feel free to post your questions.