Analyzing your Node project in Sonarqube using Tekton Pipelines on IBM Cloud

This article will focus on setting up Sonarqube instance in your K8 cluster using Tekton and analyze a Node project.

Sonarqube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.
~ Wikipedia

Tekton is a powerful yet flexible Kubernetes-native open-source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
~ cloud.google.com/tekton

This is how the end architecture of what we are trying to achieve should look like.

The architecture of SQ + Tekton

The source code is posted here
https://github.com/prav10194/tekton-sonarqube-example

The node application for sonar has been built using this article https://medium.com/swlh/nodejs-code-evaluation-using-jest-sonarqube-and-docker-f6b41b2c319d

Setting up Cloud for K8

In this case, I have used IBM Cloud (free for a month for first-time devs) for setting up and installing Tekton and Sonarqube. Here are the steps to setup a cluster on IBM Cloud

  1. Logon to IBM Cloud and go to this link https://cloud.ibm.com/kubernetes/catalog/create
  2. Select pricing plan to be Free and provide it with a cluster name — and Create.
  3. On the next page, you will see a list of commands. Copy them and keep them safe somewhere.
    We can get Cluster ID from our 2nd command, which we will reference in our future sections.

4. Next step would be to create an Apikey for your account. So follow the steps in here to create an API Key — https://cloud.ibm.com/docs/account?topic=account-federated_id

Login to ibmcloud using the following command —

ibmcloud login — sso

Next step would be to run the following command, note down the API key.

ibmcloud iam api-key-create <random_key_name>

5. From your CLI — you need to run the following commands to login and install Tekton —

ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-<CLUSTER_NAME>.yml
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yamlkubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/tekton-dashboard-release.yaml#to check if pods are installed or not
kubectl get pods -n tekton-pipleines

6. Check the dashboard by running this command in another terminal window —

kubectl proxy

And in your browser open the following link —
http://localhost:8001/api/v1/namespaces/tekton-pipelines/services/tekton-dashboard:http/proxy/

Running the Tekton pipeline

  1. Clone the following repo —
  2. Open terminal in the project folder and run the following commands — (the scope of these commands is sometimes not global)
ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-test-cluster.yml
#install K8 resources using this script
sh resources.sh

3. Check the application in your dashboard —

Verify results on Sonarqube

To see results of the scan, you need to create another port-forward for Sonarqube container. The Sonarqube application is open on port 9004 and to connect to the port, we will be running the following commands in a new terminal— (again the first three commands are for setting the kube context)

ibmcloud login --apikey <YOUR_API_KEY> -qibmcloud ks cluster config --cluster <CLUSTER_ID>#replace this command from what you get after running the second command in CLI
export KUBECONFIG=<PATH>/kube-config-mex01-test-cluster.yml
#port-forward on port 9004
kubectl port-forward svc/sonarqube-service 9004:9004 -n tekton-pipelines

Logon to http://localhost:9004, and you will see the authentication page. Default username/password is admin/admin

You will be asked to setup a new password. After you are done you will see the main dashboard.

That is the end of the article. Please feel free to post your questions.