BenchmarkJava/scripts/runSonarQube.sh at fec964ae2b4ec9ca5a04e8bbf24cef1df353f0cb · OWASP-Benchmark/BenchmarkJava · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/usr/bin/env bash

# this script will
# - create a sonarqube server using the default configuration
# - setup basic things (account, project, token)
# - start a scan (takes >= 1 hour on mac)
# - create a report file
# - shutdown sonarqube server

source scripts/requireCommand.sh

requireCommand curl
requireCommand docker
requireCommand jq

# Check for install/updates at https://github.com/SonarSource/sonarqube

container_name="sonarqube-benchmark"
sonar_external_port="9876"
sonar_internal_port="9000"
sonar_host="http://localhost:$sonar_external_port"
sonar_project="benchmark"
sonar_user="admin"
sonar_default_password="admin"
sonar_password="P4ssword!!!!"

docker pull sonarqube
docker pull sonarsource/sonar-scanner-cli

echo "Creating temporary SonarQube instance..."

# start local sonarqube
docker run --rm -d --name "$container_name" -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p "$sonar_external_port:$sonar_internal_port" sonarqube

echo "Waiting for SonarQube to start..."

while [[ "$(curl --connect-timeout 5 --max-time 5 --retry 60 --retry-delay 0 --retry-max-time 120 -s -o /dev/null -w '%{http_code}' "$sonar_host")" != "200" ]]; do
  echo -n "."
  sleep 3
done

echo ""
echo "Waiting for SonarQube to become ready..."

while [[ "$(curl --silent "$sonar_host/api/system/status" | jq -r '.status')" != "UP" ]]; do
  echo -n "."
  sleep 3
done

echo ""
echo "SonarQube ready. Setting up instance..."

# change default password
curl "$sonar_host/api/users/change_password" --silent -u "$sonar_user:$sonar_default_password" -X POST --data-raw "login=$sonar_user&password=$sonar_password&previousPassword=$sonar_default_password" -o /dev/null

# create project
curl "$sonar_host/api/projects/create" --silent -u "$sonar_user:$sonar_password" -X POST --data-raw "project=$sonar_project&name=$sonar_project" -o /dev/null

# create token
sonar_token=$(curl "$sonar_host/api/user_tokens/generate" --silent -u "$sonar_user:$sonar_password" -X POST --data-raw "name=$(date)" | jq -r '.token')

echo "Starting scan... (might take some time!)"

container_ip=$(docker inspect "$container_name" | jq -r '.[0].NetworkSettings.Networks.bridge.IPAddress' )
sonar_docker_host="http://$container_ip:$sonar_internal_port"

docker run --env SONAR_SCANNER_OPTS=-Xmx4g --rm -v ~/.m2:/root/.m2 -v "$(pwd)":"$(pwd)" -w "$(pwd)" sonarsource/sonar-scanner-cli \
  -Dsonar.java.binaries="target" \
  -Dsonar.projectKey="$sonar_project" \
  -Dsonar.host.url="$sonar_docker_host" \
  -Dsonar.login="$sonar_token" \
  -Dsonar.sources="src" \
  -Dsonar.exclusions="results/**,scorecard/**,scripts/**,tools/**,VMs/**"

echo "Waiting for SonarQube CE to finish task..."

while [[ "$(curl --silent -u "$sonar_token:" "$sonar_host/api/ce/component?component=$sonar_project" | jq -r '.current.status')" != "SUCCESS" ]]; do
  echo -n "."
  sleep 3
done

echo ""
echo "Generating report..."

mvn exec:java -Dexec.mainClass="org.owasp.benchmark.report.sonarqube.SonarReport"

echo "Shutting down SonarQube..."

docker stop "$container_name"