diff --git a/README.md b/README.md index fdf8dc4..8feb0da 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,8 @@ # Sonarqube on Fargate with CDK -[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=ContainerOnAWS_sonarqube-fargate-cdk&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=ContainerOnAWS_sonarqube-fargate-cdk) [![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=ContainerOnAWS_sonarqube-fargate-cdk&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=ContainerOnAWS_sonarqube-fargate-cdk) -## Introduction +[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=DevSecOpsSamples_sonarqube-fargate-cdk&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=DevSecOpsSamples_sonarqube-fargate-cdk) [![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=DevSecOpsSamples_sonarqube-fargate-cdk&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=DevSecOpsSamples_sonarqube-fargate-cdk) + +## Overview During App Modernization journey, a code visualization system is required for code quality management because many changes are needed. [SonarQube](https://www.sonarqube.org/), the most famous and used solution, is an open-source platform developed by SonarSource for continuous inspection of code quality. @@ -21,7 +22,7 @@ This project provides a solution including IaC code and configurations to run So 2. Running SonarQube with minimum cost using Fargate Spot and Aurora Serverless. 3. Help developers keep high-quality code using SonarQube -I hope you build and learn about code inspection/visualization systems using SonarQube in *1 day* only. +I hope you build and learn about code inspection/visualization systems using SonarQube in **1 day** only. ## Table of Contents @@ -163,7 +164,7 @@ SSM parameters: * /sonarqube-fargate-cdk/task-execution-role-arn * /sonarqube-fargate-cdk/default-task-role-arn -[ecs-sonarqube-service/lib/ecs-sonarqube-service-stack.ts](./ecs-sonarqube-service/lib/ecs-sonarqube-service-stack.ts) +[ecs-sonarqube-service/lib/sonarqube-fargate-stack.ts](./ecs-sonarqube-service/lib/sonarqube-fargate-stack.ts) **IMPORTANT** @@ -193,18 +194,20 @@ Run SonarQube Scanner using gradle wrapper: ![SonarQube](./screenshots/sample-result.png?raw=true) -If you want to integrate with Jenkins using Webhooks, refer to the https://github.com/ContainerOnAWS/sonarqube-jenkins repository. +If you want to integrate with Jenkins using Webhooks, refer to the https://github.com/DevSecOpsSamples/sonarqube-jenkins repository. + +--- -## Clean Up +## Cleanup -[clean-up.sh](./clean-up.sh) +[cleanup.sh](./cleanup.sh) ## Structure ```text ├── build.gradle ├── deploy-all.sh -├── clean-up.sh +├── cleanup.sh ├── config.ts ├── package.json ├── tsconfig.json @@ -244,24 +247,19 @@ If you want to integrate with Jenkins using Webhooks, refer to the https://githu └── vpc-stack.ts ``` -## Reference +## References * [DockerHub - SonarQube](https://hub.docker.com/_/sonarqube) - * [GitHub - SonarQube](https://github.com/SonarSource/sonarqube) -### CDK Lib - -* [ECS](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs-readme.html) +### CDK Libries -* [ECR Assets](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets-readme.html) - -* [IAM](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam-readme.html) - -* [SSM](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm-readme.html) +* [aws-cdk-lib.aws_ecs module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs-readme.html) +* [aws-cdk-lib.aws_ecr_assets module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets-readme.html) +* [aws-cdk-lib.aws_iam module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam-readme.html) +* [aws-cdk-lib.aws_ssm module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm-readme.html) ### IAM Role & Policy * [Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) - * [Exec Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html) diff --git a/build.gradle b/build.gradle index e680506..ffee8cb 100644 --- a/build.gradle +++ b/build.gradle @@ -17,18 +17,16 @@ buildscript { sonarqube { properties { property "sonar.projectName", "sonarqube-fargate-cdk" - property "sonar.projectKey", "ContainerOnAWS_sonarqube-fargate-cdk" - property "sonar.organization", "containeronaws" + property "sonar.projectKey", "DevSecOpsSamples_sonarqube-fargate-cdk" + property "sonar.organization", "devsecopssamples" property "sonar.host.url", "https://sonarcloud.io" // property "sonar.host.url", "http://127.0.0.1:9000" property "sonar.sourceEncoding", "UTF-8" property "sonar.sources", "." property "sonar.exclusions", "**/node_modules/**, **/cdk.out/**" - // property "sonar.cpd.exclusions", "**/*index.ts" - property "sonar.links.ci", "https://github.com/ContainerOnAWS/sonarqube-fargate-cdk" + property "sonar.links.ci", "https://github.com/DevSecOpsSamples/sonarqube-fargate-cdk" property "sonar.issue.ignore.multicriteria", "e1" property "sonar.issue.ignore.multicriteria.e1.ruleKey", "typescript:S1848" property "sonar.issue.ignore.multicriteria.e1.resourceKey", "**/*.ts" - property "sonar.log.level", "DEBUG" } } diff --git a/cleanup.sh b/cleanup.sh new file mode 100755 index 0000000..443c580 --- /dev/null +++ b/cleanup.sh @@ -0,0 +1,26 @@ +#!/bin/bash +set -e + +echo "[1/5] destroy ecs-sonarqube-service" +cd ecs-sonarqube-service +cdk destroy + +echo "[2/5] destroy ecs-sonarqube-cluster" +cd ../ecs-sonarqube-cluster +cdk destroy + +echo "[3/5] destroy ecs-iam-role" +cd ../ecs-iam-role +cdk destroy + +echo "[4/5] destroy ecr-codecommit" +cd ../ecr-codecommit +cdk destroy + +echo "[5/5] destroy vpc" +cd ../vpc +cdk destroy + +find . -name "cdk.out" -exec rm -rf {} \; +find . -name "cdk.context.json" -exec rm -f {} \; +rm -rf node_modules \; diff --git a/deploy-all.sh b/deploy-all.sh old mode 100755 new mode 100644 index fd04a74..912ca14 --- a/deploy-all.sh +++ b/deploy-all.sh @@ -1,3 +1,6 @@ +#!/bin/bash +set -e + find . -name "cdk.context.json" -exec rm -f {} \; echo "[1/5] Deploy vpc"