I use *Git* for several years and there are tons of articles out there about how to create new branch, pull, fetch, merge, conflict resolve, etc…
I looked at how we are doing with branches on current project – holds over 1M of code lines and +10 years of its history – I was surprised that we had almost 2 000 branches (features, patches,….). We don’t follow the standard git flow (yeah I know we should, but some in our team thinks that for current project it is better how we do it now). So as you can see there are many branches which needs to be cleaned up and GIT helps a lot with that.
Some Git commands which are useful for cleanup:
Clean of local branches which has been deleted on remote server:
git fetch --prune
list of all branches (local & remote )
git branch --all
List branches which are merged to remote master:
git branch --all --merged origin/master
Result of above command can be deleted
Delete local branch:
git branch -d branch_name
Delete branch from remote “origin” :
git push origin --delete branch_name
Show list of branches which are not merged into remote master branch:
git branch --all --no-merged origin/master
Results from above command are not merged into master. You need to check whether those branches are new feature/patch branches (still in work in progress) or they were not merged because you feature/patch is not needed any more (absolete and can be deleted) or you simply forget to merged them into your master (which should not happen by using tools like “git flow”)
You can scripts to combine of commands together. Let’s say we want to see last commit day and author to find out whether branch is still under development or not.
for branch in `git branch -r --merged origin/master | egrep -v 'HEAD|master'`; do echo -e `git show --format="%ci %cr %an" $branch | head -n 1` \\t$branch; done | sort -r
Similarly you can create scripts, which deletes not used merged branches and many other things you need.
By default your docker can’t reach to internet only to get centOS.
running this command solves the problem:
It is always preferred to use https instead of http (specially when using passwords and so on…)
We have switched our SonarQube (tool for Continuous Inspection of code quality) to use https for security reasons. Anyway I have noticed that Jenkins stop sending new quality codes to our sonar. When I have checked the logs I have seen this stacktrace:
Exception in thread "main" java.lang.IllegalStateException: Fail to request server version at org.sonar.runner.Bootstrapper.getServerVersion(Bootstrapper.java:73) at org.sonar.runner.Runner.checkSonarVersion(Runner.java:220) at org.sonar.runner.Runner.execute(Runner.java:150) at org.sonar.runner.Main.execute(Main.java:84) at org.sonar.runner.Main.main(Main.java:56) Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:951) at java.net.URLConnection.getContent(URLConnection.java:682) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:406) at org.sonar.runner.Bootstrapper.remoteContent(Bootstrapper.java:125) at org.sonar.runner.Bootstrapper.getServerVersion(Bootstrapper.java:71) ... 4 more
So here you can see that Jenkins has problem to “handshake” ssl certificate.
follow these steps:
Add Trusted Keystore
Run “InstallCert.java” on server (where you run your https service). something like java InstallCert localhost:443 -> press “1” when asked. It will add your “localhost” as a trusted keystore, and generate a file named “jssecacerts“.
[user@sonar ~]$ java InstallCert localhost:443 Loading KeyStore /usr/java/jdk1.6.0_37/jre/lib/security/cacerts... Opening connection to localhost:443... Starting SSL handshake.. Server sent 1 certificate(s): 1 Subject CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ Enter certificate to add to trusted keystore or 'q' to quit:  1 Added certificate to keystore 'jssecacerts' using alias 'localhost-1'
I have removed most of the parts but the main parts are here:
a) press 1 when assked – you agree to add certificate for this domain into keystore
b) it created jssecacerts file
Verify Trusted Keystore
Run same command again 🙂 (this is full export – removed hashed data)
[mchowaniok@sonar ~]$ java InstallCert sonar.vmcz.vendavo.com:443 Loading KeyStore jssecacerts... Opening connection to sonar.vmcz.vendavo.com:443... Starting SSL handshake... No errors, certificate is already trusted Server sent 1 certificate(s): 1 Subject CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ Issuer CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ sha1 md5 Enter certificate to add to trusted keystore or 'q' to quit:  q KeyStore not changed
copy jssecacerts file into java/jre/lib/security folder (I had to done it under sudo )
[user@sonar ~]$ sudo cp jssecacerts /usr/java/default/jre/lib/security/
verify it 🙂 in my case, run Jenkins job and verify data are uploaded to Sonar.
Next task I wanted to do is to create jenkins on openshift and be able to build projects from github or bitbucket. It sounds simple, but you will face quite a lot of issues. So let’s do it:
Create Jenkins gear
- this creates gear called “jenkins” using jenkins-1 application and includes ssh wrapper “git-ssh” which helps you to overcome ssh obstacles (openshift forbids to write into .ssh folder) – as you will see we will have to solve this problem several times later as well
Set jenkins slave
jenkins needs other linux machines (called slaves) to use them for building, anyway we don’t have so much free gears, so we will use jenkins itself for it.
Manage Jenkins -> Configure System -> # of executors = 1 Labels = put here anything
Generate ssh key
Add public key (id_rsa.pub) to github & bitbucket
search github/ bitbucket how to do it 🙂
Add new Jenkins Job
- in begining I mentioned that home folder is not writeable, so we are encountering several problems, like ssh can’t write into .ssh , maven can’t write into .m2 folder and so on. The only solution is to point all applications into writeable folder which is $OPENSHIFT_DATA_DIR
- Because of the problem above, you can’t use standard maven jobs but you have to use “Build a free-style software project”
- Source Code Management: git: your git url (i.e. email@example.com:majecek/testtest.git)
- Build: (add Execute shell): enter:
- this creates setings.xml file and when runing maven commands – you have to specify where is the settings file
- check this site for more info
- next step is to add hooks in github/bitbucket – so after push in repo they will trigger jenkins to create new build – again check it in github/bitbucke or this site
Feed Sonar with data from Jenkins
This was quite a problem. I have to admit that I didn’t finish it, but found solution. Here is another problem, sonar and specially it’s mysql runs on different gear and openshift by default don’t allow any connection between gears nor from outside.
- install Sonar plugin into jenkins, add URL & jdbc url and all info needed
- I had to add into Sonar Aditional properties: -DSONAR_USER_HOME=$OPENSHIFT_DATA_DIR
- this is again, because sonar can’t write into home directory, so you have to point to writeable folder
Now you will face problem, that jenkins can’t connect to MYSQL DB – as said above, this is because gears can’t communicate to each other. There are 2 solutions:
- set up SONAR as scaled application – scalled applications can communicate to each other
- setup ssh port forwarding between applications
You can read more here.
In previous article, I have showed you how to build sonarqube 4.0 on openshift , but let’s feed it with some data.
- Let’s create dummy j2ee project using maven
- cd <<project_name>>
mvn clean compile
- openshift port forward to access database
rhc port-forward <<APPLICATION_NAME>>
- you should see something like this:
Service Local OpenShift
——- ————– —- —————
java 127.0.0.1:8080 => 127.X.X.X:8080
mysql 127.0.0.1:3306 => 127.X.X.X:3306
- database can be accessed on localhost:3306
Now we have few options how to feed sonar
- maven – best for maven projects
- sonarqube runner – best for java legacy code
5 things to change or consider:
- jdbc url – make sure you have correct url, port, application name
- mysql username
- mysql password
- sonar host url
- I am using maven version 3 – in case you have maven version 2 you have set different dependences
mvn clean compile sonar:sonar or (including profile name to be used) mvn clean compile sonar:sonar -Dsonar.profile="Sun checks"
4 things to change or consider:
- jdbc url – make sure you have correct url, port, application name
- mysql username
- mysql password
- sonar host url
- you have to download SonarQube runner & set PATH variable
export SONAR_RUNNER_HOME=/Path/to/SonnarRunner/sonar-runner-2.3 export PATH=$SONAR_RUNNER_HOME/bin:$PATH
- create file called “sonar-project.properties” and fill it with info mentioned above in gist
Now change code (i.e. add empty private method, named with upper case letter, ….) and run analysis again to feed sonar. Check sonar – it shows you all violations and issues in your code, … (also it depends on plugins you have installed on your sonar)
Example project can be found on Bitbucket
I have managed to run latest SonarQube on openshift for free.
Because openshift has bug you can’t just have one-line command to do all setup for you, but I had to separate it into several commands and two git repos.
you can’t have .openshift folder in repo – so I have to have 2 git repos
- git repo with sonar without (.openshift folder)
- git repo with .openshift folder with start & stop commands
How to get SonarQube 4.0 running on openshift
- when RedHat fixes the bug, you should be fine, just with line #1
- cd into project
- add another git repo which holds .openshift folder with start & stop commands
- get changes from repo above
- pull from origin repo – git was complaining when I didn’t do pull
- push into openshift
- wait several minutes until sonar gets running
Big thanks goes to Rui Rodrigues(@rodriguesrmb) as he managed to solve port binding problems and update java wrapper with new version
I needed to join several flac files.
- add shntool to windows folder
- add flac exe also to windows folder
- go to folder where you have flac files
joining flac files
shntool join -o flac *.flac