In this article, we will look at Jenkins integration with SonarQube. Let’s look at the steps below
Outcome expected is that when changes are made in code & gets committed, then Jenkins build will automatically do the build with Sonar scan analysis.
Step 1:
Install required prerequisites
- Install Jenkins & configure maven job
- Install Java JDK
- Install Apache maven
- Install SonarQube
- Assuming in GitHub Sample code is available
Step 2:
Install Sonar Scanner plugin
Under Manage Jenkins -> Manage Plugins and search for Sonar Scanner to install
Use Download and install option directly rather than using CLI tool ( ex. Jenkins-plugin-cli –plugins sonar:<version> )& direct upload option.
Step 3:
Get token to Configure Sonar in Jenkins
In SonarQube UI, under Projects which we want to scan, generate token and copy it.
In Jenkins , under Dashboard -> Manage Jenkins -> Credentials-> System -> Global Credentials
Click on Add credentials and copy the token generated as ‘Secret text’ and give name . In this example, I had given name as ‘SonarToken’
Step 4:
Configure Sonar in Jenkins
In Jenkins, under Dashboard -> Manage Jenkins -> Configure System
Include Sonar URL & sonar token generated
under Dashboard -> Manage Jenkins -> Global Tool Configuration
Include path of sonar scanner where it is installed and save it.
Step 5:
Configure in Jenkins Job
Update goals and options with command to run the sonar
clean install sonar:sonar -Dsonar.projectKey=JenkinsIntegration_MathematicalOperations -Dsonar.host.url=http://localhost:9000 -Dsonar.login=<token here>
Step 6:
Verify whether sonar scan runs post commit in GIT
Commit code changes in GitHub and monitor Jenkins UI. Success of SonarQube run can be checked through ‘Console logs’ as well as in the SonarQube UI.
We could see that build with sonar run is done successfully from the screenshots below.
Hope this article will be helpful.