SonarQube integration with Jenkins

Posted By : Aquib Ahamad | 24-Dec-2020

sonarqube integration with jenkins for code analysis

 

 

 

 

If we talk About Traditional developing approaches, Most IT companies are following a manual process for developing any systems from builds code to deploy code in the Production Server. 

But here, Integrating with Jenkins and SonarQube can be help developers to assure their codes qualities, identify bugs, vulnerabilities, code smells, etc. (static code analysis) before the building code automatically with the help of Jenkins

Basically, we are Integrating SonarQube with Jenkins provides you the ability to analyzed your code when you are run a job that contains the SonarQube executions within and it generates an analysis of that codes in your SonarQube Server.

Terminology:

 

Jenkins-

 

Jenkins is an open-source Continuous Integration system. It is a process in which developers put their code in a shared repository and every time the automate the cycle is performed from the Build, Test and Deploy code, etc.

SonarQube

SonarQube is an open-source platform used for continuous analysis of your source code quality by performing analysis of your source code to detect duplication, bugs, security vulnerabilities and code smells.

Why should Integrating SonarQube and Jenkins Useful: 

When you are working on a project and if you are doing SonarQube analysis sometimes you can do that easily but if there are scenario has been changes to that's SonarQube analysis will be performed by after that the completion of each and every task or you can say deployments then the manual actions would be become hard to rely on. So, to overcomes the problems of manual analysis with it, 

SonarQube is integrated with Jenkins which performs automated tasks. Now, you have only added to your sonar script for analysis in Jenkins jobs for performs SonarQube analysis and you can perform this action as your requirements and you also get to the quality of report your code in SonarQube.

 

Also Read: How To Create A Custom Cache Server Using Nginx

 

Pre-requisites:

1. Install Java 8 from the Oracles website.

2. Install any database from the following

 

Must be configured to use UTF8 charset

Database

Version

PostgreSQL

8.x
9.x

Microsoft SQL Server

2014 (MSSQL Server 12.0)
2016 (MSSQL Server 13.0)

Oracle

11G
12C
XE Editions are supported

MySQL

5.6
5.7

 

 

 

 

 

Let’s have we start, We have explained an integration process of SonarQube and the Jenkins in three simples step are there:

 

1. Jenkins Installation

2. SonarQube Installation

3. Integration of SonarQube in Jenkins

1. Jenkins Installation

1. Download OS-based file for setup or war file from Jenkins Downloads.

2. On the restart system, Jenkins will start automatically if you had installed it with the OS installer package. It also generates WARs files but in Linux, it is in /usr/share/jenkins directory.

If you have downloaded the WAR file, you can put it in any other folder as your requirements. 

3. Jenkins will start on port 8080 by default.

To starts Jenkins on different ports you can use the following command (You can change port here) and you can find Jenkins password in logs of terminal or in the log file of Jenkins from /var/log/jenkins/jenkins.log.

 

java -jar jenkins.war --httpPort=8080 

 

2. SonarQube Installation

SonarQube is used to analyze the source code of our projects.

1. Download SonarQube from SonarQube Downloads.

2. Unzip the file in a directory that can be accessed without root permissions. SonarQubes also contain the ElasticSearch which will be in the SonarQube directory. So, basically, when will you start the SonarQube instance with root permissions it will generate an error in the start-up of ElasticSearch.

 

3. Before starting the server you have to set a database connection with sonar. And you can find it in sonarqube. properties in sonarqube/conf

 

sonar.jdbc.url
sonar.jdbc.username
sonar.jdbc.password

4-SonarQuber server will start on port 9000. In the sonar.properties file, you can always modify it.

 

sonar.web.port=9000 

 

5-To start SonarQube Server from its directory /bin/[OS directory]

sh sonar.sh console 

 

 

3. Integration of SonarQube in Jenkins

the integrations of the SonarQube in Jenkins, you have performed the following steps as follows.

1. Login into Jenkins and install the SonarQube scanner plugin

Go to Manage Jenkins –> Manage Plugins > Available –> SonarQube scanner

And also add the credentials plugins to store your credentials in the Jenkins

2. Configure SonarQube home path

Go to Manage Jenkins –> Global Tool Configuration –> SonarQube Scanner

1. Name: sonar_scanner

2. SONAR_RUNNER_HOME: /opt/sonarqube (Your directory path of SonarQube)

 

3.Now, Configure SonarQube server in Jenkins

1. For integration, you need a SonarQube Server authentication token in Jenkins

i. Find the following under the user bar after logging into your SonarQube server

Go to My Account –> Security –> Generate Token

Go to Manage Jenkins –> Configure Systems –> SonarQube Servers

Name: SonarQube

Server URL: Not Required, It is the same as the default.

Server authentication token :

 

i. Add server authentication token as following

 

ii. Pick it as a server authentication token

 

 

Save it. Once you save it you successfully complete SonarQube integration with Jenkins. To test SonarQube, you can create a Job (Follow Jenkins – Continuous Integration System) and generate a project report.

 

Following is an example of Jenkins Pipeline integrated with SonarQube. The last stage “Quality Analysis” will perform SonarQube quality analysis execution.

 

Also Read: AWS Application Load Balancer Vs. NGINX Plus!

 

 

When you login into the SonarQube server using, you will get an analysis report of your code.

 

We are a 360-degree software development company that provides complete web and mobile app development solutions for varied project requirements. Our end-to-end SaaS app development services address your mission-critical project requirements through scalable, responsive, and feature-rich software applications that are easy to scale. We carefully analyze your project requirements and formulate effective strategies to build enterprise-grade web and mobile applications for multiple platforms. For more info, contact us at [email protected]

 

About Author

Author Image
Aquib Ahamad

He has good knowledge of RHCSA and RHCE and Aws git and bigdata. He is a quick learner who is always looking to learn new technologies

Request for Proposal

Name is required

Comment is required

Sending message..