To configure your SonarQube™ analysis within Jenkins, follow these instructions:
-
Step 1: connect your Bitbucket Server instance to your Jenkins instance
-
Install the Bitbucket Server Integration plugin and configure the plugin as instructed.
-
You will then be able to select your Bitbucket instance within the SCM list when creating a new job.
-
-
Step 2: configure your SonarQube™ instance in Jenkins
-
Install the SonarQube™ Scanner Jenkins plugin.
-
Follow the set up instructions to configure your SonarQube™ instance.
-
-
Step 3: Add your SonarQube™ analysis to your job/pipeline
-
Follow the instructions from the SonarQube™ Scanner documentation to add a SonarQube™ analysis to your builds.
-
You can find below more details on configuring:
-
a multibranch pipeline for SonarQube™ developer edition
-
a freestyle job for SonarQube™ community edition
-
a multibranch pipeline for SonarQube™ community edition
-
-
Jenkins + SonarQube™ developer edition
Multibranch Pipeline
-
Add a 'Multibranch Pipeline' (see Jenkins documentation here)
-
Select 'Bitbucket Server' for 'Branch Sources' and add a repository
-
Add 'Bitbucket webhook trigger' to 'Scan Multibranch Pipeline Triggers' → enable push/pull-request events
-
Save
-
Add a
Jenkinsfileto the repository to configure the needed analyses.
Use this Jenkinsfile for inspiration:
Pull Request Analysis is supported for version 4.0 and higher of the plugin Bitbucket Server Integration.
pipeline {
agent any
environment {
scannerHome = tool name: 'scanner', type: 'hudson.plugins.sonar.SonarRunnerInstallation'
}
stages {
stage('branch analysis') {
when {
not {
changeRequest()
}
}
steps {
withSonarQubeEnv('sonar-cloud') {
sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}"
}
}
}
// pull request analysis - requires v4.0 or higher of Bitbucket Server Integration
stage('PR analysis') {
when {
changeRequest()
}
steps {
withSonarQubeEnv('sonar-cloud') {
sh "${scannerHome}/bin/sonar-scanner \
-Dsonar.pullrequest.key=${env.CHANGE_ID} \
-Dsonar.pullrequest.base=${env.CHANGE_TARGET} \
-Dsonar.pullrequest.branch=${env.CHANGE_BRANCH}"
}
}
}
}
}
In this example, a condition is included so that:
-
if the pipeline is building a change request, a
PR analysisis triggered for the changed branch. -
if the pipeline is not building a change request, a
branch analysisis triggered for the master branch.
Jenkins + SonarQube™ community edition
Freestyle Job
To use freestyle jobs with the SonarQube™community edition, you need to install the https://plugins.jenkins.io/envinject/ plugin. This is needed in order to use the sanitized source branch name within the projectKey and projectName properties of the analysis to create branch-specific analyses in SonarQube™.
-
Add a new 'Freestyle Job’ in Jenkins
-
Select 'Bitbucket Server' for source code management
-
Select repository: enter
*/<yourMainBranch>as 'Branch specifier' in 'Branches to build' -
Select ‘Bitbucket webhook trigger’ and enable the pull request events
-
Add build steps:
-
Add build step to write the branch name to a file
-
Click on ‘Add build step’ and choose ‘Execute shell’.
-
In the command box, enter the following script:
echo SONAR_BRANCH=$(printf '%s' $GIT_BRANCH | cut -d'/' -f 2- | sed s/[^0-9a-zA-Z:_.\-]/'-'/g) > sonar-branchThis script will extract the branch name, sanitize it, and write it to a file named
sonar-branchin the workspace.
-
-
Add build step to inject the branch name as an environment variable
-
Click on 'Add build step' and choose 'Inject environment variables'
-
select
sonar-branchas the 'Properties File Path'
-
-
Add build step to execute SonarQube™ scanner
-
Click on ‘Add build step’ and choose ‘Execute SonarQube Scanner’
-
Override the projectKey and projectName in the 'Analysis Properties' field (replace "your.plugin.key" below with the unique identifier for your project in Sonarqube™ and “Your Project Name” with the display name for your project in Sonarqube™):
sonar.projectKey=your.plugin.key:${SONAR_BRANCH} sonar.projectName="Your Project Name - ${SONAR_BRANCH}"
-
-
-
Save Configuration:
-
Save your Jenkins job configuration
-
-
Trigger Analysis:
-
Trigger the analysis by clicking 'Build Now'
-
Verify that the analysis runs successfully on your main branch
-
-
Listen to All Branches:
-
After successful analysis on the main branch, change the 'Branch specifier' to
**to listen to all branches
-
-
Create a Pull Request:
-
Create a Pull Request in Bitbucket to trigger an analysis
-
Multibranch Pipeline
-
Add a 'Multibranch Pipeline' (see Jenkins documentation here)
-
Select 'Bitbucket Server' for 'Branch Sources' and add a repository
-
Add ‘Bitbucket webhook trigger' to 'Scan Multibranch Pipeline Triggers' → 'enable push/pull-request events’
-
Save
-
Add a
Jenkinsfileto the repository. It needs to compute the sanitizedSONAR_BRANCHso it can be used to build thesonar.projectKeyand thesonar.projectNamefor the current branch (See https://mibexsoftware.atlassian.net/wiki/spaces/ICQFBC/pages/3752821111/Configure+Sonar+Analysis+in+build+pipeline#Analysis-Parameter-Matrix )
Below is an example of such a pipeline:
pipeline {
agent any
environment {
scannerHome = tool name: 'scanner', type: 'hudson.plugins.sonar.SonarRunnerInstallation'
SONAR_BRANCH = sh(returnStdout: true, script: "printf '%s' $GIT_BRANCH | sed 's/[^0-9a-zA-Z:_.\\-]/-/g'")
}
stages {
stage('Analysis') {
steps {
withSonarQubeEnv('sonar') {
sh "${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=test.pipeline.proj:$SONAR_BRANCH -Dsonar.projectName=\"Awesome Pipeline - $SONAR_BRANCH\""
}
}
}
}
}