Jenkins integrates SonarQube for code quality scanning
I. Introduction
1. Main content of this article
Jenkins integrated SonarQube Server configuration
Jenkins integrated SonarQube Scanner configuration
Jenkins+Maven+SonarQube scan Java project code quality
Jenkins integrated SonarQube Scanner parameter description
2. Environmental information
server
server name | operating system | IP | illustrate |
---|---|---|---|
Jenkins | CentOS 7 | 192.168.88.44 | Deploy Jenkins |
Sonar | CentOS 7 | 192.168.88.45 | Deploy Sonar |
software
tool/environment | Version |
---|---|
Jenkins | 2.176.2 |
Maven | 3.6.1 |
SonarQube Server | 7.5 |
SonarQube Scanner | 2.8 |
JDK | 1.8.0_181 |
3. Preparation
Jenkins deployment
Reference: https://ken.io/note/centos7-jenkins-install-tutorial
Deployed on the server 192.168.88.44
, the access address is:http://192.168.88.44:8080
SonarQube deployment
Reference: https://ken.io/note/sonarqube-install-and-code-scan-tutorial
Deployed on the server 192.168.88.45
, the access address is:http://192.168.88.45:9000
Two, Jenkins integrated SonarQube configuration
1. Install the plug-in
Menu: Manage Jenkins->Plugin Management, install the following plugins:
plugin list
plugin name | Version | illustrate |
---|---|---|
SonarQube Scanner | 2.9 | Integrate SonarQube for code scanning/inspection |
2. Generate SonarQube Token
SonarQube menu: My Account -> Security or visit:http://192.168.88.45:9000/account/security/
Remember to copy and save the Token after generation, otherwise the Token cannot be queried after the page is refreshed or closed.
ac28526ece72a4f10104059049d3e6e0347da9f7
3. Add Jenkins credentials
Menu: Credentials —> System —> Global Credentials —> Add Credentials, or direct access: http://192.168.88.44:8080/credentials/store/system/domain/_/newCredentials
Add Credentials
Type selection: Secret text
, and then fill in the previously generated Token in the Secret, as long as the ID is not the same as before.
4. Configure SonarQube Server
Menu: Manage Jenkins -> System Settings, or directly access:http://192.168.88.44:8080/configure
Find the SonarQube servers configuration item to add SonarQube Server
Description of configuration items:
configuration item | illustrate |
---|---|
name | Sonar service name, just follow your own habits |
Server URL | Home page address of SonarQube Server |
Sonar authentication token | Sonar Token, select the added credentials |
5. Configure SonarQube Scanner
Menu: Manage Jenkins -> Global Tool Configuration, or directly access: http://192.168.88.44:8080/configureTools
, find the SonarQube Scanner
configuration item and clickSonarQube Scanner 安装
In order to save trouble, here we choose automatic installation, version 2.8
For each of the above configuration items, remember to click the 保存
button
3. Jenkins builds Job configuration
If you already have a Maven+Java project build job, you can directly select the configuration. If not, you can refer to: https://ken.io/note/jenkins-maven-git-java-integration to add a Maven+Java project build Task.
Reference: https://ken.io/note/jenkins-maven-git-java-integration
1. Add SonarQube Scanner
In the Post Steps
configuration item, click: Add post-build step
, and then select:Execute SonarQube Scanner
2. Configure SonarQube Scanner
Here we only need Analysis properties
to configure the parameters of the sonar scan in
sonar.projectKey=io.ken.tutorial.helloworldsonar.projectName=helloworldsonar.projectVersion=1.0sonar.sources=srcsonar.java.binaries=target/classessonar.language=java
Parameter Description:
parameter item | illustrate |
---|---|
sonar.projectKey | Project Key, which needs to be unique, it is recommended to use GroupId+ArtifactId |
sonar.projectName | Project name, keep consistent with ArtifactId |
sonar.projectVersion | Project version, keep consistent with pom.xml |
sonar.sources | The source code directory, the Java project is src by default, if the project has multiple modules, it needs to be configured as {moduleDirectory}/src |
sonar.java.binaries | The compiled classes directory, if the project has multiple modules, it needs to be configured as {moduleDirectory}/target/classes |
3. Build & scan
After completing the above SonarQube Scanner configuration, you can build the project. After the build is successful, visit SonarQube and you will see the scanning results in the project list:
If the build fails, there may be a problem accessing the SonarQube Server, or there is a problem with the configuration of the SonarQube Scanner. For details, you can check the console output of the Jenkins build job
0 Comments