• notice
  • Congratulations on the launch of the Sought Tech site

Jenkins integrates SonarQube for code quality scanning

I. Introduction

1. Main content of this article

  • Jenkins integrated SonarQube Server configuration

  • Jenkins integrated SonarQube Scanner configuration

  • Jenkins+Maven+SonarQube scan Java project code quality

  • Jenkins integrated SonarQube Scanner parameter description

2. Environmental information

  • server

server nameoperating systemIPillustrate
JenkinsCentOS 7192.168.88.44Deploy Jenkins
SonarCentOS 7192.168.88.45Deploy Sonar
  • software

tool/environmentVersion
Jenkins2.176.2
Maven3.6.1
SonarQube Server7.5
SonarQube Scanner2.8
JDK1.8.0_181

3. Preparation

  • Jenkins deployment

Reference: https://ken.io/note/centos7-jenkins-install-tutorial

Deployed on the server 192.168.88.44, the access address is:http://192.168.88.44:8080

  • SonarQube deployment

Reference: https://ken.io/note/sonarqube-install-and-code-scan-tutorial

Deployed on the server 192.168.88.45, the access address is:http://192.168.88.45:9000

Two, Jenkins integrated SonarQube configuration

1. Install the plug-in

Menu: Manage Jenkins->Plugin Management, install the following plugins:

  • plugin list

plugin nameVersionillustrate
SonarQube Scanner2.9Integrate SonarQube for code scanning/inspection

2. Generate SonarQube Token

SonarQube menu: My Account -> Security or visit:http://192.168.88.45:9000/account/security/

jenkins-sonarqube-token-generate.png

Remember to copy and save the Token after generation, otherwise the Token cannot be queried after the page is refreshed or closed.

ac28526ece72a4f10104059049d3e6e0347da9f7

3. Add Jenkins credentials

Menu: Credentials —> System —> Global Credentials —> Add Credentials, or direct access: http://192.168.88.44:8080/credentials/store/system/domain/_/newCredentialsAdd Credentials

jenkins-credentials-sonarqube-token.png

Type selection: Secret text, and then fill in the previously generated Token in the Secret, as long as the ID is not the same as before.

4. Configure SonarQube Server

Menu: Manage Jenkins -> System Settings, or directly access:http://192.168.88.44:8080/configure

Find the SonarQube servers configuration item to add SonarQube Server

jenkins-configure-sonarqube-server.png

Description of configuration items:

configuration itemillustrate
nameSonar service name, just follow your own habits
Server URLHome page address of SonarQube Server
Sonar authentication tokenSonar Token, select the added credentials

5. Configure SonarQube Scanner

Menu: Manage Jenkins -> Global Tool Configuration, or directly access: http://192.168.88.44:8080/configureTools, find the SonarQube Scanner
configuration item and clickSonarQube Scanner 安装

jenkins-configure-tools-sonarqube-scanner.png

In order to save trouble, here we choose automatic installation, version 2.8

For each of the above configuration items, remember to click the 保存button

3. Jenkins builds Job configuration

If you already have a Maven+Java project build job, you can directly select the configuration. If not, you can refer to: https://ken.io/note/jenkins-maven-git-java-integration to add a Maven+Java project build Task.

Reference: https://ken.io/note/jenkins-maven-git-java-integration

1. Add SonarQube Scanner

In the Post Stepsconfiguration item, click: Add post-build step, and then select:Execute SonarQube Scanner

jenkins-job-poststeps-add-sonarqube-scanner.png

2. Configure SonarQube Scanner

jenkins-job-poststeps-config-sonarqube-scanner.png

Here we only need Analysis propertiesto configure the parameters of the sonar scan in

sonar.projectKey=io.ken.tutorial.helloworldsonar.projectName=helloworldsonar.projectVersion=1.0sonar.sources=srcsonar.java.binaries=target/classessonar.language=java

Parameter Description:

parameter itemillustrate
sonar.projectKeyProject Key, which needs to be unique, it is recommended to use GroupId+ArtifactId
sonar.projectNameProject name, keep consistent with ArtifactId
sonar.projectVersionProject version, keep consistent with pom.xml
sonar.sourcesThe source code directory, the Java project is src by default, if the project has multiple modules, it needs to be configured as {moduleDirectory}/src
sonar.java.binariesThe compiled classes directory, if the project has multiple modules, it needs to be configured as {moduleDirectory}/target/classes

3. Build & scan

After completing the above SonarQube Scanner configuration, you can build the project. After the build is successful, visit SonarQube and you will see the scanning results in the project list:

jenkins-sonarqube-scan-result.png

If the build fails, there may be a problem accessing the SonarQube Server, or there is a problem with the configuration of the SonarQube Scanner. For details, you can check the console output of the Jenkins build job


Tags

Technical otaku

Sought technology together

Related Topic

1 Comments

author

order lipitor 10mg generic & lt;a href="https://lipiws.top/"& gt;order atorvastatin 20mg online& lt;/a& gt; atorvastatin 80mg pills

Lbvdwv

2024-03-07

Leave a Reply

+