SonarQube intergration

  • Home   /  
  • SonarQube intergration

step 1:

Signup and SetUp – SonarQube Cloud account using GitHub Objective: In this lab, you will signup SonarQube Cloud account using GitHub Creating a SonarQube Cloud account using GitHub 1.

Go to SonarQube cloud website

https://www.sonarsource.com/products/sonarcloud/

Authorize sonalcloud

 

3. go to github.com and fork below project

https://github.com/owtest23/javaproj.git

4. Go to sonar cloud and import the orgnization

5. select repo

6. install

7. Note down the project key

8. create organization

9.anaylsis

.

 

10. get token

generate the token and note it down

12. Get the project key [click on my project–>click on sample-java-sonar

Left hand side select the icon

note down the project key

 

12. Prior to performing a Sonar scan through Jenkins, it is necessary to deactivate the automatic
analysis option in the SonarQube web graphical user interface (GUI). a. Go to SonarQube Web GUI
and click on “Administration” → “Analysis Method

13. setup quality gate

create new quality gate

Add condition

set default

modify the sudoers file in ubuntu

vi /etc/sudoers

jenkins ALL=(ALL) NOPASSWD: ALL

Write the pipeline

pipeline {
agent any

stages {
stage('chckout scm') {
steps {
checkout scmGit(branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[url: 'https://github.com/hellokaton/java11-examples.git']])
}
}
stage('Compiling and Running Test Cases') {
steps {
sh 'mvn clean'
sh 'mvn compile'
sh 'mvn test'
}
}
stage('Generating a Cucumber Reports') {
steps {
script {
// Run Cucumber tests and generate reports
sh 'mvn verify'
}
}
}
stage('Creating Package') {
steps {
sh 'mvn package'
}
}
stage('adding genrerate report'){
steps {
sh 'mvn verify'
}
}
stage('Install sonarqube cli') {
steps {
// Step to install SonarQube CLI
sh 'sudo wget -O sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip'
sh 'sudo unzip -o -q sonar-scanner.zip'
sh 'sudo rm -rf /opt/sonar-scanner'
sh 'sudo mv --force sonar-scanner-5.0.1.3006-linux /opt/sonar-scanner'
sh 'sudo sh -c \'echo "#/bin/bash \nexport PATH=\\\"$PATH:/opt/sonar-scanner/bin\\\"" >/etc/profile.d/sonar-scanner.sh\''
sh 'sudo chmod +x /opt/sonar-scanner/bin/sonar-scanner'
sh '. /etc/profile.d/sonar-scanner.sh'
}
}

stage('Analyzing Code Quality') {
steps {
// Step to analyze code quality with SonarQube
sh '/opt/sonar-scanner/bin/sonar-scanner -Dsonar.projectKey=owtest23_sample-java-sonar -Dsonar.organization=owtest23 -Dsonar.qualitygate.wait=true -Dsonar.qualitygate.timeout=300 -Dsonar.sources=src/main/java/ -Dsonar.java.binaries=target/classes -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=65558d8b45ebd4758f3e8d49b8f3582f8707306'
}
}
}
}

In case it is failing remove the stage due to permission issue, remove stage “Install sonarqube cli” and step. Perform all the step manually on ubuntu server

wget -O sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip

unzip -o -q sonar-scanner.zip

rm -rf /opt/sonar-scanner

mv --force sonar-scanner-5.0.1.3006-linux /opt/sonar-scanner

export PATH="/opt/sonar-scanner/bin"

chmod +x /opt/sonar-scanner/bin/sonar-scanner

 

 

Coverted same code in functional mode

 

pipeline {
agent any
stages {
stage('Checkout SCM') {
steps {
checkoutSCM()
}
}

stage('Compiling and Running Test Cases') {
steps {
compileAndRunTests()
}
}

stage('Generating a Cucumber Reports') {
steps {
generateCucumberReports()
}
}

stage('Creating Package') {
steps {
createPackage()
}
}

stage('Adding Generate Report') {
steps {
addGenerateReport()
}
}

stage('Install SonarQube CLI') {
steps {
installSonarQubeCLI()
}
}

stage('Analyzing Code Quality') {
steps {
analyzeCodeQuality()
}
}
}
}

def checkoutSCM() {
checkout scm: [$class: 'GitSCM', branches: [[name: '*/master']], userRemoteConfigs: [[url: 'https://github.com/hellokaton/java11-examples.git']]]
}

def compileAndRunTests() {
sh 'mvn clean'
sh 'mvn compile'
sh 'mvn test'
}

def generateCucumberReports() {
script {
sh 'mvn verify'
}
}

def createPackage() {
sh 'mvn package'
}

def addGenerateReport() {
sh 'mvn verify'
}

def installSonarQubeCLI() {
sh '''
wget -O sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
unzip -o -q sonar-scanner.zip
rm -rf /opt/sonar-scanner
sudo mv --force sonar-scanner-5.0.1.3006-linux /opt/sonar-scanner
sudo sh -c 'echo "#/bin/bash \nexport PATH=\\\"$PATH:/opt/sonar-scanner/bin\\\"" >/etc/profile.d/sonar-scanner.sh'
sudo chmod +x /opt/sonar-scanner/bin/sonar-scanner
. /etc/profile.d/sonar-scanner.sh
'''
}

def analyzeCodeQuality() {
sh '''
/opt/sonar-scanner/bin/sonar-scanner -Dsonar.projectKey=owtest23_sample-java-sonar \
-Dsonar.organization=owtest23 \
-Dsonar.qualitygate.wait=true \
-Dsonar.qualitygate.timeout=300 \
-Dsonar.sources=src/main/java/ \
-Dsonar.java.binaries=target/classes \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.login=65558d8b45ebd4758f3e8d49b8f3582f8707306
'''
}