105 lines
4.2 KiB
Markdown
105 lines
4.2 KiB
Markdown
---
|
|
title: SonarQube
|
|
source: http://localhost:9000/tutorials?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe&selectedTutorial=jenkins
|
|
author:
|
|
- "[[Posteingang/SonarQube]]"
|
|
published:
|
|
created: 2024-10-12
|
|
description:
|
|
tags:
|
|
- clippings
|
|
---
|
|
- [Projects](http://localhost:9000/projects)
|
|
- [Issues](http://localhost:9000/issues?issueStatuses=OPEN%2CCONFIRMED)
|
|
- [Rules](http://localhost:9000/coding_rules)
|
|
- [Quality Profiles](http://localhost:9000/profiles)
|
|
- [Quality Gates](http://localhost:9000/quality_gates)
|
|
- [Administration](http://localhost:9000/admin/settings)
|
|
- [More](http://localhost:9000/tutorials?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe&selectedTutorial=jenkins/#)
|
|
|
|
- Overview
|
|
- Issues
|
|
- Security Hotspots
|
|
- Measures
|
|
- Code
|
|
- Activity
|
|
|
|
- [Project Settings](http://localhost:9000/tutorials?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe)
|
|
- [Project Information](http://localhost:9000/project/information?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe)
|
|
|
|
- [Analysis Method](http://localhost:9000/tutorials?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe)
|
|
- [Jenkins](http://localhost:9000/tutorials?id=tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe&selectedTutorial=jenkins)
|
|
|
|
1. ## Prerequisites
|
|
|
|
To run your project analyses with Jenkins, the following plugins must be **installed** and **configured**.
|
|
|
|
- GitLab plugin for Jenkins - version 1.5.13 or later
|
|
- SonarQube Scanner plugin for Jenkins - version 2.11 or later
|
|
|
|
For a step by step guide on installing and configuring those plugins in Jenkins, visit the [Analysis Prerequisites](https://docs.sonarsource.com/sonarqube/10.7/analyzing-source-code/ci-integration/jenkins-integration/key-features/) documentation page.
|
|
|
|
We recommend using the configuration in the following steps for the best results, but you can customize it as needed.
|
|
2. ## Create a Pipeline Job
|
|
|
|
Create a Pipeline in order to automatically analyze your project.
|
|
|
|
1. From Jenkins' dashboard, click **New Item** and create a **Pipeline Job**.
|
|
2. Under **Build Triggers**, choose **Build when a change is pushed to GitLab**. Write down the webhook URL provided. You will need it when configuring the webhook in GitLab.
|
|
- Under **Enabled GitLab triggers**, only select **Push events**.
|
|
- Click on **Advanced...**
|
|
- Find the **Secret token** text field, and click on **Generate**. Write down the secret token. You will need it when configuring the webhook in GitLab.
|
|
3. Under **Pipeline**, make sure the parameters are set as follows:
|
|
- **Definition:** Pipeline script from SCM
|
|
- **SCM:** Configure your SCM. Make sure to only build your main branch. For example, if your main branch is called "main", put "\*/main" under **Branches to build**.
|
|
- **Script Path:** Jenkinsfile
|
|
4. Click **Save**.
|
|
3. ## Create a GitLab Webhook
|
|
|
|
Create a Webhook in your repository to trigger the Jenkins job on push. You may skip this step if you already have a Webhook configured.
|
|
|
|
1. Go to the GitLab Webhook creation page for your repository and enter the following information:
|
|
- **URL:** Enter the URL you wrote down in the previous step.
|
|
- **Secret Token:** Enter the generated token you wrote down in the previous step.
|
|
2. Under **Trigger** check the following:
|
|
- **Push events**
|
|
3. Click **Add webhook**.
|
|
4. ## Create a Jenkinsfile
|
|
|
|
1. What option best describes your project?
|
|
2. Add the following to your `build.gradle` or `build.gradle.kts` file:
|
|
|
|
```
|
|
plugins {
|
|
id "org.sonarqube" version "5.1.0.4882"
|
|
}
|
|
|
|
sonar {
|
|
properties {
|
|
property "sonar.projectKey", "tpeetz-kontor_kontor-spring_f9cc9061-e2c2-4cf5-8c47-b8a58c9f11fe"
|
|
property "sonar.projectName", "kontor-spring"
|
|
}
|
|
}
|
|
```
|
|
3. Create a `Jenkinsfile` file in your repository and paste the following code:
|
|
|
|
```
|
|
node {
|
|
stage('SCM') {
|
|
checkout scm
|
|
}
|
|
stage('SonarQube Analysis') {
|
|
withSonarQubeEnv() {
|
|
sh "./gradlew sonar"
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
## And you are done!
|
|
|
|
If everything is running successfully, once the analysis is complete you'll be redirected to the Overview page of your project where the new analysis results will be displayed. This can take a few minutes.
|
|
|
|
- Each new push you make on your main branch will trigger a new analysis in SonarQube. |