Step by step guide for integration of Sonarqube with Jenkins - Part 1
If you have stumble upon this article you definitely might know what Sonarqube is and you are in need of proper step by step guide on how to properly integrate Sonarqube continuous code analysis into the jenkins build pipeline of your project.
So i won’t go into lengthy descriptions of what sonarqube is etc. since you already know the value of it when you stumble across this article. Go through the below mentioned architecture diagram to get an overview on how the Sonarqube will be integrated to the jenkins build pipeline.
So let’s start off the step by step guide,
Step 1:
Only prerequisite to setup sonarqube is to have Java sdk installed on your server or machine. And if you have jenkins automation server running then you definitely must have already installed java sdk.
In case you haven’t you can download java sdk by using the link below,
After that in command prompt you can type java -version to verify whether java is installed and running properly in your server or machine.
Step 2:
After installation java environment variables must be setup.
You can follow the link below, for a proper guideline in order to setup the environmental variables.
Step 3:
Next step is to download the Sonarqube community edition by using the link below,
I would highly recommend to go for the developer edition since it has some enhanced functionality but for the sake of start, go with community edition,
Then unzip the downloaded package and place the extracted files in your own preferred folder.
Ex: C:\sonarqub
Step 4:
Then navigate to sonarqube→ conf folder. There is a file called wrapper.conf. Then in that file you need to provide the path for the java. Otherwise you’ll most probably get an error stating “Unable to start JVM”
wrapper.java.command=%JAVA_HOME%/bin/java
Then navigate to bin→ windows-x86–64 and run the StartSonar.bat file as administrator. If everything works perfect you’ll get a console message similar to the below depicted screenshot with a console out stating “Sonarqube is up”
In case if you are planning to install sonarqube as service run the bat file InstallNTService.bat and then StartNTService.bat in order to start the service.
If you need to stop the service we can use the StopNTService.bat and you can uninstall the service by using UninstallNTService.bat
Step 5:
Then you can access localhost:9000 to access the Sonarqube panel.
After that as the first step you can log into using,
username:admin
password:admin
Then go to the administration section and you can make the user roles and configure their access privileges.
Step 6:
The first step to integrate the sonarqube installation with jenkins devops environment is to generate an access token.
Go to Administration > Security > Users > Tokens > Generate token with some name > Copy the token
This token will be used in Jenkins for Sonar authentication
Step 7:
Then follow the below mentioned set of steps to integrate sonarqube with jenkins,
Then we need to configure the sonarqube installations with jenkins by using the generated access tokens. The steps to be followed in order to integrate with jenkins are,
Go to Manage Jenkins> Go to SonarQube servers section> Add SonarQube> Put a proper name(Your own choice)> Put the server URL as http://localhost:9000 if the server is running in the same server or if you install it as a separate server or if your running it on a different port you can put the respective Server URL> Click add> And select secret text> Add the generated token as secret key and save.
Step 8:
After the integration process we need to install the sonar scanner. Sonar scanner is used to go through the code and analyze.
Go to manage jenkins> manage plugins> go to Available section> Search SonarQube Scanner> Then check it and click “Download now and install after restart”.
Then Sonar scanner must be configured.
Goto Manage Jenkins> Global Tool Configuration> Then follow the below steps,
For .net projects SonarScanner for MSBuild must be installed. Use a proper name for the scanner and also we can select the matching SonarScanner for MSBuild version
Step 9:
Sonarscanner will depend on the build that you are using in your project. You can go through the below mentioned link to find out the SonarScanner that matches with your build,
So after the previous step basic sonarqube integration process is done. Then in the Part 2 section we’ll discuss the how to integrate Sonarscanner into the build pipeline.
