8.9 | Analyzing source code | CI integration | Jenkins integration

On this page

Jenkins integration

SonarScanners running in Jenkins can automatically detect branches and pull requests in certain jobs. You don't need to explicitly pass the branch or pull request details.

analysis-prerequisites

To run project analysis with Jenkins, you need to install and configure the following Jenkins plugins in Jenkins:

See the Installing and Configuring your Jenkins plugins section below for more information.

Configuring Jenkins using the SonarQube tutorial

If you're using Bitbucket Server, GitHub Enterprise, GitHub.com, GitLab Self-Managed, or GitLab.com, you can easily configure and analyze your projects by following the tutorial in SonarQube. You can access the tutorial by going to your project's Overview page and selecting with Jenkins under "How do you want to analyze your repository?"

Installing and Configuring your Jenkins plugins

SonarQube Scanner plugin

Click SonarQube Scanner below to expand instructions on installing and configuring the plugin.

SonarQube Scanner

SonarQube Scanner plugin version 2.11 or later is required.

  1. From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the SonarQube Scanner plugin.
  2. Back at the Jenkins Dashboard, navigate to Credentials > System from the left navigation.
  3. Click the Global credentials (unrestricted) link in the System table.
  4. Click Add credentials in the left navigation and add the following information:
    • Kind: Secret Text
    • Scope: Global
    • Secret: Generate a token at User > My Account > Security in SonarQube, and copy and paste it here.
  5. Click OK.
  6. From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
  7. From the SonarQube Servers section, click Add SonarQube. Add the following information:
    • Name: Give a unique name to your SonarQube instance.
    • Server URL: Your SonarQube instance URL.
    • Credentials: Select the credentials created during step 4.
  8. Click Save

Branch Source plugin

Required to analyze multibranch pipeline jobs in Developer Edition or above

Click your DevOps Platform below to expand the instructions on installing and configuring the Branch Source plugin.

BitBucket Server

Bitbucket Branch Source plugin version 2.7 or later is required

  1. From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the Bitbucket Branch Source plugin.
  2. From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
  3. From the Bitbucket Endpoints section, Click the Add drop-down menu and select Bitbucket Server. Add the following information:
    • Name: Give a unique name to your Bitbucket Server instance.
    • Server URL: Your Bitbucket Server instance URL.
  4. Click Save.
GitHub

GitHub Branch Source plugin version 2.7.1 or later is required

  1. From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the GitHub Branch Source plugin.
  2. From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
  3. From the GitHub or GitHub Enterprise Servers section, add your GitHub server.
  4. Click Save.
GitLab

GitLab Branch Source plugin version 1.5.3 or later is required

  1. From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the GitLab Branch Source plugin.
  2. From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
  3. From the GitLab section, add your GitLab server. Make sure to check the Manage Web Hooks checkbox.
  4. Click Save.

Configuring single branch pipeline jobs

With Community Edition, you can only analyze a single branch. For more information, see the Jenkins extension for SonarQube documentation.

Configuring multi-branch pipeline jobs

Starting in Developer Edition, you can analyze multiple branches and Pull Requests. The automatic configuration of branches and Pull Requests relies on environment variables available in Multibranch Pipeline jobs. These are set based on information exported by Jenkins plugins.

For configuration examples, see the SonarScanner for Jenkins documentation.

Configuring Multibranch Pipeline jobs for Pull Request Decoration

You need to configure your Multibranch Pipeline job correctly to avoid issues with Pull Request decoration. From your Multibranch Pipeline job in Jenkins, go to Configure > Branch Sources > Behaviors.

For Bitbucket Server and GitHub, under Discover pull requests from origin, make sure The current pull request revision is selected.

For GitLab, under Discover merge requests from origin, make sure Merging the merge request with the current target branch revision is selected.

Detecting changed code in Pull Requests

SonarScanners need access to a Pull Request's target branch to detect code changes in the Pull Request. If you're using a Jenkins Pull Request discovery strategy that only fetches the Pull Request and doesn't merge with the target branch, the target branch is not fetched and is not available in the local git clone for the scanner to read.

In this case, the code highlighted as “new” in the Pull Request may be inaccurate, and you’ll see the following warning in the scanner’s log:

File '[name]' was detected as changed but without having changed lines

To fix this, either change the discovery strategy or manually fetch the target branch before running the SonarScanner. For example:

git fetch +refs/heads/${CHANGE_TARGET}:refs/remotes/origin/${CHANGE_TARGET}

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License