This plugin lets you centralize the configuration of SonarQube server connection details in Jenkins global configuration.
Then you can trigger SonarQube analysis from Jenkins using standard Jenkins Build Steps to trigger analysis with:
- SonarQube Scanner
- SonarQube Scanner for Maven
- SonarQube Scanner for MSBuild
Once the job is complete, the plugin will detect that a SonarQube analysis was made during the build and display a badge and a widget on the job page with a link to the SonarQube dashboard as well as quality gate status.
Since version 2.5 you can also use Jenkins pipeline DSL.
SonarQube Scanner for Jenkins
- SonarQube is already installed
- At least the minimal version of Java supported by your SonarQube server is in use
- The language plugins for each of the languages you wish to analyze are installed
- You have read Analyzing Code Source.
- Jenkins is already installed
Adding SonarQube Server
You can define as many SonarQube servers as you wish. Then for each Jenkins job, you will be able to choose which server to use for the SonarQube analysis.
To add a SonarQube server, just follow the three steps below:
- Log into Jenkins as an administrator and go to Manage Jenkins > Configure System:
- Scroll down to the SonarQube configuration section, click on "Add SonarQube", and add the values you're prompted for.
- For SonarQube servers at version 5.1 or lower, click on the "Advanced..." button and provide database credentials.
Adding SonarQube Scanner
This step is mandatory if you want to trigger any of your SonarQube analyses with the SonarQube Scanner.
You can define as many SonarQube Scanner launchers as you wish. Then for each Jenkins job, you will be able to choose with which launcher to use to run the SonarQube analysis.
To add a SonarQube Scanner:
- Log into Jenkins as an administrator and go to Manage Jenkins > Configure System (Jenkins 1.x) or Manage Jenkins > Global Tool Configuration (Jenkins 2.x) :
- Scroll down to the SonarQube Scanner configuration section and click on Add SonarQube Scanner. It is based on the typical Jenkins tool auto-installation. You can either choose to point to an already installed version of SonarQube Scanner (uncheck 'Install automatically') or tell Jenkins to grab the installer from a remote location (check 'Install automatically'):
If you don't see a drop down list with all available SonarQube Scanner versions but instead see an empty text field then this is because Jenkins still hasn't downloaded the required update center file (default period is 1 day). You may force this refresh by clicking 'Check Now' button in Manage Plugins >> Advanced tab.
Adding SonarQube Scanner for MSBuild
Configuring a SonarQube Scanner using environment variables
If the ability to inject SonarQube configurations as variables in jobs is enabled in the Jenkins' global configuration, you will have ability to activate it in your job. If multiple SonarQube instances are configured, you will be able to choose which one to use.
You may then use any of the SonarQube Scanners to perform the analysis, such as Maven, Gradle, Ant, etc.
Analyzing with SonarQube Scanner for MSBuild
Analyzing with the SonarQube Scanner
Go to the Build section, click on Add build step and choose SonarQube Scanner.
Configure the SonarQube analysis. You can either point to an existing sonar-project.properties file or set the analysis properties directly in the Analysis properties field:
Analyzing with SonarQube Scanner for Maven
Use the Build Environment option "Prepare SonarQube Scanner environment" (this option is only available if it has been enabled at the Global level by a Jenkins administrator) to inject SonarQube-related values as environment variables, such as:
SONAR_MAVEN_GOAL- defaults to sonar:sonar, but may vary depending on the sonar-maven-plugin specified for the selected SonarQube server
Use the help icon () to see the full list of available variables. Some values will be blank, depending on what was defined for the server.
Once the environment variables are available, use them in a standard Maven build step by setting the Goals to include
Triggering SonarQube analysis in a Jenkins pipeline
Since version 2.5 of the SonarQube Scanner for Jenkins, there is an official support of Jenkins pipeline. We provide a '
withSonarQubeEnv' block that allow to select the SonarQube server you want to interact with. Connection details you have configured in Jenkins global configuration will be automatically passed to the scanner.
Here are a some examples for every scanner, assuming you run on Unix slaves and you have configured a server named 'My SonarQube Server' as well as required tools. If you run on Windows slaves, just replace 'sh' by 'bat'.