Was this page helpful?
Adding the SonarCloud analysis to a Jenkins job
This section explains how to add the SonarCloud analysis to your Jenkins Freestyle or Pipeline jobs. Note that you can also easily configure and analyze your projects with Jenkins through the in-product tutorial.
To be able to add a SonarCloud analysis to a Jenkins job, Jenkins must have been set up for SonarCloud integration.
Adding analysis to a Freestyle job
The procedure depends on the project type.
- Create and configure your Jenkins job, and go to the Build Environment section.
- Enable Prepare SonarScanner environment to allow the injection of SonarCloud values into this particular job. Once the environment variables are available, use them in a standard Maven build step (Invoke top-level Maven targets) by setting the Goals to include, or a standard Gradle build step (Invoke Gradle script) by setting the Tasks to execute.
Maven goal:
$SONAR_MAVEN_GOALGradle task:
sonarIn both cases, launching your analysis may require authentication. In that case, make sure that the global configuration in Jenkins of SonarCloud defines a valid SonarCloud token (see Setting up Jenkins for SonarCloud integration).
- Create and configure your Jenkins job, and go to the Build section.
- Add the SonarQube for MSBuild - Begin Analysis to your build.
- Configure the SonarCloud Project Key, Name, and Version in the SonarScanner for MSBuild - Begin Analysis build step.
- Add the compatible MSBuild build step or the Execute Windows batch command to execute the build.
- Add the SonarQube for MSBuild - End Analysis build steps to your build.
In version 5.0 of the SonarScanner, we changed the name of the SonarScanner for MSBuild to SonarScanner for .NET.
The documentation is updated with the new name and we will call the scanner SonarScanner for .NET moving forward.
- Create and configure your Jenkins job, and go to the Build section.
- Add the SonarScanner CLI build step to your build.
- Configure the analysis properties. You can either point to an existing
sonar-project.propertiesfile or set the analysis properties directly in the Analysis properties field.
Adding analysis to a Pipeline job
- In Jenkins, create your Pipeline job.
- Add the SonarCloud analysis stage to the Jenkins file: see below.
- Setup a pipeline pause until the quality gate is computed.
Adding analysis to a Multibranch Pipeline job
- In Jenkins, create your Multibranch Pipeline job.
- From your Jenkins job, go to Configure > Branch Sources > Behaviors and:
- Under Discover branches, make sure Exclude branches that are also filed as PRs (or MRs) is selected.
- Under Discover pull (or merge) requests from origin, make sure The current pull (or merge) request revision is selected.
- Under Specify ref specs, make sure the Ref Spec value will include any target branches (the default value should be enough).
If the Specify ref specs behavior is not active, click on Add and select Specify ref specs.
- Add the SonarCloud analysis stage to the Jenkins file: see below.
- Setup a pipeline pause until the quality gate is computed.
Adding an analysis stage to the Jenkins file
You must use the withSonarQubeEnv step in the SonarCloud analysis stage of your pipeline job. This step is used to set the environment variables necessary to connect to SonarCloud. The connection details are retrieved from the Jenkins global configuration.
The withSonarQubeEnv() method can take the following optional parameters:
installationName(string): name of the SonarCloud installation as configured in Jenkins.credentialsId(string): if you want to overwrite the credentials configured in the Jenkins global configuration.envOnly(boolean): set it to true if you only want the SonarCloud environment variables to be expanded in the build context
Examples
Scripted pipeline example:
node {
stage('SCM') {
git 'https://github.com/foo/bar.git'
}
stage('SonarCloud analysis') {
withSonarQubeEnv() { // Will pick the global server connection you have configured
sh './gradlew sonar'
}
}
}Scripted pipeline example:
node {
stage('SCM') {
git 'https://github.com/foo/bar.git'
}
stage('SonarCloud analysis') {
withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: 'SonarCloud') { // You can override the credential to be used
sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922:sonar'
}
}
}Scripted pipeline example:
node {
stage('SCM') {
git 'https://github.com/foo/bar.git'
}
stage('Build + SonarCloud analysis') {
def sqScannerMsBuildHome = tool 'Scanner for .Net Framework'
withSonarQubeEnv('SonarCloud') {
bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe begin /k:myKey"
bat 'MSBuild.exe /t:Rebuild'
bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe end"
}
}
}Scripted pipeline example:
node {
stage('SCM') {
git 'https://github.com/foo/bar.git'
}
stage('SonarQube analysis') {
def scannerHome = tool '<sonarqubeScannerInstallation>'; // must match the name of an actual scanner installation directory on your Jenkins build agent
withSonarQubeEnv('SonarCloud') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}Declarative pipeline example:
pipeline {
agent any
stages {
stage('SonarQube analysis') {
steps {
script {
scannerHome = tool '<sonarqubeScannerInstallation>'// must match the name of an actual scanner installation directory on your Jenkins build agent
}
withSonarQubeEnv('SonarCloud') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
}
} © 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
