Start Free
SonarQube Community Build | Analyzing source code | CI integration | Jenkins integration | Setting up Jenkins

Setting up Jenkins for SonarQube Community Build integration

On this page

Installing the Jenkins Extension Installing the SonarScanner instance(s) Other settings Related pages

This section explains how to set up Jenkins globally for the integration with SonarQube Community Build by using Jenkins Extension. This extension is not mandatory but allows a centralized installation and setup of the scanner directly from Jenkins.

Proceed as follows: 

  1. Install the Jenkins Extension.
  2. Install the SonarScanner from Jenkins.
  3. If you have the Developer Edition of SonarQube Community Build or higher: set up the multi-branch features.

These steps are explained below.

Installing the Jenkins Extension

Jenkins Extension version 2.11 or later is required.

Proceed as follows:

  1. From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the SonarQube Scanner plugin.
  2. Back at the Jenkins Dashboard, navigate to Credentials > System from the left navigation.
  3. Click the Global credentials (unrestricted) link in the System table.
  4. Click Add credentials in the left navigation and add the following information:
    • Kind: Secret Text
    • Scope: Global
    • Secret: Generate a token at User > My Account > Security in SonarQube Community Build, and copy and paste it here.
  5. Click OK.
  6. From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
  7. From the SonarQube section, click Add SonarQube. Add the following information:
    • Name: Give a unique name to your SonarQube Community Build instance.
    • Server URL: Your SonarQube Community Build instance URL.
    • Credentials: Select the credentials created during step 4.
  8. Click Save

Installing the SonarScanner instance(s)

From Jenkins, install and configure the SonarScanner instance(s). This step depends on the project type.

  1. Log into Jenkins as an administrator and go to Manage Jenkins > Configure System.
  2. Scroll to the SonarQube servers section and check Enable injection of SonarQube server configuration as build environment variables.

This step is mandatory if you want to trigger any of your analyses with the SonarScanner for .NET. You can define as many scanner instances as you wish. Then for each Jenkins job, you will be able to choose which launcher to use to run the analysis.

To install and configure the scanner instances:

  1. Log into Jenkins as an administrator and go to Manage Jenkins > Global Tool Configuration.
  2. Click on Add SonarScanner for MSBuild.
  3. Add an installation of the latest available version. Check Install automatically to have the SonarScanner for .NET automatically provisioned on your Jenkins executors.
    If you do not see any available version under Install from GitHub, first go to Manage Jenkins > Manage Plugins > Advanced and click on Check now.

This step is mandatory if you want to trigger any of your analyses with the SonarScanner CLI. You can define as many scanner instances as you wish. Then, for each Jenkins job, you will be able to choose which launcher to use to run the analysis.

To install and configure the scanner instances:

  1. Log into Jenkins as an administrator and go to Manage Jenkins > Global Tool Configuration.
  2. Scroll down to the SonarScanner configuration section and select Add SonarScanner. It is based on the typical Jenkins tool auto-installation. You can either choose to point to an already installed version of the SonarScanner CLI (uncheck Install automatically) or tell Jenkins to grab the installer from a remote location (check Install automatically).
    If you don't see a drop-down list with all available SonarScanner CLI versions but instead see an empty text field, this is because Jenkins still hasn't downloaded the required update center file (the default period is one day). You may force this refresh by selecting Check Now in Manage Plugins > Advanced tab.

Other settings

If applicable, configure webhook(s) at global level to be used for pipeline jobs to set up an automatic interruption of the pipeline in case the quality gate fails.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License