Adding analysis to a Jenkins job

This section explains how to add the SonarQube analysis to your Jenkins Freestyle or Pipeline jobs.

This section explains how to add the SonarQube analysis to your Jenkins Freestyle or Pipeline jobs. Note that you can also easily configure and analyze your projects with Jenkins in SonarQube through the tutorial in the application.

To be able to add a SonarQube analysis to a Jenkins job, Jenkins must have been set up for Setting up Jenkins.

Adding analysis to a Freestyle job

The procedure depends on the project type.

Create and configure your Jenkins job, and go to the Build Environment section.
Enable Prepare SonarScanner environment to allow the injection of SonarQube server values into this particular job. If multiple SonarQube instances are configured, you will be able to choose which one to use. Once the environment variables are available, use them in a standard Maven build step (Invoke top-level Maven targets) by setting the Goals to include, or a standard Gradle build step (Invoke Gradle script) by setting the Tasks to execute.

Maven goal:

$SONAR_MAVEN_GOAL

Gradle task:

sonar

In both cases, launching your analysis may require authentication. In that case, make sure that the global configuration in Jenkins of your SonarQube installation defines a valid SonarQube token (see Setting up Jenkins).

Create and configure your Jenkins job, and go to the Build section.
Add the SonarScanner CLI build step to your build.
Configure the analysis properties. You can either point to an existing sonar-project.properties file or set the analysis properties directly in the Analysis properties field.

Adding analysis to a Pipeline job

In Jenkins, create your Pipeline job.
Add the SonarQube analysis stage to the Jenkins file: see below.
Setting up a pipeline pause until the quality gate is computed.

Adding analysis to a Multibranch Pipeline job

This feature is supported from SonarQube Developer Edition.

Proceed as follows:

In Jenkins, create your Multibranch Pipeline job.
From your Jenkins job, go to Configure > Branch Sources > Behaviors and:
1. Under Discover branches, make sure **Exclude branches that are also filed as PRs (**or MRs) is selected.
2. Under **Discover pull (**or merge) requests from origin, make sure **The current pull (**or merge) request revision is selected.
3. Under Specify ref specs, make sure the Ref Spec value will include any target branches (the default value should be enough). If the Specify ref specs behavior is not active, click on Add and select Specify ref specs.
Add the SonarQube analysis stage to the Jenkins file: see below.
Setting up a pipeline pause until the quality gate is computed.

Adding an analysis stage to the Jenkins file

You must use the withSonarQubeEnv step in the SonarQube analysis stage of your pipeline job. This step is used to set the environment variables necessary to connect to the specified SonarQube instance. The connection details are retrieved from the Jenkins global configuration.

The withSonarQubeEnv() method can take the following optional parameters:

installationName(string): name of the SonarQube installation as configured in Jenkins. This is necessary if several SonarQube servers are configured in Jenkins.
credentialsId(string): if you want to overwrite the credentials configured in the Jenkins global configuration.
envOnly(boolean): set it to true if you only want the SonarQube environment variables to be expanded in the build context

Examples

Scripted pipeline example:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    withSonarQubeEnv() { // Will pick the global server connection you have configured
      sh './gradlew sonar'
    }
  }
}

Scripted pipeline example:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: '<sonarqubeInstallation>') { // You can override the credential to be used, If you have configured more than one global server connection, you can specify the corresponding SonarQube installation name configured in Jenkins
      sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922:sonar'
    }
  }
}

Scripted pipeline example:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('Build + SonarQube analysis') {
    def sqScannerMsBuildHome = tool 'Scanner for .Net Framework'
    withSonarQubeEnv(<sonarqubeInstallation>') {// If you have configured more than one global server connection, you can specify its name as configured in Jenkins
      bat "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe begin /k:myKey"
      bat 'MSBuild.exe /t:Rebuild'
      bat "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe end"
    }
  }
}

Scripted pipeline example:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    def scannerHome = tool '<sonarqubeScannerInstallation>'; // must match the name of an actual scanner installation directory on your Jenkins build agent
    withSonarQubeEnv('<sonarqubeInstallation>') { // If you have configured more than one global server connection, you can specify its name as configured in Jenkins
      sh "${scannerHome}/bin/sonar-scanner"
    }
  }
}

Declarative pipeline example:

pipeline {
  agent any
  stages {
    stage('SonarQube analysis') {
      steps {
        script {
            scannerHome = tool '<sonarqubeScannerInstallation>'// must match the name of an actual scanner installation directory on your Jenkins build agent
        }
        withSonarQubeEnv('<sonarqubeInstallation>') {// If you have configured more than one global server connection, you can specify its name as configured in Jenkins
          sh "${scannerHome}/bin/sonar-scanner"
        }
      }
    }
  }
}

PreviousSetting up Jenkins NextSetting up a pipeline pause

Last updated 1 month ago

Was this helpful?