Uncategorised

How to execute sonarqube scanner using jenkins pipeline?

November 12, 2022 1 Comment

SonarScanner: Command line

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    def scannerHome = tool 'SonarScanner 4.0';
    withSonarQubeEnv('My SonarQube Server') { // If you have configured more than one global server connection, you can specify its name
      sh "${scannerHome}/bin/sonar-scanner"
    }
  }
}

SonarScanner for Gradle:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    withSonarQubeEnv() { // Will pick the global server connection you have configured
      sh './gradlew sonarqube'
    }
  }
}

SonarScanner for Maven:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('SonarQube analysis') {
    withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: 'My SonarQube Server') { // You can override the credential to be used
      sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar'
    }
  }
}

SonarScanner for .NET:

node {
  stage('SCM') {
    git 'https://github.com/foo/bar.git'
  }
  stage('Build + SonarQube analysis') {
    def sqScannerMsBuildHome = tool 'Scanner for MSBuild 4.6'
    withSonarQubeEnv('My SonarQube Server') {
      bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe begin /k:myKey"
      bat 'MSBuild.exe /t:Rebuild'
      bat "${sqScannerMsBuildHome}\\SonarQube.Scanner.MSBuild.exe end"
    }
  }
}
pipeline {
  agent any
  stages {
    stage('SonarQube analysis') {
      steps {
        script {
          // requires SonarQube Scanner 2.8+
          scannerHome = tool 'SonarQube Scanner 2.8'
        }
        withSonarQubeEnv('SonarQube Scanner') {
          sh "${scannerHome}/bin/sonar-scanner"
        }
      }
    }
  }
}

The tool name “SonarQube Scanner 2.8” needs to match the “Name” field of a SonarQube Scanner Installation on the Global Tools Configuration page. The name used in the withSonarQubeEnv step needs to match the “Name” field of a SonarQube server defined on the Configure System page.

You're mixing Scripted Pipeline with Declarative Pipeline syntax.

While the snippet you posted from SonarQube documentation would work, you will need to adapt it since you're using Declarative (as indicated by the "Not a valid stage section definition" error).

Normally, you'd define a tools section in your Pipeline, but it looks like the SonarQube plugin doesn't support Declarative, nor does it add itself to the PATH.

Since you can't normally define variables in Declarative Pipeline, the script step has to be used to call the tool step and store the path to the installed tool. For example:

pipeline {
  agent any
  stages {
    stage('SonarQube analysis') {
      steps {
        script {
          // requires SonarQube Scanner 2.8+
          scannerHome = tool 'SonarQube Scanner 2.8'
        }
        withSonarQubeEnv('SonarQube Scanner') {
          sh "${scannerHome}/bin/sonar-scanner"
        }
      }
    }
  }
}
The tool name "SonarQube Scanner 2.8" needs to match the "Name" field of a SonarQube Installation on the Global Tools Configuration page. The name used in the withSonarQubeEnv step needs to match the "Name" field of a SonarQube server defined on the Configure System page.

If the SonarQube plugin did support Declarative, and added itself to PATH, the Pipeline could be a wee bit simpler:

pipeline {
  agent any
  stages {
    stage('SonarQube analysis') {
      tools {
        sonarQube 'SonarQube Scanner 2.8'
      }
      steps {
        withSonarQubeEnv('SonarQube Scanner') {
          sh 'sonar-scanner'
        }
      }
    }
  }
}

Example using declarative pipeline:

      pipeline {
        agent none
        stages {
          stage("build & SonarQube analysis") {
            agent any
            steps {
              withSonarQubeEnv('My SonarQube Server') {
                sh 'mvn clean package sonar:sonar'
              }
            }
          }
          stage("Quality Gate") {
            steps {
              timeout(time: 1, unit: 'HOURS') {
                waitForQualityGate abortPipeline: true
              }
            }
          }
        }
      }

Example using scripted pipeline:

      stage("build & SonarQube analysis") {
          node {
              withSonarQubeEnv('My SonarQube Server') {
                 sh 'mvn clean package sonar:sonar'
              }
          }
      }

      stage("Quality Gate"){
          timeout(time: 1, unit: 'HOURS') {
              def qg = waitForQualityGate()
              if (qg.status != 'OK') {
                  error "Pipeline aborted due to quality gate failure: ${qg.status}"
              }
          }
      }

Please use below code to run the sonar-scanner on windows

node {    
       stage('SonarQube analysis') {
       // requires SonarQube Scanner 2.8+
       def scannerHome = tool 'SONAR_RUNNER';
       withSonarQubeEnv('SonarQube') {
            bat "\"${scannerHome}\\bin\\sonar-scanner.bat\""
       }
}

SonarQube integration with Jenkins Pipeline

node(label:'master') {
  try{  
    stage('Static Analysis') {
      withSonarQubeEnv('SonarQube1') 
      {
        bat 'mvn clean package sonar:sonar
   	echo 'Static Analysis Completed' 
      }
   
    stage("Quality Gate"){
      timeout(time: 1, unit: 'HOURS') 
      {
        waitForQualityGate abortPipeline: true
        def qg= waitForQualityGate()
        if (qg.status!= 'OK'){
          error "Pipeline aborted due to quality gate failure: ${qg.status}"
        }
      }         
      echo 'Quality Gate Passed' 
    }
  } 
}

SonarQube Scans in Jenkins Declarative Pipeline using SonarScanner

stage('SonarCloud') {
  environment {
    SCANNER_HOME = tool 'SonarQubeScanner'
    ORGANIZATION = "igorstojanovski-github"
    PROJECT_NAME = "igorstojanovski_jenkins-pipeline-as-code"
  }
  steps {
    withSonarQubeEnv('SonarCloudOne') {
        sh '''$SCANNER_HOME/bin/sonar-scanner -Dsonar.organization=$ORGANIZATION \
        -Dsonar.java.binaries=build/classes/java/ \
        -Dsonar.projectKey=$PROJECT_NAME \
        -Dsonar.sources=.'''
    }
  }
}
stage("Quality Gate") {
  steps {
    timeout(time: 1, unit: 'MINUTES') {
        waitForQualityGate abortPipeline: true
    }
  }
}

stage('SonarQube') {
  environment {
    SCANNER_HOME = tool 'sonar scanner jenkins'
    ORGANIZATION = "poc.net"
    PROJECT_NAME = "org.sonarqube:poc.net"
  }
  steps {
    withSonarQubeEnv('sonarqube') {
        bat "${SCANNER_HOME}/bin/sonar-scanner -Dsonar.organization=${ORGANIZATION} \
        -Dsonar.java.binaries=compiled \
        -Dsonar.projectKey=${PROJECT_NAME} \
        -Dsonar.sources=POCStudentCrud"
    }
  }
}

stage('SonarCloud') {
  environment {
    SCANNER_HOME = tool 'SonarQubeScanner'
    ORGANIZATION = "igorstojanovski-github"
    PROJECT_NAME = "igorstojanovski_jenkins-pipeline-as-code"
  }
  steps {
    withSonarQubeEnv('SonarCloudOne') {
        sh '''$SCANNER_HOME/bin/sonar-scanner -Dsonar.organization=$ORGANIZATION \
        -Dsonar.java.binaries=build/classes/java/ \
        -Dsonar.projectKey=$PROJECT_NAME \
        -Dsonar.sources=.'''
    }
  }
}
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)
Subscribe
Notify of
guest
1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Chandra
Chandra
11 months ago

how to give the Sonarqube url instead of ‘SonarCloudOne’ configured in global configuration

0
1
0
Would love your thoughts, please comment.x
()
x