Jenkins is a well-known continuous integration tool in the industry. Using Jenkins can help us realize automatic packaging and continuous integration. The topic of this article is assuming that you have already built Jenkins, and the server is linux, what to do now that you need to integrate SonarQube.
1. Install SonarQube on linux
First look at the architecture diagram of the next single-instance SonarQube, which consists of three parts: Scanner, SonarQube Server, and Database Server.
The official website has a detailed explanation of the three.
Simply put, Scanner is responsible for scanning your code and sending the scanned results to SonarQube Server. Scanner does not analyze the code.
SonarQube Server has built-in Elasticsearch for searching, and provides a computing engine responsible for performing code quality analysis and storing the analysis results in the database.
Since the higher version of SonarQube depends on the postgresql database, install postgresql first.
1. Install postgresql database
For the installation of postgresql, it is really not recommended to install it through yum according to the guidelines of the official website. In most cases, it cannot be installed due to the problem of the yum source. Here, it is installed by directly downloading the binary package. Select version 10.19 from here to download the postgresql installation package
After the download is complete, perform the following five steps:
1) Unzip the compressed package to: /usr/loca/pgsql/pgsql, and create a data storage directory: /usr/loca/pgsql/pgsql_data
2) Create a Linux user: postgres / 12345678
3) Switch to the user created in the previous step su - postgres
4) Start the database as the postgres user: bin/pg_ctl -D /usr/loca/pgsql/pgsql_data -l logfile start
5) Use the command Connection: /usr/local/pgsql/pgsql/bin/psql -h 127.0.0.1 -d postgres -U postgres -p 5432
6) Refer to the figure below to update the postgres user password: postgres / postgres
7) Refer to the figure below to create a database sonarto store the analysis results of SonarQube.
For more detailed command steps, refer to here to install postgresql-10 under linux. The most detailed steps to install on the entire network are here. Just leave it out.
2. Install SonarQube Server
1) Download jdk11 and extract it to the specified directory:
tar -zxvf openjdk-11+28_linux-x64_bin.tar.gz -C /usr/local/
2) Download the SonarQube Server installation package from the official website and extract it to /usr/local/sonarqube:
unzip sonarqube-8.9.1.44547.zip -d /usr/local/
3) Update the configuration file /usr/local/sonarqube/conf/sonar.properties:
sonar.jdbc.username=postgres
sonar.jdbc.password=postgres
sonar.jdbc.url=jdbc:postgresql://localhost/sonar
4) Update the configuration file /usr/local/sonarqube/conf/wrapper.conf:
wrapper.java.command=/usr/local/jdk-11/bin/java
5) Create a Linux user:
adduser sonarUser
passwd sonarUser
6) Assign sonarqube directory related permissions:
chmod 777 -R sonarqube
7) Change the sonar user group:
chown -R sonarUser:sonarUser sonarqube
8) Start the sonarqube server as the sonarUser user:
su - sonarUser
cd /usr/local/sonarqube/bin/linux-x86-64/
./sonar.sh start
./sonar.sh status
3. Install sonar scanner
Download the compressed package and extract it to /usr/local/sonar-scan-4.6.
Open the browser http://your-host:9000, and then admin/adminyou can access successfully.
2. Jenkins integrates SonarQube
Assuming you have set up Jenkins now, integrating SonarQube will be quite simple
1. Install the SonarQube Scanner plugin
Log in to Jenkins through the administrator account admin, enter system management - plug-in management, search for sonarqube scanner to install, and restart to take effect.
2. Configure SonarQube connection information
First log in to SonarQube, enter 配置 > 权限 > 用户 > 令牌, generate a token, and the Jenkins plug-in will access SonarQube through this token in the future.
Go back to Jenkins, enter 系统管理 > Manage Credentials, create a global credential, select Secret Text for the type, fill in the token just now for Secret, and customize the ID.
Enter again 系统管理 > 系统配置, select SonarQube Servers, configure the connection address and token of SonarQube.
Enter again 系统管理>全局工具配置, select SonarQube Scanner, and configure the SonarQube Scanner installation path on your server.
So far, the Jenkins integrated SonarQube environment has been successfully built.
3. Use the newly built environment for code scanning
Select a task, click 配置 > 增加构建步骤, and add the following configuration in Analysis properties:
sonar.projectKey=demo-project
sonar.projectName=demo-project
sonar.projectVersion=8.9
sonar.sources=$WORKSPACE
sonar.language=java
sonar.sourceEncoding=UTF-8
sonar.java.binaries=$WORKSPACE
After saving, click Build Now, wait for the build to complete, and you can see the project just scanned in SonarQube's web console.