Jenkins - Sonarqube - Github Hook Setup Process
13 Sep 2020
Preconditions
Project
- Add sonarqube dependency to your project. With maven or gradle, add:
org.codehaus.mojo.sonar-maven-plugin - Add jacoco plugin for test coverage. With maven or gradle, setup with:
org.jacoco:jacoco-maven-plugin - Write pipeline script for jenkins pipeline
I’ll explain later on “Jenkins setting” section.
Jenkins
Install “Generic webhook trigger” from Jenkins > Settings > Plugin Manager > Plugins can be installed.
I guess restarting jenkins is not necessary.
https://plugins.jenkins.io/generic-webhook-trigger/
Add permission to utilize variables in script, on Jenkins > Settings > In-progress script approval:
method groovy.lang.Binding getVariables
Sonarqube
Plugins
Some of the plugins (e.g. sonar-github) is deprecated in recent sonar version.
To use that, you have to build it manually and put it on plugin directory.
Sonarqube Install
I think it is better to use sonar version below 7.6, as many features are deprecated or blocked in community version recently.
If you have manually-built plugins, push those under sonar-home-dir/extensions/plugins
After you installed sonarqube, you can see:
When you login with admin account you can see administration menu.
You can download plugin in marketplace or setup system in administration menu.
Git Hook Setting
Add hook to (jenkins-url)/generic-webhook-trigger/invoke for generic webhook trigger.
Jenkins Pipeline Setting
- Create Pipeline project
- Setup each keys on Build Triggers -> Generic webhook trigger. Add same variables on “This build has paramters”
- Check Build -> Pipeline script with SCM and setup github repository. Put jenkins pipeline script path in project on “Script Path”
Script Detail
- Check whether triggered job is pr sync or opened event
- Checkout to target branch
- Add sonar start comment with github api
- Run sonar job with sonar-github plugin to create comment on each pr
0. preconditions
Add property settings under node block to utilize general webhook trigger plugin in jenkins pipeline:
properties([
pipelineTriggers([
[$class: 'GenericTrigger',
genericVariables: [
[key: '<key1>', value:'<value rule'>,
...
],
...
])
])
For the detail please refer to this page
1. Check whether triggered job is pr sync or opened event
On webhook trigger body, there is action field which indicates pull request action type. If action field is not “synchronized” or not “opened”, abort jenkins job.
2. Checkout to target branch
checkout([
$class: 'GitSCM',
branches: [[name: <branch>]],
doGenerateSubmoduleConfigurations: false,
extensions: scm.extensions + [[$class: 'CleanCheckout']],
userRemoteConfigs: scm.userRemoteConfigs,
...
])
For the detail please refer to this page
3. Add sonar start comment with github api
With github api make http request inside pipeline to github.
4. Run sonar job with sonar-github plugin to create comment on each pr
With maven:
mvn \
-Dsonar.host.url=<sonar url> \
-Dsonar.login=<sonar login token> \
-Dsonar.github.endpoint=<github api url> \
-Dsonar.github.repository=<repository full name> \
-Dsonar.github.login=<github user id> \
-Dsonar.github.oauth=<github user oauth token> \
-Dsonar.analysis.mode=preview \
-Dsonar.github.pullRequest=<pull request number> \
... \
clean package sonar:sonar
-Dsonar.github.(…) option is for using sonar github plugin .
Summary
In short:
When “pr opened or synchronized” git event is triggered, jenkins pipeline job connected with webhook is executed.
In the job “sonar started” comment is created on pull request via github api, and sonar static analysis job is executed.
After job is done, github plugin creates comments for issues included in the pull request.