sonarqube-logo

Automate SonarQube Analysis on Git Pull Request using Jenkins

In this article will demonstrate how to setup SonarQube Analysis on Git Pull Requests. SonarQube will help developers to analyze newly committed code about what’s wrong with the code and how to improve it. This way it will help maintain quality of code with much faster bug reporting and solving.

This type of analysis can be done manually which isn’t the best option! It is recommended that this analysis are ran everytime a new request/code is committed, which can done via Continous Integration tool Jenkins.


By performing below tasks you will archieve is basically, every time a pull request is submitted by a member of team, the continuous integration system launches a SonarQube preview analysis with the parameters to activate the GitHub plugin, so that:

  1. When the SonarQube analysis starts, the GitHub plugin updates the status of the pull request to mention that there’s a pending analysis
  2. Then SonarQube executes all the required language plugins
  3. And at the end, the GitHub plugin:
    • adds an inline comment for each new issue,
    • adds a global comment with a summary of the analysis,
    • and updates the status of the pull request, setting it to “failed” if at least one new critical or blocker issue was found.

Inorder to get started make sure you have configured following tasks:

  1. Configured Github webhook
  2. Configured and Installed Jenkins
  3. Configured Github Pull Request header plugin in Jenkins
  4. Installed SonarQube

Once the pre-requesites are set, your now ready to integrate everthing.

Step 1: Create a Job in Jenkins

step1-setupjob-sonarqube-analysis

Step 2: Setup SCM

Here you will enter github repository URL and credentials, you can also specify branch you would like to create build for.

step2-setupscm-sonarqube

Step 3: Configure build triggers

Inorder to configure build triggers you will need github pull request builder plugin installed and configured in Jenkins. You can find link for the same in Pre-requesites section.

Remember to check : “Use github hooks for build triggering” option

step3-buildtriggers-sonarqube

Step 4: Setup Build with custome parameters

In this step you will need to mention custom parameter which will invoke sonarqube analysis during the build process. 

step4-buildparameters-sonarqube

Analysis properties : 

sonar.projectKey=devops
sonar.projectName=devops
sonar.projectVersion=1.0
sonar.sources=src
sonar.exclusions=**/src/main/python/**/lib/**
sonar.verbose=true

Additional arguments : 

-Dsonar.sourceEncoding=UTF-8
-Dsonar.analysis.mode=preview
-Dsonar.github.repository=bhargavamin/devops
-Dsonar.verbose=true 
-Dsonar.github.pullRequest=${ghprbPullId}
-Dsonar.github.login=<place github user here>
-Dsonar.github.oauth=<place here token generated from github account>

JVM options :

-Dhudson.model.ParametersAction.keepUndefinedParameters=true

Once this is done, you can then run the build by creating a pull request in github repo which will trigger jenkins build automatically and run sonarqube analysis on the pull request code.

Considering the build process went successfull you will be able to see sonarqube comment below pull request and would’ve recieved a mail about the status of pass.

Something like this …

sonarqube-

If you face any error during build make sure you have installed all the plugins and configured them the way I have, make sure the security groups have ports open so that github api (webhooks can communicate with jenkins server).

Hope this help!

Feel free to drop in your queries at my email mail@bhargavamin.com

Thanks, Bhargav