Sonarqube installation pre-requisites A VM with minimum of 2 gb of RAM ( AWS t3.medium) Docker and docker-compose installed and docker service running
Install Sonarqube using the docker-composefile docker-compose up -d
Once Sonarqube is up and running can be accessed using URL : http://<>:9000 Default username and password : admin:admin
Create a Project in Sonarqube and note down the project key
In Jenkins install the sonarqube scanner plugin
- From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the SonarQube Scanner plugin.
- Back at the Jenkins Dashboard, navigate to Credentials > System from the left navigation.
- Click the Global credentials (unrestricted) link in the System table.
- Click Add credentials in the left navigation and add the following information: Kind: Secret Text Scope: Global Secret: Generate a token at User > My Account > Security in SonarQube, and copy and paste it here. Click OK.
- From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
- From the SonarQube Servers section, click Add SonarQube. Add the following information:
- Name: Give a unique name to your SonarQube instance.
- Server URL: Your SonarQube instance URL.
- Credentials: Select the credentials created during step 4.
- Click Save
In Jenkins install GitHub Branch Source plugin version 2.7.1 or later is required
- From the Jenkins Dashboard, navigate to Manage Jenkins > Manage Plugins and install the GitHub Branch Source plugin.
- From the Jenkins Dashboard, navigate to Manage Jenkins > Configure System.
- From the GitHub or GitHub Enterprise Servers section, add your GitHub server.
- Click Save.
In Jenkins global tool configuration. Add Sonar Scanner tool and allow it automatically install the binary
In the Maven based application build pom.xml add the following under build management -> plugins and push the changes to Github org.sonarsource.scanner.maven sonar-maven-plugin 3.7.0.1746
add a build step Execute SonarQube Scanner and add the below in additonal properties field sonar.host.url=URL sonar.login=Personal Access token sonar.projectKey=Project Key sonar.java.binaries=PATH where Java compiled files are present