Do Jenkins and SonarQube need to be on the same machine? - jenkins

I am trying to run a SonarQube scan from Jenkins job. I have the SonarQube Scanner for Jenkins plugin installed v2.6.1 running on local Jenkins (for dev only);
I have seen conflicting reports on whether or not you can run SonarQube on a different server then Jenkins. It wouldn't make sense if you could not do that... if you can, instructions on how to accomplish it would be great. Simply putting in the URL to the SQ server where Jenkins expects a directory to Sonar Runner locally, does not work.

Jenkins and SonarQube do not have to be on the same machine.
The SonarQube plugin in Jenkins will run one of these three scanners:
SonarQube Scanner
SonarQube Scanner for Maven
SonarQube Scanner for MsBuild
Depending on which scanner you use, it works a bit differently:
For the SonarQube Scanner, pass -Dsonar.host.url=http://your.host:1234 as additional arguments. (or add it to your sonar.properties file)
For the SonarQube Scanner for Maven, add -Dsonar.host.url=http://your.host:1234 to your maven build step.
For the SonarQube Scanner for MsBuild, add /d:sonar.host.url=http://your.host:1234 to your MsBuild.exe call.

Related

Sonar scanner execution order jenkins job

For my project, we have made the job on Jenkins GUI. Non declarative.
Tasks are :-
GIT scm
Maven clean install goal
Sonar scanner
Quality gate
War to artifactory
I have defined, sonar scanner in post build steps and deploy to artifactory in post build actions.
Now in console output, order of execution is like war is getting published first and then sonar scanner runs code quality check.
However, i want sonar scanner to execute first.
Can someone please guide me on how i can achieve this ?
Are you using the Sonar Scanner for maven plugin?
https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-maven/
You should just be able to add 'sh mvn clean build sonar:sonar' in your Jenkins pipeline and the plugin will do the rest. It will run the unit test, run jacoco if you have it configured, and report it back to sonar.

How can use SonarScanner from Jenkins while running on a different server (than Sonar)?

I use Jenkins for Continuous Integration, and I plan to add SonarQube to its tasks. I know it is possible to run SonarQube server and database remotely from the scanner, thanks to the documentation.
I tried to install sonarqube and sonarscanner plugins in Jenkins, setting up a slave connected to the server hosting sonarqube and sonarscanner, but Jenkins can't trigger a scan.
I also don't understand how Sonar would get the code ? Is Jenkins supposed to send it all to the server ?
Or do I have to manage the pulling from the repository on the server hosting Sonar ?
You're correct, the scanner must be on the build machine.

SonarQube Plugin for Jenkins does not find SonarQube Scanner executable

I am trying to run the SonarQube Scanner within Jenkins as a post-build step. However, I keep getting the error message below:
------------------------------------------------------------------------
SONAR ANALYSIS FAILED
------------------------------------------------------------------------
FATAL: SonarQube Scanner executable was not found for SonarQube
Build step 'Execute SonarQube Scanner' marked build as failure
From similar questions on stackoverflow I read that one should choose "Install automatically" for the SonarQube Scanner, which I have done.
My configurations is as follows:
SonarQube 6.0
Jenkins 1.609.3
SonarQube Plugin 2.4.4
SonarQube Servers
SonarQube Scanner
Build-step
Make sure you are giving path in Global Tool Configuration correctly.
Give the path of folder in which bin folder is exists inside that folder.
Step1 : 1st find where the sonar_scanner bin is available -
root#test1sp117:/opt/sonar_scanner/sonar-scanner-3.0.3.778-linux# ls
bin conf jre lib
Step2 : Give the correct path in Manage Jenkins --> Global Tool Configuration --> SonarQube Scanner
You may want to ensure that both SonarQube and SonarQubeRunner are installed. You would need to configure the SonarQube Runner bin in the Tool Configuration of Jenkins and not the SonarQube server. This fix worked for us.
When you config SonarQube Scanner in Manage Jenkins --> Global Tool Configuration --> SonarQube Scanner, besides select "Install automatically", you also need to add a installer.
See screenshot here:
SonarQube Scanner --> Add Installer

How to configure Sonarqube with Jenkins and Perforce

How do I implement Sonarqube with Jenkins and Perforce,I have configured Sonarqube in our server and our source code is in Perforce,I know we can install perforce plugin in Sonarqube,so if I configure perforce plugin in Sonarqube ,will it fetch the latest code from perforce and analyse it?
SonarQube will not fetch source code by itself. You have to configure Jenkins to do that (there is a Jenkins plugin for Perforce).
Once your Jenkins job properly fetch source code, you can run a SonarQube analysis using a SonarQube Scanner step.
You should now have your source code properly analyzed and browsable in SonarQube.
On top of that you can install and configure the SonarQube Perforce plugin that will collect blame of all analyzed files and then allow to automatically assign issues to the last committer (but that's not mandatory).

Do I need sonar and sonar runner for Jenkins?

I want to set up Sonar with Jenkins. But I'm not sure if the Sonar site describes two different ways to do this or if there are two necessary steps:
As far as I understood it, it's two different ways. If this is the case, what is the difference and what are the advantages and disadvantages (between the Sonar itself and Sonar runner)?
If you want to analyse a project with SonarQube and Jenkins, here's what you need:
A SonarQube server up and running
A Jenkins server up and running with the SonarQube Scanner for Jenkins installed and configure to point to your SonarQube server
A job configured to run a SonarQube analysis on your project:
Using the default and standard SonarQube Scanner (suitable for most projects)
Using the SonarQube Scanner for MSBuild (for .NET solutions)
Using a post build action for Maven-based projects
Everything is described more in details on the SonarQube Scanner for Jenkins documentation page.

Resources