SonarQube is one of the popular static code analysis tools. SonarQube is open-source, Java based tool It also needs database as well - Database can be MySQL, Oracle or PostgreSQL. We will use PostgreSQL as it is open source as well.
SonarQube allows you to create quality gate to force the build to fail if some conditions are not met during code analysis.
Please see how to create quality gates in SonarQube:
What we will learn in this lab?
1. Learn how to setup a quality gate in SonarQube
2. How to force the build to fail in Jenkins when quality gate conditions are met?
Quality gates
In SonarQube a quality gate is a set of conditions that must be met in order for a project to be marked as passed.
Let us learn how to create quality gates in SonarQube and integrate with Jenkins during code scan.
Pre-requisites
- Jenkins is up and running
- SonarQube is up and running
- Jenkins and Sonarqube already integrated
Login to SonarQube, Click on Quality gate, enter some name
Once you create the quality gate. Click on Add condition.
Select new bugs from the drop down and enter 1 as error
Choose your Web App, by clicking on App. and select My WebApp
Setup a Default Gate
Configure webhooks in SonarQube
Click on Administration --> Configuration --> Webhooks
Now to go Jenkins, create a pipeline job:
node {
def mvnHome = tool 'Maven3'
stage ("checkout") {
//enter your repo info
}
stage ('Build') {
sh "${mvnHome}/bin/mvn -f MyWebApp/pom.xml clean install"
}
stage ('Code Quality scan') {
withSonarQubeEnv('SonarQube') {
sh "${mvnHome}/bin/mvn -f MyWebApp/pom.xml sonar:sonar"
}
}
stage("Quality Gate") {
timeout(time: 1, unit: 'HOURS') {
waitForQualityGate abortPipeline: true
}
}
}
Now you should see the Jenkins console output like this:
Hi Bro I have tried similar things with my AWS ec2 instance (ubuntu server ) so I have installed SonarQube in ubuntu server and try to start I'm unable to run it , actually its run after sometime is not running .
ReplyDelete--> Wrapper Started as Daemon
Launching a JVM...
Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
2023.10.20 14:14:58 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /opt/sonarqube-6.7.6/temp
2023.10.20 14:14:58 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
2023.10.20 14:14:58 INFO app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='es', ipcIndex=1, logFilenamePrefix=es]] from [/opt/sonarqube-6.7.6/elasticsearch]: /opt/sonarqube-6.7.6/elasticsearch/bin/elasticsearch -Epath.conf=/opt/sonarqube-6.7.6/temp/conf/es
2023.10.20 14:14:58 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
2023.10.20 14:14:58 INFO app[][o.e.p.PluginsService] no modules loaded
2023.10.20 14:14:58 INFO app[][o.e.p.PluginsService] loaded plugin [org.elasticsearch.transport.Netty4Plugin]
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by io.netty.util.internal.ReflectionUtil (file:/opt/sonarqube-6.7.6/lib/common/netty-common-4.1.13.Final.jar) to constructor java.nio.DirectByteBuffer(long,int)
WARNING: Please consider reporting this to the maintainers of io.netty.util.internal.ReflectionUtil
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
2023.10.20 14:15:07 INFO app[][o.s.a.SchedulerImpl] Process[es] is up
2023.10.20 14:15:07 INFO app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [/opt/sonarqube-6.7.6]: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube-6.7.6/temp -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -cp ./lib/common/*:./lib/server/*:/opt/sonarqube-6.7.6/lib/jdbc/mysql/mysql-connector-java-5.1.42.jar org.sonar.server.app.WebServer /opt/sonarqube-6.7.6/temp/sq-process16948139480030879849properties
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by io.netty.util.internal.ReflectionUtil (file:/opt/sonarqube-6.7.6/lib/common/netty-common-4.1.13.Final.jar) to constructor java.nio.DirectByteBuffer(long,int)
WARNING: Please consider reporting this to the maintainers of io.netty.util.internal.ReflectionUtil
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
2023.10.20 14:15:12 INFO app[][o.s.a.SchedulerImpl] Process [web] is stopped
2023.10.20 14:15:12 WARN app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143
2023.10.20 14:15:12 INFO app[][o.s.a.SchedulerImpl] Process [es] is stopped
2023.10.20 14:15:12 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped
<-- Wrapper Stopped
--> Wrapper Started as Daemon
Launching a JVM...
Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
2023.10.20 14:21:09 INFO app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /opt/sonarqube-6.7.6/temp
2023.10.20 14:21:10 INFO app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
Step1: created an EC2 instance,
Deletestep2: Installed Jenkins(working ), SonarQube and MySQL on ubuntu server,
step3: IN AWS I have created a RDS db for storing report of SonarQube,
step4: In ubuntu server I have created db and I edit the SonarQube cong file in sonar file ---> i have updated the RDS endpoint , user,paswd , sonar port and sonar path,
and In wrapper file i have updated the Java path and save it
step5: once all done I started the sonar with non root user and face this error please check and let me know bro