Menu
Currently on my project, each pull-Request on the organization-repository are build automatically by Jenkins, as specified in a jenkinsfile.
When the build end, a message in send by Jenkins to github with the status of the build of this project.
I want to send a Sonar analyse to the conversation of the pull-request, but only for the file/code who have been updated by the pull request.
info for the bounty:
924
Pull Request Analysis. Pull Request analysis is available as part of Developer Edition and above. Pull Requests (PRs) are visible in SonarQube from the branches and pull requests dropdown menu of your project. PR analysis allows you to: see your PR's Quality Gate status in the SonarQube UI.
In this article, we will discuss SonarQube integration with the Jenkins pipeline. SonarQube checks code quality and code security to enable the writing of cleaner and safer code. It currently supports code analysis in 27 programming languages using different plugins available for the default standard rule set.
SonarQube is one of the most widely used tools for code analysis. In this article, we have covered how to configure SonarLint, GitHub app, and pull request decoration with GitHub and SonarQube.
SonarQube supports integration with version control tools like GitHub, Azure DevOps, Bitbucket and GitLab to provide insists for code reviews by performing branch and pull requests analysis. Native integration with CI / CD tools like Jenkins enables scheduled or automatic analysis.
As you haven't received an answer in 10 months i am going to help where i can Here is my working example for GitLab but you should be able to change this as the plugins are similar (https://wiki.jenkins.io/display/JENKINS/GitHub+Plugin#GitHubPlugin-Settingcommitstatus):
#!groovy
pipeline {
options {
buildDiscarder(
logRotator(artifactDaysToKeepStr: '21', artifactNumToKeepStr: '4', daysToKeepStr: '21', numToKeepStr: '4')
)
gitLabConnection('GitLab')
}
agent any
tools {
maven 'Default Maven'
jdk 'DefaultJDK'
}
stages {
stage('Build') {
steps {
sh "mvn clean install -U"
}
}
stage('Source Code Analysis') {
steps {
withMaven() {
sh "mvn " +
"-Dsonar.branch='${env.BRANCH_NAME}' " +
"-Dsonar.analysis.mode=preview " +
"-Dsonar.gitlab.commit_sha=\$(git log --pretty=format:%H origin/master..'${env.BRANCH_NAME}' | tr '\\n' ',') " +
"-Dsonar.gitlab.ref_name='${env.BRANCH_NAME}' " +
"sonar:sonar"
}
withMaven() {
sh "mvn -Dsonar.branch='${env.BRANCH_NAME}' sonar:sonar"
}
}
}
}
post {
success {
echo 'posting success to GitLab'
updateGitlabCommitStatus(name: 'jenkins-build', state: 'success')
}
failure {
echo 'posting failure to GitLab'
updateGitlabCommitStatus(name: 'jenkins-build', state: 'failed')
}
always {
deleteDir()
}
}
}
This includes various bits but covers what you are trying to do, the sonar analysis occurs in two parts preview (which comments on the commit and these comments are transferred to a merge request when opened) and then a normal analysis afterwords
Within the project pom i also have defined:
<sonar.gitlab.project_id>${gitlab.project_id}</sonar.gitlab.project_id>
<sonar.gitlab.unique_issue_per_inline>true</sonar.gitlab.unique_issue_per_inline>
<sonar.gitlab.user_token>GITLAB_USER_TOKEN</sonar.gitlab.user_token>
<sonar.gitlab.url>${git.hostname.url}</sonar.gitlab.url>
If you add these and replace the missing bits i believe this will solve your issue.
Edit: I believe you need the following options for github instead of the GitLab one:
-Dsonar.analysis.mode=preview \
-Dsonar.github.pullRequest=$PULL_REQUEST_ID \
-Dsonar.github.repository=myOrganisation/myProject \
-Dsonar.github.oauth=$GITHUB_ACCESS_TOKEN \
-Dsonar.host.url=https://server/sonarqube \
-Dsonar.login=$SONARQUBE_ACCESS_TOKEN
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
