5

I have an angularjs project. the project has a Jenkinsfile(declarative pipeline) which can build the jenkinsjob when a push is done. I'm trying to include a sonarqube action here for static scan. Searched a lot for angular projects with my scenario. but most of the examples i checked have pom.xml file(cause they were either java related projects).

I have written a sonar-projects.properties in root and added all necessary item:

sonar.projectKey=apols:webproject
sonar.projectName=webproject
sonar.projectVersion=1.0.0
sonar.projectDescription=Static analysis for the AppName
sonar.sources=www
sonar.exclusions=**/node_modules/**,**/*.spec.ts,**/dist/**,**/docs/**,**/*.js,**/coverage/**
sonar.tests=www 
sonar.test.inclusions=**/*.spec.ts
sonar.ts.tslint.configPath=tslint.json
sonar.javascript.lcov.reportPaths=coverage/lcov.info
sonar.ts.coverage.lcovReportPath=coverage/lcov.info

My Jenkinsfile's sonar scan portion -

stage('Sonarqube') {
     steps {
        container('maven') {
            script {
               withSonarQubeEnv('SonarQube') {
                  sh 'mvn clean package sonar:sonar'
               }
               timeout(time: 10, unit: 'MINUTES') {
                    waitForQualityGate abortPipeline: true
               }
            }
        }
     }
}

As you can see i'm using the maven container in jenkins.

When the jenkins job runs, when it executes this line in Jenkinsfile - sh 'mvn clean package sonar:sonar' , it checks for the pom.xml file and fails. So how can i point this to my sonar-projects.properties . Please help

Piyal George
  • 313
  • 5
  • 20
  • If I understand you are not using maven for your project ? so don't call mvn command. Use sonar scanner with "sh sonar-scanner ... " ok ? – Maxence Lecointe Mar 01 '19 at 16:54
  • @MaxenceLecointe, Thanks for your response. No, i'm not using maven for the project. I know we can set sonar-scanner from jenkins-job configuration. But In our work the client doesn't provide that from their side. But we can do anything from coding side. like in above case, the 'maven' container used is from jenkins.yaml file. So is it possible to have the 'sonar-scanner' container in jenkins.yaml file so that i can use it in jenkinsfile? – Piyal George Mar 02 '19 at 05:28

1 Answers1

2

You have to execute native SonarQube Scanner instead of SonarQube Scanner for Maven.

stage('Sonarqube') {
    steps {
        container('SonarQubeScanner') {
            withSonarQubeEnv('SonarQube') {
                sh "/usr/local/sonar-scanner"
            }
            timeout(time: 10, unit: 'MINUTES') {
                waitForQualityGate abortPipeline: true
            }
        }
    }
}

container('SonarQubeScanner') and sh "/usr/local/sonar-scanner" are just examples, but there are many docker containers with SonarQube Scanner, see Docker Hub.

Read more about Analyzing with SonarQube Scanner.

How to do it without containers: How to execute SonarQube scanner in Jenkins Declarative Pipeline without Maven and Docker

agabrys
  • 8,728
  • 3
  • 35
  • 73
  • I'm getting the report in sonarqube's server. But the code coverage is nothing. Remaining all the values are 0. Lines of Code is also not shown. Is there any problem with the above sonar-project.properties. ? – Piyal George Mar 04 '19 at 14:02
  • It is not recommended to ask new questions in comments ;) I've checked it and `sonar.ts.coverage.lcovReportPath` should be replaced by `sonar.typescript.lcov.reportPaths` (see [SonarTsPlugin #177](https://github.com/Pablissimo/SonarTsPlugin/issues/177)) – agabrys Mar 04 '19 at 16:45