Workflow Automation: Jenkins Pipeline with Sonarqube and Gitlab

In this guide, we are going to deploy a continuous integration process between Jenkins, GitLab, and SonarQube. The end goal will be to review the code quality through SonarQube for GitLab repository using Jenkins. Following is the process flow we need to manage: Push code to GitLab from the local machine. Next, checkout code and run tests in Jenkins, here it is acting as a Continuous Integrator. Generate quality report via SonarQube as a code analyser. Setup Jenkins, SonarQube & GitLabs In case, if you haven't set up the required software yet, go through the below-mentioned steps: Step 1: Make sure that your host machine has enough power to run these components, as GitLab alone requires 4 GB of RAM to perform its operations smoothly. To run all three together, you need at least 8 GB of RAM and 20 GB of hard disk space. Step 2: For SonarQube, you need to set the recommended values as a root user on the host machine: $ sysctl -w vm.max_map_count= $ sysctl -w fs.file-max= $ ulimit -n $ ulimit -u 262144 65536 65536 4096 Step 3: For this guide, we are going to use a simple docker-compose.yml file. However, you are free to edit the file as per your requirement. Before launching the containers, please make sure that you change the value of , , , and . Although, along with this, you can also modify the define ports in the file. GITLAB_SECRETS_DB_KEY_BASE GITLAB_HOST SONARQUBE_JDBC_PASSWORD POSTGRES_PASSWORD version: services: jenkins: image: jenkinsci/jenkins:lts container_name: jenkins-container restart: always ports: - - volumes: - - environment: - gitlab: image: gitlab/gitlab-ce:latest container_name: gitlab-container restart: always environment: - GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string - GITLAB_HOST=your-host-ip-here - GITLAB_PORT= - GITLAB_SSH_PORT= ports: - - volumes: - - - sonarqube: image: sonarqube: -community container_name: sonar-container restart: always networks: - sonarnet environment: - SONARQUBE_JDBC_USERNAME=sonar - SONARQUBE_JDBC_PASSWORD=your-strong-password-here - SONARQUBE_JDBC_URL=jdbc:postgresql: ports: - - volumes: - - - - postgressdb: image: postgres: container_name: postgres-container restart: always networks: - sonarnet environment: - POSTGRES_USER=sonar - POSTGRES_PASSWORD=your-strong-password-here - POSTGRES_DB=sonarqube volumes: - - networks: sonarnet: driver: bridge "3.2" "8080:8080" '50000:50000' '/var/run/docker.sock:/var/run/docker.sock' '/data/jenkins/jenkins_home:/var/jenkins_home' "JENKINS_OPTS=--prefix=/jenkins" 10080 10022 "10080:80" "10022:22" '/data/gitlab/config:/etc/gitlab' '/data/gitlab/logs:/var/log/gitlab' '/data/gitlab/data:/var/opt/gitlab' 7.9 .2 //postgressdb:5432/sonarqube "9000:9000" "9092:9092" '/data/sonar/sonarqube_conf:/opt/sonarqube/conf' '/data/sonar/sonarqube_data:/opt/sonarqube/data' '/data/sonar/sonarqube_extensions:/opt/sonarqube/extensions' '/data/sonar/sonarqube_bundled-plugins:/opt/sonarqube/lib/bundled-plugins' 12.1 '/data/postgresql/sonarqube_db:/var/lib/postgresql' '/data/postgresql/postgresql_data:/var/lib/postgresql/data' Now, run the following command to launch the stack: $ docker-compose up -d Note that the installation process is going to take some time, so sit back and have some coffee. You deserve it! Step 4: Now, to verify if all systems are up and running, run this command: $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f54e223417fa gitlab/gitlab-ce:latest minute ago minute ago (healthy) /tcp, : -> /tcp, : -> /tcp gitlab-container f03f69b8 sonarqube minute ago minute ago : -> /tcp sonar-container f554da39fc jenkinsci/jenkins:lts minute ago minute ago : -> /tcp, : -> /tcp jenkins-container "/assets/wrapper" 1 1 443 0.0 .0 .0 10022 22 0.0 .0 .0 10080 80 9102 "./bin/run.sh" 1 1 0.0 .0 .0 9000 9000 05 "/bin/tini --..." 1 1 0.0 .0 .0 8080 8080 0.0 .0 .0 50000 50000 If all went well, then you can access all three of them by following mentioned URLs: Jenkins - http://your-ip-address:8080 SonarQube - http://your-ip-address:9000 GitLab - http://your-ip-address:10080 As you are visiting your Jenkins environment for the first time, it is going to prompt you to enter the administrator password, which was generated during the installation process. To access the password from the container, you can run the following command: $ docker exec -it cat / /jenkins_home/secrets/initialAdminPassword $ gSzHTGfbtXSpcBXMyJ6gzmNfNH7BjhK23 var Once you enter the password, you can select the option . Wait until the download finishes. Install suggested plugin For SonarQube, the default username and password are admin and admin, respectively. Whereas, for GitLab, you will be prompted to enter the new password for the default username root. Configuring Jenkins Pipeline with SonarQube and GitLab integration We will begin with SonarQube. To connect it with Jenkins, you need to generate the token to access the SonarQube instance. SonarQube Configuration: Login into the SonarQube dashboard and go to the Administrator tab. In the Security drop-down menu, select User tab as shown in the below image: Here you will find Administrator user, for which you are going to generate the access token: In the pop-up that displays on your screen, enter the desired name and click on the button. Copy the newly generated token and save it somewhere safe, as you won’t be able to view/copy the generated token again. Generate To establish a connection between GitLab and Jenkins, again, we need to generate an access token, which can be done as mentioned below: GitLab Configuration: To generate an access token, go to your GitLab dashboard and follow . Once you have the token with you, copy it for further use. Dashboard > Setting > Access Tokens This guide assumes that you have already done the basic setup for Jenkins. Now, let’s move to configure GitLab and SonarQube in the Jenkins server. Integrating SonarQube and GitLabs in Jenkins: First, we are going to integrate SonarQube. Go and search for SonarQube. Dashboard > Manage Jenkins > Manage Plugins Make sure you restart Jenkins once the plugin is successfully installed. Once the restart is completed, you have to set up Sonar Scanner, which is a standalone tool used for scanning the source code and send the result to SonarQube Server. Here you are going to install it in the Jenkins container itself, although you are free to launch a separate container for the same purpose. $ docker exec -it bash $ cd / /jenkins_home $ wget https: $ unzip sonar-scanner-cli -linux.zip var //binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.2.0.1873-linux.zip -4.2 .0 .1873 Go back to the Manage Jenkins page and select Global Tool Configuration. In this page, find SonarQube Scanner and add complete the installation: Don’t forget to uncheck as you have to define the installation path of Sonar Scanner explicitly. Install automatically As Jenkins and SonarQube are running in separate docker containers, we need to create a Webhook at SonarQube Server so that both can communicate with each other. To do so, follow : Dashboard > Administrator > Configuration > Webhook Lastly, you have to add the access token you generated on your SonarQube server in Jenkins. Follow the URL or go to , as shown below: http://your-ip-addr-here:8080/credentials/store/system/ Dashboard > Credentials > System Click on link and select “Secret Text” field under : Add Credentials Kind In the Secret field, paste the generated token from SonarQube that you previously created. Now, add the SonarQube server to your Jenkins environment. Go to . Find on the page and add the required details as mentioned below: Dashboard > Manage Jenkins > Configure System SonarQube server Now, you have to add Gitlab in Jenkins, visit . Here, you are going to add the access token you previously created to your Jenkins server. Although, you can also use with username and password. Dashboard > Credentials > System Kind As you are through with the SonarQube and GitLab integration in Jenkins, it’s time to manage other dependencies. In this guide, we are going to use a simple NodeJs application; hence it’s time to install NodeJS on your Jenkins Server. NodeJS Environment in Jenkins: To install NodeJS plugin, go to and search and select NodeJS. Click on the button, as shown in the figure below. Dashboard > Manage Jenkins > Manage Plugins > Available Install without restart Upon successful installation of NodeJS plugin in Jenkins, make sure that you restart Jenkins. To configure NodeJS plugin, go to and find "NodeJS". Click on NodeJS installation button and add the necessary details, as shown in the figure: Dashboard > Manage Jenkins > Global Tool Configuration Give a name and select the NodeJS version as per your requirement; you can also install Global NPM packages and set the refresh rate depending upon the project requirements. Once done, you need to save the configuration. As we are through with the gruesome part of installing and configuring the environment, it’s time to create the project pipeline. Creating Jenkins Pipeline Here you are going to create a pipeline using Declarative Scripted Pipeline. Follow the below steps to get started: Go to Jenkins’ Dashboard and click on the “New Item” link. Now, enter the item name and select option as shown in the figure: Step 1 - Create a New Job Pipeline The below-mentioned simple pipeline script helps you to pull the code from GitLab, quality check via SonarQube, and use NodeJS. Step 2 - Pipeline pipeline { agent any tools {nodejs } stages { stage( ) { steps { git branch: , : , : } } stage( ) { steps { script { def scannerHome = tool ; withSonarQubeEnv( ) { sh sonarqube } } } } stage( ) { steps { nodejs(nodeJSInstallationName: ){ sh } } } } } "nodenv" "Code Checkout from GitLab" 'master' credentialsId 'gitlab_access_token' url 'http://your-ip-here:10080/root/test-project.git' 'Code Quality Check via SonarQube' 'sonarqube' "sonarqube-container" "${tool(" ")}/bin/sonar-scanner \ -Dsonar.projectKey=test-node-js \ -Dsonar.sources=. \ -Dsonar.css.node=. \ -Dsonar.host.url=http://your-ip-here:9000 \ -Dsonar.login=your-generated-token-from-sonarqube-container" "Install Project Dependencies" 'nodenv' "npm install" Make sure that you change the values of GitLab repo URL, SonarQube host URL, and its access token. Add the above-mentioned pipeline script and save it, as shown in the below figure: Now, as you have saved the pipeline script, it’s time to build your application in Jenkins. Go to . Step 3 - Run Pipeline Dashboard > YOUR PROJECT > Build Now As soon as you click the link, Jenkins will start building project as per pipeline script. In Build History, you will see the progress bar for the current build along with the Stage View: Build Now If your build runs successfully, you will be able to see the time taken by each stage, in : Stage View Also, you can visit the SonarQube dashboard to see the project code report, by visiting the link named as "SonarQube" on project pipeline page. That’s it! You have successfully created a Jenkins Pipeline while using SonarQube and GitLab. Now, every time you push the code to the repo, you can build the project, which will show the code quality.