Amalia Hajarani

Posted on Nov 22, 2023

How to: SonarQube Code Coverage in Jenkins with Maven Project

#jenkins #maven #sonarqube

Hallo dear everyone whoever read this post. Today I'd love to share my learning journey with Jenkins. In today's post I will be using this code as my use case and I'll be cooking from scratch which is installing Jenkins until we have the final dish of seeing the code coverage of our maven project in SonarQube.

Prerequisite

Installed Java version of 17 and have it configured in environment variable
Installed Maven version of 3.9.5 and have it configured in environment variable

Installing Jenkins

Since I'm on Windows 10, I downloaded Jenkins lts version (mine is 2.426.1 LTS) from this official link.
Open the installer and click Next.
I'm going to use the default path so I just click Next.
Since I cannot remember my own credential, I choose the Run service as LocalSystem. Then, click Next.
I choose the default port which is 8085. Click Test Port then proceed to Next.
Choose your java version. Mine is 17. If the path is correct, just click Next.
I don't understand what is happening here, so I assume it is safe to just click Next.
And now Jenkins is ready to be installed! Don't forget to click the Install button. After that you might have to wait for a few times until installation is finish.
Now that installation is finished already, we can move on by clicking Finish button.

Installing and Prepare SonarQube

I downloaded the latest version of SonarQube from this official link. The version is now at Version 10.3.
Unzip the file in your dedicated folder. Mine is on D: drive.
We might cannot start the SonarQube just now because we have to do thing to make sure the configuration is working.
To make things easier, open sonar.properties in code editor. You can find the file by entering the unzip directory result, go to conf directory, and there laying the sonar.properties. Now I uncomment few things in that file such as below lines:
```
sonar.web.host=0.0.0.0
sonar.web.port=9000
sonar.search.port=0 // For this line you might want to change the port as well. Mine is from `9001` to `0`
```
Don't forget to save after making those changes.
Now let's try to run SonarQube server by going to bin directory, it is at the same level as conf directory. Choose the directory that match your operating system. For me, I choose windows-x86-64.
Open command prompt from that directory.
Run this command:
```
StartSonar.bat
```
If it's working properly this is what will you see at the bottom of command line:

Updating POM.xml

You can find the original resource at here for this step. But it wasn't working at the first try since some of the versions are not compatible with my java version. But the final POM.xml looks like:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.0.0</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.tujuhsembilan</groupId>
    <artifactId>scheduler</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>scheduler</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>17</java.version>
        <jacoco.version>0.8.8</jacoco.version>
        <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
        <sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
        <sonar.jacoco.reportPath>${project.basedir}/../target/jacoco.exec</sonar.jacoco.reportPath>
        <sonar.language>java</sonar.language>
    </properties>
    <dependencies>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-hateoas</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-quartz</artifactId>
        </dependency>

        <dependency>
            <groupId>com.h2database</groupId>
            <artifactId>h2</artifactId>
            <scope>runtime</scope>
        </dependency>

        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-mongodb</artifactId>
        </dependency>

        <dependency>
            <groupId>org.modelmapper</groupId>
            <artifactId>modelmapper</artifactId>
            <version>3.0.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-rest</artifactId>
        </dependency>

        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
            <scope>runtime</scope>
        </dependency>

        <dependency>
            <groupId>org.telegram</groupId>
            <artifactId>telegrambots-spring-boot-starter</artifactId>
            <version>6.1.0</version>
        </dependency>
        <dependency>
            <groupId>org.telegram</groupId>
            <artifactId>telegrambots-abilities</artifactId>
            <version>6.7.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>org.jacoco</groupId> 
            <artifactId>jacoco-maven-plugin</artifactId>
            <version>0.8.6</version>
        </dependency>

    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
            <plugin>
                <groupId>org.jacoco</groupId>
                <artifactId>jacoco-maven-plugin</artifactId>
                <version>${jacoco.version}</version>
                <executions>
                    <execution>
                        <id>jacoco-initialize</id>
                        <goals>
                            <goal>prepare-agent</goal>
                        </goals>
                    </execution>
                    <execution>
                        <id>jacoco-site</id>
                        <phase>package</phase>
                        <goals>
                            <goal>report</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>
    <repositories>
        <repository>
            <id>spring-releases</id>
            <name>Spring Releases</name>
            <url>https://repo.spring.io/libs-release</url>
        </repository>
    </repositories>
    <pluginRepositories>
        <pluginRepository>
            <id>spring-releases</id>
            <name>Spring Releases</name>
            <url>https://repo.spring.io/libs-release</url>
        </pluginRepository>
    </pluginRepositories>

</project>

Running SonarQube in Local Environment

Now that I have the SonarQube and the project ready, I tried to run it, but some problem happened related to my maven settings. I hope you're not going to have the problem, but this is how I update my maven settings (you can find the settings at MAVEN_HOME/conf):

Adding sonarscanner plugin group.

<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>

Adding sonar profile.

    <profile>
        <id>sonar</id>
        <activation>
            <activeByDefault>true</activeByDefault>
        </activation>
        <properties>
            <!-- Optional URL to server. Default value is http://localhost:9000 -->
            <sonar.host.url>
              http://localhost:9000
            </sonar.host.url>
        </properties>
    </profile>

Now, let's try to run SonarQube locally using command prompt

Open command prompt from the root of the project and run:
```
mvn clean install
```
If the build success you will have this on your command prompt:
Start the SonarQube server
Get back to the project command line and run:
```
mvn sonar:sonar -Dsonar.login=admin -Dsonar.password=admin
```
I did not change any credential, so by default the credential should be as what written above.
If the build succeed, you might wanna see some previous line to know where you can open the coverage result. Mine is at http://localhost:9000/dashboard?id=com.tujuhsembilan%3Ascheduler. Disclaimer: you might need to login for the first time using the default credentials and have to change your password, but after that you should be good to go.

Creating Jenkins Maven Project and Implementing SonarQube

Configuring Jenkins for the first time

Open localhost:8085. Jenkins is automatically start by default. From here, I will use the picture from the official site since mine is already unlcoked. You will have to unlock jenkins by inputing the password provided in red block. Then click continue.
You will be asked to install some plugins. I choose the Install suggested plugins.
Now you will be redirected to creating admin user. Just fill it as you wish and then click Save and Continue.
After that put http://localhost:8085/ as Jenkins URL and click Save and Finish.
You are now supposed to be at the dashboard.

Configuring SonarQube Scanner Plugin in Jenkins

In the Dashboard, click Manage Jenkins.
Choose Plugins.
Choose Available Plugin and search SonarQube Scanner for Jenkins. Tick the checkbox and click Install.

Configuring Tools

In the Dashboard, click Manage Jenkins.
Choose Tools.
Add JDK installations and fill it with your JAVA_HOME.
Add Maven installations and fill it with your MAVEN_HOME.

Getting SonarQube Token

Make sure that SonarQube server is still running.
Go to http://localhost:9000/.
On the right corner, click on your initial and choose My Account
Go to Security tab.
Fill the field and click Generate.
Copy the token to somewhere save because we are not able to see it again.

Configuring System

In the Dashboard, click Manage Jenkins.
Choose System.
Go to SonarQube servers. Tick the check box for Environment variables.
Add SonarQube installations.
Fill the name and Server URL
In Server authentication token field, click Add.
Choose Jenkins.
Add Kind dropdown, choose Secret text.
Leave the scope.
Enter the SonarQube secret token that you copy before.
Fill the ID with some name that make it easier to know what credential is that for.
Click Add.
Back to Server authentication token field, click the dropdown and choose the newly generated credential.
Click Save.

Creating Maven Project

In the dashboard, click New Item.
Enter the project name and choose Maven Project. Then Click OK.
Now we are going to configure build settings.
In Source Code Management section, choose Git. Make sure you alredy push the latest change especially the POM.xml change to your repository.
Enter your repository URL that you usually use to clone the project.
In credential fields, click Add, choose Jenkins.
In Kind dropdown, choose Username with password.
Leave the Scope.
Enter your github username.
Enter your github password.
Again, fill the ID with some name that make it easier to know what credential is that for.
click Add.
Back to credential field dropdown, choose your github credential.
Moving to Build Environment section, tick the Prepare SonarQube Scanner environment, and again in the dropdown, choose the SonarQube token credential.
Moving to the Build section you want to add this to the Goals and options.
```
clean install $SONAR_MAVEN_GOAL
```
Click Save.