Decorating a Pull Request — Jenkins + Bitbucket + SonarQube

  • Jenkins: 2.249.3
  • SonarQube: 8.1 (Developer Edition)
  • Bitbucket Server: 7.2.1

Jenkins Configuration

  • Create a new “Multibranch Pipeline”
  • In the “Branch Sources” tab select “Add Source”
  • Select “Bitbucket”
  • Select a server — if you are using a custom Bitbucket Server make sure you add your private server. Jenkins will not be able to find your repository if you use the “Bitbucket Cloud” option. You can add your server on the main Jenkins plugin management page.
  • Add your credentials
  • Set the owner — the name of the Bitbucket Team, Bitbucket User Account, or Bitbucket Project. (e.g. https://bitbucket.org/testuser/my-project/src/master/)
  • Set the repository name — the name of repository to scan (e.g. https://bitbucket.org/testuser/my-project/src/master/)
  • At minimum, make sure “Discover pull requests from origin” is defined in the behaviors section — This behavior sends the CHANGE_ID environment variable to our pipeline so we can use it in the SonarQube scan.
Jenkins Multibranch Pipeline Branch Source Behaviors
  • Hit “Save”

SonarQube

Scan Configuration

sonar.pullrequest.key
sonar.pullrequest.branch
sonar.pullrequest.base
// Define the keys
def prKey = "-Dsonar.pullrequest.key=${env.CHANGE_ID}"
def prBranch = "-Dsonar.pullrequest.branch=${env.CHANGE_BRANCH}"
def prBase = "-Dsonar.pullrequest.base=${env.CHANGE_TARGET}"
// Run the scan
sh "${scannerHome}/bin/sonar-scanner ${prKey} ${prBranch} ${prBase}"

Server Configuration

  • Navigate to your repositories project
  • Under the “administration” tab select “General Settings”
SonarQube Project Administration
  • On the left-hand side select “Pull Request Decoration”
  • Add your repository details — if you do not have anything for configuration name you can add your server in the SonarQube’s main administration page (Administration > Pull Request Decoration > Bitbucket Server).
  • Save those changes

Bitbucket Configuration

  • Navigate to your repository settings
  • Select “Code Insights”
  • Requirement: com.sonarsource.sonarqube
  • Required status: Must pass
  • Annotation requirements: Must not have any annotations
Bitbucket code Insight configuration
  • Click “Add”
SonarQube output

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store