Incorporate Sonar into Jenkins

Sonar is a integrated code quality tool primarily for JAVA, but also support other languages such as javascript, C# etc. with plugin.

Jenkins is the most popular "Continous Integration" tool.

There're two way to incorporate Sonar as a build step into Jenkins job:  Standalone sonar runner  OR sonar-maven-plugin

(Here assumes you already installed Jenkins.)

Install Sonar

1. Need to install a sonar instance, download from http://www.sonarsource.org/downloads
2. start sonar service. E.g on a 64bit linux server, use:   

   $ <sonar-path>/bin/linux-x86-64/sonar.sh start

   
   
3. the you can access http://127.0.0.1:9000  as Sonar URL. Note: By default the built-in H2 database does not support other server to access this sonar instance remotely by the IP/URL, unless you manually config it to use your own database instance like mysql.
4. if you want to analyze javascript other than JAVA, download a sonar plugin:  http://docs.codehaus.org/display/SONAR/JavaScript+Plugin
5. download and install sonar-runner if you don't use sonar-maven-plugin:  http://docs.codehaus.org/display/SONAR/Installing+and+Configuring+Sonar+Runner
6. config sonar in Jenkins:  http://127.0.0.1:8080/jenkins/configure

A javascript project with standalone runner

1. add a post-build step of "Invoke Standalone Sonar Analysis"
2. in the Project properties field
3. assume you already use Cobertura running unit tests

# required metadatasonar.projectKey=<project.key>sonar.projectName=<projectName>sonar.projectVersion=1.0.0# path to source directories (required)sonar.sources=<path to source code># Uncomment this line to analyse a project which is not a java project.# The value of the property must be the key of the language.sonar.language=javascript

A JAVA project with standalone runner

1. add a post-build step of "Invoke Standalone Sonar Analysis"
2. in the Project properties field
3. assume you already use Cobertura running unit tests, so to reuse the report

# required metadatasonar.projectKey=<project.key>sonar.projectName=<projectName>sonar.projectVersion=1.0.0# path to source directories (required)sonar.sources=<path to source code># Uncomment this line to analyse a project which is not a java project.# The value of the property must be the key of the language.sonar.language=javasonar.dynamicAnalysis=reuseReportssonar.surefire.reportsPath=<absolute path to TEST-*.xml>sonar.core.codeCoveragePlugin=coberturasonar.cobertura.reportPath=<absolut path to project>/cobertura/coverage.xml

A JAVA(maven) project with sonar-maven-plugin

1. add below properties in pom.xml  (assume using emma but not reuse the report.  For other tool like jacoco, cobertura, see http://docs.codehaus.org/display/SONAR/Code+Coverage+by+Unit+Tests )
2. add a post-build action of "Sonar"

  <properties>    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>    <sonar.language>java</sonar.language>        <!-- Tells Sonar to reuse existing reports -->    <sonar.dynamicAnalysis>true</sonar.dynamicAnalysis>        <!-- Tells Sonar where the unit tests execution reports are -->    <sonar.surefire.reportsPath>reports/junit</sonar.surefire.reportsPath>        <!-- Tells Sonar to use Emma as the code coverage tool -->    <sonar.core.codeCoveragePlugin>emma</sonar.core.codeCoveragePlugin>        <!-- Tells Sonar where the unit tests code coverage reports are -->    <sonar.emma.reportPath>reports/emma</sonar.emma.reportPath>  </properties>

More Examples:

https://github.com/SonarSource/sonar-examples