How-to add SonarQube Checks to a Gradle Build

This post is about how-to integrate SonarQube into your Gradle powered development process with Docker and Jenkins.

SonarQube - The leading product for Continuous Code Quality”

Gradle with SonarQube

Integrating SonarQube into your Gradle build is as easy as adding the plugin org.sonarqube with:

plugins {
  id "org.sonarqube" version "2.6.2"

and running the command ./gradlew sonarqube. Add the System property<hostname>:<port> in case your service is not running locally…

Since this wouldn’t be worth a post I decided to add two bonus chapters ;-)

Bonus I: Run SonarQube with Docker Compose

In the following Setup, we’ll use the official Docker image for SonarQube: sonarqube.

The main piece infrastructure wise is the docker-compose.yaml file:

    image: sonarqube:6.7.5-alpine
      - postgres
      - sonarqube:/opt/sonarqube
      - postgres:db


With docker-compose up sonarqube you can spin up your local SonarQube which will be available on port 9000

Tip: If you want to use a PostgreSQL as backend you might want to have a look at our post Using a PostgreSQL with Docker like a Pro covering the database part of this scenario.

You’ll also need to configure the database connection in your sonar environment:

      - SONARQUBE_JDBC_URL=jdbc:postgresql://postgres:5432/sonar

Bonus II: Run SonarQube behind NGinx

In case you want a simple basic authentication before your SonarQube instance you can add the following snippet to your NGinx configuration:

location ^~ /sonar { proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Authorization ""; auth_basic “SonarQube”; auth_basic_user_file /etc/sonarqube/htaccess; proxy_pass; }

Note: Did you spot the Authorization ""; header, which gave me some headaches…?!

In the docker-compose.yaml we added a command: -Dsonar.web.context=/sonar to be passed to the entry point to change the context to match our NGinx location.

Safer coding…with Quality Gates

Show Comments