Refactor Jenkins pipeline to enhance SonarQube analysis by setting the global SONAR_SCANNER_PATH and improving scanner installation process

2025-10-03 15:29:26 +02:00 · 2025-10-03 15:29:26 +02:00 · 22dac4413c
parent 022cc3c32f
commit 22dac4413c
1 changed files with 29 additions and 14 deletions
--- a/Jenkins/Build.Jenkinsfile
+++ b/Jenkins/Build.Jenkinsfile
@ -3,6 +3,11 @@ pipeline {
    // Defines the execution environment. Using 'agent any' to ensure an agent is available.
    agent any 

+    // Global environment variable to store the path to the manually installed scanner.
+    environment {
+        SONAR_SCANNER_PATH = ''
+    }
+
    stages {
        // Stage 1: Checkout the code (Relies on the initial SCM checkout done by Jenkins)
        stage('Source Checkout') {
@ -20,10 +25,8 @@ pipeline {
                    sudo apt-get install -y curl unzip nodejs
                    
                    # 1. Install Node.js v20 
-                    # We are using the package manager approach which we fixed earlier
                    curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
                    sudo apt-get install -y nodejs
-                    
                    echo "Node.js version: \$(node -v)"
                    
                    # 2. Install pnpm globally (version 8)
@ -31,11 +34,11 @@ pipeline {
                    echo "pnpm version: \$(pnpm -v)"
                '''

-                // --- MANUALLY INSTALL THE SONAR SCANNER CLI ---
-                // We do this to work around the path injection failure of the SonarQube plugin.
+                // --- MANUALLY INSTALL THE SONAR SCANNER CLI (FIXED GROOVY SCOPE) ---
                script {
                    sh """
                        echo "Manually downloading and installing Sonar Scanner CLI..."
+                        
                        # Download the stable scanner CLI package
                        curl -sS -o sonar-scanner.zip \
                        "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.7.0.2747.zip"
@ -43,12 +46,20 @@ pipeline {
                        unzip -q sonar-scanner.zip -d .
                        
                        # Find the extracted directory name 
-                        def scannerDir = sh(returnStdout: true, script: 'find . -maxdepth 1 -type d -name "sonar-scanner*" | head -n 1').trim()
+                        def scannerDir = \$(find . -maxdepth 1 -type d -name "sonar-scanner*" | head -n 1)
                        
-                        # Add the scanner's bin directory to the execution PATH for subsequent steps
-                        echo "Adding ${scannerDir}/bin to PATH"
-                        env.PATH = "\$PATH:\$PWD/${scannerDir}/bin"
+                        echo "Scanner extracted to: \${scannerDir}"
+                        
+                        # Set the global environment variable (SONAR_SCANNER_PATH) 
+                        // This allows us to run the scanner by full path in the next stage
+                        echo "SONAR_SCANNER_PATH=\${scannerDir}/bin" > .scanner_path.env
                    """
+                    // Load the environment variable set by the shell script 
+                    // This is the correct way to pass shell variables back to Groovy/Jenkins environment
+                    def scannerPath = readProperties file: '.scanner_path.env'
+                    env.SONAR_SCANNER_PATH = "${env.WORKSPACE}/${scannerPath.SONAR_SCANNER_PATH}"
+                    
+                    echo "Global Sonar Path set to: ${env.SONAR_SCANNER_PATH}"
                }
            }
        }
@ -61,7 +72,7 @@ pipeline {
            }
        }

-        // Stage 4: Run SonarQube analysis using the plugin's variables but the manually added executable path.
+        // Stage 4: Run SonarQube analysis using the plugin's variables and the manual path.
        stage('SonarQube Analysis') {
            steps {
                script {
@ -69,16 +80,20 @@ pipeline {
                    def commitShaShort = sh(returnStdout: true, script: 'git rev-parse --short=8 HEAD').trim()
                    echo "Commit SHA (short) is: ${commitShaShort}"
                    
-                    // 2. Use withSonarQubeEnv to set up the secure variables (which worked last time)
-                    // IMPORTANT: Replace 'YOUR_SONAR_INSTALLATION_NAME' 
+                    // 2. Use withSonarQubeEnv to set up the secure variables (HOST and TOKEN)
+                    // The 'SonarQube-Server' name is used as per your previous log.
                    withSonarQubeEnv(installationName: 'SonarQube-Server') {
-                        // 3. Execute sonar-scanner CLI (which is now in PATH)
+                        // 3. Execute the scanner using the manually determined full path.
+                        // We rely on the sonar-project.properties file for the project key.
                        sh """
                            echo "Starting SonarQube Analysis for project version: ${commitShaShort}"
-                            # SONAR_HOST_URL and SONAR_TOKEN are injected by withSonarQubeEnv
-                            sonar-scanner \\
+                            
+                            \${SONAR_SCANNER_PATH}/sonar-scanner \\
                                -Dsonar.projectVersion=${commitShaShort} \\
                                -Dsonar.sources=.
+                                
+                            # SONAR_HOST_URL and SONAR_TOKEN are automatically passed as environment variables
+                            # by the withSonarQubeEnv block.
                        """
                    }
                }