Refactor Jenkins pipeline to streamline Node.js setup and enhance SonarQube analysis stage

Jenkins/Build.Jenkinsfile

@@ -4,44 +4,28 @@ pipeline {
     agent any 
 
     stages {
+        // Stage 1: Checkout the code (Relies on the initial SCM checkout done by Jenkins)
+        stage('Source Checkout') {
+            steps {
+                echo "Workspace already populated by the initial SCM checkout. Proceeding."
+                // No explicit checkout needed, as the initial checkout is successful.
+            }
+        }
+
         // Stage 2: Setup Node.js v20 and install pnpm
         stage('Setup Environment') {
             steps {
+                // Simplified environment setup based on previous successful execution.
                 sh '''
-                    ATTEMPTS=0
-                    MAX_ATTEMPTS=5
-                    
-                    # Function to robustly run apt commands with retries in case of lock conflict
-                    install_with_retry() {
-                        CMD=\$1
-                        ATTEMPTS=0
-                        while [ \$ATTEMPTS -lt \$MAX_ATTEMPTS ]; do
-                            # Run update first, then the command
-                            if sudo apt-get update && \$CMD; then
-                                return 0 # Success
-                            else
-                                ATTEMPTS=\$((ATTEMPTS + 1))
-                                if [ \$ATTEMPTS -lt \$MAX_ATTEMPTS ]; then
-                                    echo "Apt lock detected or command failed. Retrying in 5 seconds (Attempt \$ATTEMPTS of \$MAX_ATTEMPTS)..."
-                                    sleep 5
-                                fi
-                            fi
-                        done
-                        echo "Failed to execute apt command after \$MAX_ATTEMPTS attempts."
-                        return 1 # Failure
-                    }
-                    
-                    # 1. Install curl (required for NodeSource script)
-                    install_with_retry "sudo apt-get install -y curl" || exit 1
-                    
-                    # 2. Install Node.js v20 (closest matching the specified version '20.17.0')
-                    # This step uses curl (installed above) and needs its own apt-get execution.
+                    # 1. Install Node.js v20 (closest matching the specified version '20.17.0')
+                    # We assume 'curl' is available and installation proceeds without lock conflicts now.
+                    echo "Setting up Node.js v20..."
                     curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
-                    install_with_retry "sudo apt-get install -y nodejs" || exit 1
+                    sudo apt-get install -y nodejs
                     
                     echo "Node.js version: \$(node -v)"
                     
-                    # 3. Install pnpm globally (version 8)
+                    # 2. Install pnpm globally (version 8)
                     npm install -g pnpm@8
                     echo "pnpm version: \$(pnpm -v)"
                 '''
@@ -56,7 +40,7 @@ pipeline {
             }
         }
 
-        // Stage 4: Retrieve secrets from Vault and run SonarQube analysis
+        // Stage 4: Run SonarQube analysis using the Jenkins plugin's environment.
         stage('SonarQube Analysis') {
             steps {
                 script {
@@ -64,25 +48,19 @@ pipeline {
                     def commitShaShort = sh(returnStdout: true, script: 'git rev-parse --short=8 HEAD').trim()
                     echo "Commit SHA (short) is: ${commitShaShort}"
                     
-                    // 2. Retrieve secrets from HashiCorp Vault using the dedicated plugin binding.
-                    withCredentials([
-                        // Requires the Jenkins HashiCorp Vault Plugin
-                        [$class: 'VaultSecretCredentialsBinding',
-                         vaultSecrets: [
-                             // Map key 'SONAR_TOKEN' from Vault path 'postiz/data/ci/sonar' to Jenkins environment variable 'SONAR_TOKEN'
-                             [$class: 'VaultSecret', secretPath: 'postiz/data/ci/sonar', secretKey: 'SONAR_TOKEN', envVar: 'SONAR_TOKEN'],
-                             // Map key 'SONAR_HOST_URL' from Vault path 'postiz/data/ci/sonar', to Jenkins environment variable 'SONAR_HOST_URL']
-                             [$class: 'VaultSecret', secretPath: 'postiz/data/ci/sonar', secretKey: 'SONAR_HOST_URL', envVar: 'SONAR_HOST_URL']
-                         ]]
-                    ]) {
+                    // 2. Use withSonarQubeEnv to set up the environment and PATH for sonar-scanner.
+                    // IMPORTANT: Replace 'YourSonarServerName' with the name you configured 
+                    // for your SonarQube server instance in Jenkins (Manage Jenkins -> Configure System).
+                    withSonarQubeEnv(installationName: 'YourSonarServerName') {
                         // 3. Execute sonar-scanner CLI
                         sh """
                             echo "Starting SonarQube Analysis for project version: ${commitShaShort}"
                             sonar-scanner \\
                                 -Dsonar.projectVersion=${commitShaShort} \\
-                                -Dsonar.token=\${SONAR_TOKEN} \\
-                                -Dsonar.host.url=\${SONAR_HOST_URL}
-                                # Add other analysis properties here if needed (e.g., -Dsonar.projectKey=...)
+                                -Dsonar.sources=. \\
+                                -Dsonar.host.url=\${SONAR_HOST_URL} \\
+                                -Dsonar.token=\${SONAR_TOKEN}
+                                # Add -Dsonar.projectKey=YourKeyHere if not defined in sonar-project.properties
                         """
                     }
                 }