Day 73: Setting Up Plugins & Sonar Pipeline in Jenkins

Shaharyar ShakirShaharyar Shakir
2 min read

In my DevOps journey, today was all about integrating plugins and automating code quality checks with Jenkins, Nexus, and SonarQube.

⚙️ Why Plugins Matter in Jenkins?

Jenkins by itself is powerful, but plugins make it extensible. They allow seamless integration with:

  • Nexus → For artifact storage.

  • SonarQube → For code quality & static analysis.

  • Build Timestamp → For version tagging.

  • Maven & JDK → For build & test lifecycle.

📌 Pipeline Setup for vProfile Project

Here’s the Jenkins Pipeline for fetching and building code:

pipeline {
    agent any
    tools {
        maven "MAVEN3"
        jdk "OracleJDK8"
    }
    stages{
        stage('Fetch code') {
            steps{
                git branch: 'vp-rem', url:'https://github.com/devopshydclub/vprofile-repo.git'
            }
        }

        stage('Build') {
            steps {
                sh 'mvn clean install -DskipTests'
            }
            post {
                success {
                    echo "Now Archiving."
                    archiveArtifacts artifacts: '**/*.war'
                }
            }
        }

        stage('Test') {
            steps {
                sh 'mvn test'
            }
        }

        stage('Checkstyle Analysis') {
            steps {
                sh 'mvn checkstyle:checkstyle'
            }
        }


        }
    }
}

Sonar Cube and Quality gates setup:

   stage('Sonar Analysis') {
            environment {
                scannerHome = tool 'sonar4.7'
            }
            steps {
               withSonarQubeEnv('sonar') {
                   sh '''${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \
                   -Dsonar.projectName=vprofile \
                   -Dsonar.projectVersion=1.0 \
                   -Dsonar.sources=src/ \
                   -Dsonar.java.binaries=target/test-classes/com/visualpathit/account/controllerTest/ \
                   -Dsonar.junit.reportsPath=target/surefire-reports/ \
                   -Dsonar.jacoco.reportsPath=target/jacoco.exec \
                   -Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml'''
              }
            }
        }

        stage("Quality Gate") {
            steps {
                timeout(time: 1, unit: 'HOURS') {
                    waitForQualityGate abortPipeline: true
                }
            }

🛠️ Breakdown of Stages

1️⃣ Fetch Code → Pulls code from GitHub.
2️⃣ Build → Compiles the project & skips tests initially.
3️⃣ Test → Runs Maven unit tests.
4️⃣ Checkstyle → Ensures coding standards are followed.
5️⃣ Sonar Analysis → Runs SonarQube static code analysis.
6️⃣ Quality Gate → Ensures code meets quality thresholds before proceeding.

🚀 Why This Setup is Powerful?

✅ Automates build + test + code analysis.
✅ Prevents poor quality code from entering production.
✅ Ensures artifacts are traceable with Nexus & timestamps.
✅ Supports continuous feedback for developers.

This is the foundation of a professional-grade CI/CD pipeline where code quality is never compromised.

0
Subscribe to my newsletter

Read articles from Shaharyar Shakir directly inside your inbox. Subscribe to the newsletter, and don't miss out.

DevopssonarqubeJenkins plugins

Written by

Shaharyar Shakir
Shaharyar Shakir