Is Sonarqube server 6.7.3 supporting NPM / Angular / Jenkins

scanner
sonarqube

(ben1) #1

HI,
I am new to Sonarqube

Sonarqube : 6.7.6 LTS (
Sonar Scanner: 3.0.3.778
We work with Angular 6 / NPM / Jenkins Pipeline (jenkins version 2.138.3)

I want to achieve a configuration where multiple developers can use their sonarLint and use central quality gates on Sonarqube server. SonarLint works fine.
I want to achieve that builds are analysed by SonarQube server on build time. That doesn’t work !!
I can do only an analyse with ng lint on build time but this has nothing to do with Sonarqube.

I have tried to add the sonar.projectKey like you see below in my code but this does not work.

If I add the sonar.projectKey to the Jenkins Configuration file then it works but I don’t want that. And Jenkins seems only to accept just one parameter, so if I add sonar.projectKey I can’t add sonar.sources property like it seems.
So if I added in Manage Jenkins -> System Configuration -> Sonarqubeserver -> Aditional Analize properties: sonar.projectKey=“tnextest1”,sonar.sources=. then this wiil not work.

By the way does SonarQube support Angular / NPM ? Because Sonarqube documentation is only supporting Maven / MS Build but not NPM

[https://docs.sonarqube.org/display/SCAN/Advanced+SonarQube+Scanner+Usages](http://SonarQube documentation Jenkins Pipeline)

This is the code I have untill now in my Jenkins pipeline file regarding SonarQube :

stage('SonarQube analysis') {
         steps {
             script {
                 withSonarQubeEnv('SonarQubeServerBPittens') {
                
                def scannerHome = tool 'sonarScanner';
                //sonar.projectKey="tnextest1"
                sh "${scannerHome}/bin/sonar-scanner"
                }
            }      
        }
     }

If I run this then I get this error in Jenkins :

“ERROR: You must define the following mandatory properties for ‘Unknown’: sonar.projectKey, sonar.sources”

How can I add properties like sonar.projectID and sonar.sources ?
Any help will be appriciated, I spent almost 12 hours with to solve this with try and error.
Thanks
Ben


(ben1) #2

Well I have solved it with a sonar-project.properties file. So that’s ok for now. Lets forget about the jenkins pipeline config for now. I am happy if I have a happy flow. But that doesnot work yet.

Next question this error in Jenkins.

INFO: Sensor PythonXUnitSensor [python] (done) | time=142ms
INFO: Sensor SonarCSS Metrics [cssfamily]
INFO: Sensor SonarCSS Metrics [cssfamily] (done) | time=903ms
INFO: Sensor SonarCSS Rules [cssfamily]
ERROR: Failed to get Node.js version. No CSS files will be analyzed.
java.io.IOException: Cannot run program “node”: error=2, No such file or directory
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
at java.lang.Runtime.exec(Runtime.java:620)
at java.lang.Runtime.exec(Runtime.java:450)

Where I must run “node” I tried an install on the Linux sonar server with on bashrc file of the user which runs the server a path to the nodejs location. I tried to restart the server, created a dozen or more configs but it does not work. In Jenkins nodejs is installed in the serverconfig.

The only thing the documentation is telling that I need to install node but HOW ???
Where is the documentation ??

Thanks
Ben


(ben1) #3

Ok I have solved it, maybe you can document this script in your documentation when other developers have the same challenge as that I had:

The Sonarqube documentation really misses NPM Angular/Nodejs docs.

The important thing is if you run it you need to run it in a nodejs environment. The ‘NodeJSAuto’ setting is in Jenkins configured in the manage Jenkins --> Global tool configuration.

pipeline {
agent any
stages {

    stage('Sonar Analyse') {
        steps {
            nodejs(nodeJSInstallationName: 'NodeJSAuto', configId: '') {

                // sonar script moet je in een nodejs module draaien !!
                script {
                    withSonarQubeEnv('My server') {
                    def scannerHome = tool 'sonarScanner';
                    sh "${scannerHome}/bin/sonar-scanner"
                }
            }
            }
        }
    }

}
}

And you need to add the sonar-project.properties file in the root of your projectdoc(In my case Angular) :

// project id in Sonarqube
sonar.projectKey=tnextest1
sonar.projectVersion=1.0
//location Angular source files who need to be analysed by Sonarqube
sonar.sources=src/app

If anybody has better ideas I would like to hear about it :slight_smile:
Kind regards
Ben


(G Ann Campbell) #7

Hi Ben,

Thanks for following up on this with your solution. In fact, as I look at this I realize that 3 different languages require Node for analysis: TypeScript, JavaScript, and CSS. And their docs give you 3 different ways of specifying the path to node:

SonarJS: sonar.nodejs.executable
SonarCSS: sonar.css.node
SonarTS:

If you can’t have typescript as a project dependency you can set your ‘NODE_PATH’ variable to point to your globally installed typescript, but this is generally discouraged in the node.js documentation.

Clearly this is sub-optimal. I’m going to try to get this sorted out.

And documented centrally.

 
Thx again,
Ann


(G Ann Campbell) #10

Hi Ben,

As a followup we’re going to move all three analyzers to using a common property, and then document that!

Thanks for turning over this rock.

 
:slight_smile:
Ann