Create a Jenkins CICD Pipeline with SonarQube Integration to perform S... https://cloudacademy.com/lab/create-jenkins-cicd-pipeline-sonarqube-int...

Platform Training Library Pricing Testimonials Resources For Business Search in our library... Login Start Free Trial

Home / Training Library

Create a Jenkins CICD Pipeline with SonarQube Integration to perform Static Code
Analysis

Lab Steps Ready for the real environment experience? Start Lab

Logging in to the Amazon

Web Services Console

Connecting to the Virtual

Dif�culty Time Limit Students Ratings
Machine using SSH
Intermediate 1h 30m 520 4.4/5
Launch Jenkins and
SonarQube Docker
Containers

Login to SonarQube and

Generate Security Token Description

Log in to Jenkins and Integrating Jenkins with SonarQube provides you with an automated platform for performing continuous inspection of
Complete the Default code for quality and security assurance.
Installation
In this lab, you will launch a Jenkins and SonarQube CICD environment using Docker containers on a provided EC2
Install and Con�gure
SonarQube and Gradle instance. You will then con�gure a Jenkins build pipeline to build, compile, and package a sample Java servlet web
Plugins application. The build pipeline will publish the source code into SonarQube, which in turn will perform a static analysis of the
code to detect bugs, code smells, and security vulnerabilities.
Create and Execute Jenkins
Pipeline Gradle Job
This lab is aimed at DevOps and CICD practitioners, and, in particular, build and release engineers interested in managing
Review SonarQube Static and con�guring Jenkins together with SonarQube to perform automated static code analysis.
Analysis Report
Lab Objectives
Validate AWS Lab
Upon completion of this lab, you will be able to:

Install and con�gure a Jenkins and SonarQube CICD environment using Docker containers
Con�gure Jenkins with the Gradle plugin to perform the core build and packaging for a sample Java servlet web
The hands-on lab is part of
application
these learning paths
Con�gure Jenkins with the SonarQube Scanner plugin for automated static code analysis
DevSecOps - Build and Release Create and set up a Jenkins build pipeline using a Jenkins�le stored within a GitHub repo
Secure Software Faster
Use the SonarQube web application to examine and review the generated static analysis report
8 1 12 3

Combining DevOps Tools at Lab Prerequisites

Scale - Jenkins, SonarQube,
Artifactory, Splunk, and Jira You should:
4 1 4

Be comfortable with SSH to remotely administer a Linux-based server

Be comfortable with basic Linux administration

Lab Environment

This lab will start with the following AWS resources being provisioned automatically for you:

A single EC2 instance, named cicd.platform.instance, which will have a public IP address attached

To achieve the Lab end state, you will be walked through the process of:

SSHing into the EC2 instance, named cicd.platform.instance

Use Docker Compose to launch the following Docker containers:
Jenkins
SonarQube Support
Postgres
Socat
Using a browser, administer and con�gure Jenkins - installing the required plugins. Connectivity to Jenkins will be Privacy - Terms

1 of 3 24-06-2021, 19:04
Create a Jenkins CICD Pipeline with SonarQube Integration to perform S... https://cloudacademy.com/lab/create-jenkins-cicd-pipeline-sonarqube-int...

done via the cicd.platform.instance Public IP address 

Using a browser, administer and con�gure SonarQube. Connectivity to SonarQube will be done via
the cicd.platform.instance Public IP address 
Create a Jenkins build pipeline and con�gure it to build a sample Java servlet web application hosted on GitHub, with
the source code later being forwarded into SonarQube for static code analysis
Execute the Jenkins build pipeline and con�rm that it has completed successfully, forwarding the source code over to
SonarQube for static code analysis
Con�rm that SonarQube has received and performed static code analysis and generated a project report

About the Author

Jeremy Cook Students Labs Courses Learning paths

Content Lead Architect 56419 44 96 46

Jeremy is a Content Lead Architect and DevOps SME here at Cloud Academy where he specializes in developing
DevOps technical training documentation.

He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems
for the past 25+ years. In recent times, Jeremy has been focused on DevOps, Cloud (AWS, GCP, Azure),
Security, Kubernetes, and Machine Learning.

Jeremy holds professional certi�cations for AWS, GCP, and Kubernetes.

https://www.linkedin.com/in/jeremycook123/
https://github.com/jeremycook123

Pricing About Careers Partners Contact Us Instructors

2 of 3 24-06-2021, 19:04
Create a Jenkins CICD Pipeline with SonarQube Integration to perform S... https://cloudacademy.com/lab/create-jenkins-cicd-pipeline-sonarqube-int...

SOLUTIONS TRAINING LIBRARY

Managing the Multi-Cloud AWS Training

Migrate to the Cloud Azure Training

Develop Tech Talent Google Cloud Training

Optimize Cloud Spend Alibaba Cloud Training

Big Data Training

Business Management Training

CERTIFICATIONS
Certi�cations Training
Cloud Certi�cations
Cloud Computing Fundamentals
AWS Certi�cations
Cloud Migration Training
Azure Certi�cations
Containers Training
Google Cloud Certi�cations
DevOps Training

Machine Learning Training

Programming Training

Security Training

Serverless Training

Upcoming Training

RESOURCES PAST EVENTS

Cloud Webinars AWS re:Invent

Cloud Conferences AWS Summit Atlanta

Cloud Case Studies AWS Summit Chicago

Whitepapers AWS Summit London

Cloud Academy Blog Microsoft Ignite

Cloud Roster™

Cloud Catalog™
COURSE INDEX
Press Releases
Amazon Web Services
Courses
Microsoft Azure
Release Notes
Google Cloud Platform

Alibaba Cloud

Copyright © 2021 Cloud Academy Inc. All rights reserved. Terms of Use Privacy Policy Sitemap System Status

3 of 3 24-06-2021, 19:04