Overview
This Jenkins pipeline automates the build, test, and deployment process for a Spring Boot application. The pipeline includes source control management, code quality analysis with SonarQube, and artifact publishing to Artifactory.
Now we go in-depthly into each stage and step of the pipeline.
Pipeline Parameters
-
FOLDER_PATH: Target directory for the project (default: springboot2-health-record) -
GROUP_ID: Maven project group ID (default: com.danielpm1982) -
ARTIFACT_ID: Maven project artifact ID (default: springboot2-health-record) -
VERSION: Project version (default: 0.0.1-SNAPSHOT) -
GIT_REPO: Git repository URL
These parameters are gotten from the application source code's POM file
Environment Variables
-
SONARQUBE: SonarQube server instance name -
ARTIFACTORY_SERVER: Artifactory server instance name
The values of these variables are gotten from the Sonarqube and Artifactory instance name you stated at when setting them up in Jenkins system configurations.
Pipeline Stages
1. Clone Repository
Clones the Git repository if the target directory doesn't exist. This prevents redundant cloning if the directory is already present.
2. Install Maven
Sets up the Maven build environment:
- Updates package lists
- Installs Maven
- Configures Maven environment variables
sudo apt-get install -y maven
This command installs Maven.
The -y flag automatically confirms all prompts that would normally ask you to approve the installation of packages. Without -y, it would prompt you for confirmation (e.g., "Do you want to continue? [Y/n]").
sudo rm -rf /var/lib/apt/lists/*
This command removes cached package lists that APT uses to store metadata about available packages.
We’re doing this to clean up any unnecessary cached data and reduce disk usage.
echo "export MAVEN_HOME=/usr/share/maven" >> ~/.bashrc
This command sets an environment variable MAVEN_HOME to the directory where Maven is installed.
. ~/.bashrc
After modifying .bashrc (in the previous step), this command ensures that the environment variable MAVEN_HOME is immediately available in the current shell session without needing to restart the terminal.
3. SonarQube Analysis
Performs static code analysis using SonarQube:
- Executes Maven clean and verify
- Runs SonarQube analysis
- Skips tests during analysis phase
mvn clean verify sonar:sonar -DskipTests
This Maven command is used to clean the project, run tests (but skip them in this case), and perform SonarQube analysis.
We’re wrapping this shell command in a withSonarQubeEnv(SONARQUBE) block which makes sure that the pipeline environment is configured with the necessary SonarQube environment variables (e.g., authentication tokens, URL) to allow Maven or other build tools to communicate with SonarQube.
This creates a Project in Sonarqube, which we can confirm from the UI, http://public-ip-address:9000
4. Build
Builds the application:
- Executes Maven clean and package
- Skips tests during build phase
mvn clean package -DskipTests
This maven command will build the project, clean it first, and package it into a deployable artifact (for our application, a JAR file), located in a target folder.
5. Quality Gate
Enforces code quality standards:
- Waits for SonarQube analysis completion
- Times out after 5 minutes
- Fails pipeline if quality gates aren't met
> timeout(time: 5, unit: 'MINUTES') {
waitForQualityGate abortPipeline: true
}
The waitForQualityGate function is provided by the SonarQube Jenkins plugin and waits for the quality gate analysis results from SonarQube.
If the SonarQube quality gate fails, the abortPipeline: true option ensures the pipeline is aborted. If the quality gate is failed, the pipeline will stop and not continue to subsequent stages.
6. Publish to Artifactory
Publishes artifacts to JFrog Artifactory:
- Builds project using Maven
- Uploads JAR file and POM file
- Uses specified group/artifact structure
- Sets artifact properties (type and status)
This script uploads artifacts to an Artifactory server after building the project with Maven.
Let's look at it critically:
def server = Artifactory.server(ARTIFACTORY_SERVER):
initializes the connection to an Artifactory server, using the ARTIFACTORY_SERVER environment variable we stated above.
def buildInfo = Artifactory.newBuildInfo():
This creates a new instance of build information for uploading to Artifactory.
The build info is used to store metadata about the build in this case, the artifacts that will be uploaded to Artifactory. It will help us track things like:
- Which version of the application the artifact belongs to.
- Which Jenkins job or build pipeline created the artifact.
- What Git commit or branch the artifact was built from.
Next, we're creating a JSON object, uploadSpec, that contains the file patterns and target paths for the artifacts being uploaded to Artifactory. There are 2 files we want to publish - the JAR and POM files - so we'll be having an array of objects:
- The first object specifies the JAR file to upload.
- The second object specifies the POM file for the Maven project.
keys:
pattern: The file pattern to match the artifacts (e.g., the JAR and POM files).
target: The target path in Artifactory where the artifact will be uploaded.
props: Custom properties that can be added to the artifacts (e.g., type, status).
recursive: Specifies whether to recursively find files (set to false here).
Then we have 2 methods that upload to Artifactory
server.upload spec: uploadSpec, buildInfo: buildInfo
This uploads the files specified in theuploadSpecJSON object to the Artifactory server.server.publishBuildInfo buildInfo
This publishes the build information (metadata) to Artifactory. It allows Artifactory to store information about the build (such as the JAR and POM files).
We can view our uploaded artifact by going to http://public-ip-address:8082
Top comments (1)
Integrating Jenkins with Artifactory and SonarQube streamlines the CI/CD pipeline by automating code quality analysis and artifact management. This setup enhances development efficiency and ensures higher code standards.
Betbhai9 login