Create a SonarQube Jenkins Webhook
Integrate Jenkins with SonarQube via webhook callbacks
SonarQube is an open-source platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities.
Adding a webhook in SonarQube is very simple and straightforward. This task can be done form the SonarQube user interface itself. However, if you are trying to add an HTTPS webhook with a self-signed SSL certificate you need to perform extra steps 😃. I this post, I will illustrate how we can add a Jenkins https
webhook to SonarQube.
Unfortunately, SonarQube does not provide the option to disable SSL verification for self-signed certificates. Therefore since we want to add an HTTPS webhook that is running with a self-signed SSL certificate we need to make sure that SonarQube is trusting the self-signed certificate. This task can be done by executing the following commands on the host where SonarQube is running
$> sudo cp self-signed-ssl.crt /usr/local/share/ca-certificates/
$> sudo update-ca-certificates
In case you are using docker for running SonarQube, you can use the below Dockerfile for building docker images that trust your self-signed certificate