I'm using Jenkins 2.89, SonarQube Scanner for Jenkins 2.6.1 and SonarQube 6.7 configured with a webhook to Jenkins.
I'm triggering Sonar analysis with:
stage("SonarQube Analysis") {
script {
workspace = resolveWorkspacePath()
withEnv(["JAVA_HOME=${ tool 'java-8'}","PATH+MAVEN=${tool 'Maven 3.2.2'}/bin:${env.JAVA_HOME}/bin"]) {
withSonarQubeEnv('Sonar Solem') {
sh "mvn -f ${workspace}/pom.xml org.sonarsource.scanner.maven:sonar-maven-plugin:3.3.0.603:sonar -Dsonar.host.url=http://sonar.mycompany.cl"
}
}
}
and then gathering status at the next stage with:
stage("SonarQube Quality Gate") {
steps {
script {
timeout(time: 1, unit: 'HOURS') {
def qg = waitForQualityGate()
if (qg.status != 'OK') {
echo "Status: ${qg.status}"
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
}
}
The log in console shows:
[Pipeline] script
[Pipeline] {
[Pipeline] timeout
Timeout set to expire in 1 hr 0 min
[Pipeline] {
[Pipeline] waitForQualityGate
Checking status of SonarQube task 'AV-nIGNjEMS3I3uac4Dq' on server 'Sonar MyCompany'
SonarQube task 'AV-nIGNjEMS3I3uac4Dq' status is 'IN_PROGRESS'
[Pipeline] echo
Status: NONE
[Pipeline] error
[Pipeline] }
Looking at logging level, I see the SonarQube webhook POST with a correct payload:
Received POST from 10.0.0.236
Nov 10, 2017 3:27:06 PM FINE org.sonarsource.scanner.jenkins.pipeline.SonarQubeWebHook
Full details of the POST was {"serverUrl":"http://sonar.mycompany.cl","taskId":"AV-nLx-zEMS3I3uac4Ds","status":"SUCCESS","analysedAt":"2017-11-10T15:25:50-0300","changedAt":"2017-11-10T15:25:50-0300","project":{"key":"com.mycompany:mycomponent","name":"My Company Component","url":"http://sonar.mycompany.cl/dashboard?id=com.mycompany%3Amycomponent"},"branch":{"name":"master","type":"LONG","isMain":true,"url":"http://sonar.mycompany.cl/dashboard?id=com.mycompany%3Amycomponent"},"properties":{}}
I didn't find a working solution to this, so I suppose it works correctly for the most of people. I'm using the latest version for every component, maybe a regression?
Regards
I came across a similar situation where waitForQualityGate() fails with Status NONE.
Looking at the console output
[Pipeline] waitForQualityGate
Checking status of SonarQube task 'AWWpiDY2hX3zDQY-CMoe' on server 'Sonar1'
SonarQube task 'AWWpiDY2hX3zDQY-CMoe' status is 'SUCCESS'
SonarQube task 'AWWpiDY2hX3zDQY-CMoe' completed. Quality gate is 'NONE'
Quality gate is 'NONE' ??? I wasnt sure what was causing this as previous test runs returned Quality gate is 'OK'.
Having a look on SonarQube server I notice that the default Quality Gate 'SonarQube Way' was NOT set as default. In my situation I was only working with this one Quality Gate. Resetting this to default resolved my issue.
[Pipeline] waitForQualityGate
Checking status of SonarQube task 'AWWpnnRThX3zDQY-CMpM' on server 'Sonar1'
SonarQube task 'AWWpnnRThX3zDQY-CMpM' status is 'PENDING'
SonarQube task 'AWWpnnRThX3zDQY-CMpM' status is 'SUCCESS'
SonarQube task 'AWWpnnRThX3zDQY-CMpM' completed. Quality gate is 'OK'
Related
stage("Quality Gate"){
when{
expression { params.Env == 'DEV'}
}
steps {
timeout(time: 1, unit: 'MINUTES') {
waitForQualityGate abortPipeline: true
output:
Checking status of SonarQube task 'AYXqx14e8y4YGb0qU2rE' on server ' SonarQube'
SonarQube task 'AYXqx14e8y4YGb0qU2rE' status is 'SUCCESS'
SonarQube task 'AYXqx14e8y4YGb0qU2rE' completed. Quality gate is 'ERROR'
I configured webhooks in sonarqube it was working fine earlier and passed showed in sonar but it is now showing above error and build is failing
I want to know how to fix this and get this passed
I am trying to run sonar-scanner and access quality gate results and am kind of stuck after trying various options suggested on forums. This is my first time trying to post, so please let me know if I am missing any details. I do see the json payload in sonarqube server webhooks console but it is in failed status (red cross-mark). Ours is a shared CBJ and SonarQube server with limited access for me on both of those. Any help/guidance is really appreciated. Thank you so much.
======================================
SonarQube Configuration
Project_Name > Administration > Webhooks
Name: Webhook_Name
URL: https://CloudBeesJenkins_Server_FQDN/dev-master/sonarqube-webhook/
Secret: 'webhook_secret_text'
======================================
CBJ Configuration
CredentialsID: 'SonarQubeToken': Value: Scope: Global credentials (unrestricted)
======================================
Jenkins Job - Pipeline Script
/* this stage succeeds */
stage('SonarQube Analysis') {
def scannerHome = tool 'Sonar-Prod';
withSonarQubeEnv('Sonar-Prod') {
sh """${scannerHome}/bin/sonar-scanner -X \
-Dsonar.projectKey=ProjKey \
-Dsonar.sources=src \
-Dsonar.host.url=https://sonarqube_server_fqdn \
-Dsonar.login=sonar_project_secret_text"""
}
}
/* fails at waitForQualityGate */
stage("Quality Gate Status Check") {
timeout(time: 1, unit: 'HOURS')// Just in case something goes wrong, pipeline will be killed after a timeout
// had previously tried using waitForQualityGate() and waitForQualityGate(webhookSecretId: 'webhook_secret_text' with same result
def qg = waitForQualityGate(webhookSecretId: 'webhook_secret_text', credentialsId: 'sonar_project_secret_text') // Reuse taskId previously collected by withSonarQubeEnv
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
=====================================
Logs from Jenkins Server - Job Running Sonarscanner and qualitygate
SonarQube Scanner 4.2.0.1873
Java 1.8.0_242 Oracle Corporation (64-bit)
Linux 2.6.32-754.27.1.el6.x86_64 amd64
SonarQube server 7.9.1 - Community 7.9.1.27448
[CloudBees Jenkins Enterprise 2.204.3.7-rolling]
09:40:13.671 DEBUG: Upload report
09:40:13.931 DEBUG: POST 200 https://sonarqube_server_fqdn/api/ce/submit?projectKey=ProjKey | time=256ms
09:40:13.935 INFO: Analysis report uploaded in 264ms
09:40:13.938 INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarqube_server_fqdn/dashboard?id=ProjKey
09:40:13.938 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
09:40:13.938 INFO: More about the report processing at https://sonarqube_server_fqdn/api/ce/task?id=AXDt34Wae-uSoUyAgrS-
[Pipeline] waitForQualityGate
Checking status of SonarQube task 'AXDt34Wae-uSoUyAgrS-' on server 'Sonar-Prod'
org.sonarqube.ws.client.HttpException: Error 401 on https://sonarqube_server_fqdn/api/ce/task?id=AXDt34Wae-uSoUyAgrS-
It was a firewall issue. Communication from Jenkins to SonarQube server was opened but not the other way round. This issue can be closed.
I have a Jenkins pipeline that periodically pull from gitlab and build different repos, build a multi-component platform, run and test it. Now I installed a sonarqube server on the same machine (Ubuntu 18.04) and I want to connect my Jenkins to sonarqube.
In Jenkins:
I set up the sonarqube scanner at Global Tool Configuration as below:
I generated a token in sonarqube and in Jenkins at configuration I set up the server as below BUT I couldn't find any place to insert the token (and I think this is the problem):
In the jenkins pipeline this is how I added a stage for sonarqube:
stage('SonarQube analysis') {
steps{
script {
scannerHome = tool 'SonarQube';
}
withSonarQubeEnv('SonarQube') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
But this fails with below logs and ERROR: script returned exit code 127:
[Pipeline] { (SonarQube analysis)
[Pipeline] script
[Pipeline] {
[Pipeline] tool
Invalid tool ID
[Pipeline] }
[Pipeline] // script
[Pipeline] withSonarQubeEnv
Injecting SonarQube environment variables using the configuration: SonarQube
[Pipeline] {
[Pipeline] sh
+ /var/lib/jenkins/tools/hudson.plugins.sonar.SonarRunnerInstallation/SonarQube/bin/sonar-scanner
/var/lib/jenkins/workspace/wws-full-test#tmp/durable-2c68acd1/script.sh: 1: /var/lib/jenkins/workspace/wws-full-test#tmp/durable-2c68acd1/script.sh: /var/lib/jenkins/tools/hudson.plugins.sonar.SonarRunnerInstallation/SonarQube/bin/sonar-scanner: not found
[Pipeline] }
WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeeded?
[Pipeline] // withSonarQubeEnv
[Pipeline] }
[Pipeline] // stage
And when I check my jenkinstools on the disk sonnar plugin is not there:
$ ls /var/lib/jenkins/tools/
jenkins.plugins.nodejs.tools.NodeJSInstallation
Can someone please let me know how I can connect Jenkins to sonarqube?
Create and add token to be able to connect to SonarQube.
You have create project in SonarQube and use it as a parameter:
sh """
${scannerHome}/bin/sonar-scanner \
-Dsonar.projectKey=your_project_key_created_in_sonarqube_as_project \
-Dsonar.sources=. \
"""
I have a Jenkins pipeline job which build my application, make a Sonar analysis and then is the quality gate passed I deploy in ou Nexus with mvn deploy.
The initial setup was to publish only in case of success (taken from the official doc):
stage("Quality Gate"){
timeout(time: 1, unit: 'HOURS') {
def qg = waitForQualityGate()
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
and now we want to change a bit the logic gate in Jenkins and we would like to publish in case there no error (but e.g Warning is acceptable).
For that I changed the Jenkins satge to:
stage("Quality Gate"){
timeout(time: 1, unit: 'HOURS') {
def qg = waitForQualityGate()
if (qg.status == 'Error') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
stage('Deploy to Nexus') {
sh "mvn deploy -DskipTests"
}
but now, it does not seems to work properly: my project is always pushed to Nexus even the Quality gate is in Error in SonarQube.
I have a possible workaround by changing the condition:
qg.status != 'OK' || qg.status != 'Warning'
Anyone knows what is the exact value for the error status (and possibly other values)?
The documentation seems incomplete and there is no other way than guessing the correct return value.
For preventing such issue I suggest to test without exact case like this:
if ('error'.equalsIgnoreCase(qg.status) ) {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
When using such condition my script is working fine, then it seems the value returned is in all capital case: 'ERROR'.
It's configurable via Webhooks in SonarQube Administration setup: https://docs.sonarqube.org/display/SONAR/Webhooks
So, the method returns whatever you have configured for all Gateway Rules for OK or failure.
The following SonarQube (6.3) analysis stage in a declarative pipeline in Jenkins 2.50 is failing with this error in the console log: http://pastebin.com/t2ja23vC. More specifically:
SonarQube installation defined in this job (SonarGate) does not match any configured installation. Number of installations that can be configured: 1.
Update: after changing "SonarQube" to "SonarGate" in the Jenkins settings (under SonarQube servers, so it'll match the Jenkinsfile), I get a different error: http://pastebin.com/HZZ6fY6V
java.lang.IllegalStateException: Unable to get SonarQube task id and/or server name. Please use the 'withSonarQubeEnv' wrapper to run your analysis.
The stage is a modification of the example from the SonarQube docs: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Jenkins#AnalyzingwithSonarQubeScannerforJenkins-AnalyzinginaJenkinspipeline
stage ("SonarQube analysis") {
steps {
script {
STAGE_NAME = "SonarQube analysis"
if (BRANCH_NAME == "develop") {
echo "In 'develop' branch, don't analyze."
}
else { // this is a PR build, run sonar analysis
withSonarQubeEnv("SonarGate") {
sh "../../../sonar-scanner-2.9.0.670/bin/sonar-scanner"
}
}
}
}
}
stage ("SonarQube Gatekeeper") {
steps {
script {
STAGE_NAME = "SonarQube Gatekeeper"
if (BRANCH_NAME == "develop") {
echo "In 'develop' branch, skip."
}
else { // this is a PR build, fail on threshold spill
def qualitygate = waitForQualityGate()
if (qualitygate.status != "OK") {
error "Pipeline aborted due to quality gate coverage failure: ${qualitygate.status}"
}
}
}
}
}
I also created a webhook, sonarqube-webhook, with the URL http://****/sonarqube-webhook/. Should it be like that, or http://****/sonarqube/sonarqube-webhook? To access the server dashboard I use http://****/sonarqube.
In SonarQube's Quality Gates section I created a new quality gate:
I am not sure if the setting in SonarGate is correct. I do use jenkins-mocha to generate an lcov.info file that is used in Sonar to generate the coverage data.
Perhaps the quality gate setting is the wrong setting to do? The end result is to fail the job in Jenkins if coverage % is not met.
Finally, I am not sure if the following configurations in the Jenkins system configuration are at all required:
And
(It's 9000 not 900... cut text in the screen shot)
The SonarQube Jenkins plugin scans the build output for two specific lines, which it uses to get the SonarQube report task properties and project URL. If your invocation of sonar-scanner does not output these lines, the waitForQualityGate() call won't have the task ID to look them up. So you will have to figure out the correct settings to make it more verbose.
See the extractSonarProjectURLFromLogs and extractReportTask methods in the SonarUtils class of the plugin to understand how they work:
ANALYSIS SUCCESSFUL, you can browse <project URL> is used to add a link to the badge (in the build history)
Working dir: <dir with report-task.txt> is used to pass the task ID to the waitForQualityGate step
This was discovered to be a bug in the SonarQube scanner for Jenkins, when using a Jenkins slave for jobs (if the job is run on the master, it'd work). You can read more here: https://jira.sonarsource.com/browse/SONARJNKNS-282
I have tested this using a test build of v2.61 of the scanner plug-in and found it working.
The solution is to upgrade to v2.61 when released.
This stage will then work:
stage ("SonarQube analysis") {
steps {
withSonarQubeEnv('SonarQube') {
sh "../../../sonar-scanner-2.9.0.670/bin/sonar-scanner"
}
def qualitygate = waitForQualityGate()
if (qualitygate.status != "OK") {
error "Pipeline aborted due to quality gate coverage failure: ${qualitygate.status}"
}
}
}
If you're running SonarCube in a docker container check that the memory isn't exhausted. We were maxing out. Which seemed to be the issue.