I m trying to fail a build in my Jenkins server using the Quality Gate plugin (v2.5). In my jenkins i have installed SonarQube plugin (v2.4.4) and SonarQube Scanner v2.6.1. I have configured a SonarQube server as well v5.6
I have defined a quality gate (for eg bugs > 10) in my server for the project which i m building using my Jenkins server. I have created a freestyle job for the same in Jenkins. What i want to achieve is the build in Jenkins should fail whenever the Quality Gate requirement is not met.
I use the "Execute SonarQube Scanner" option in my build step in Jenkins and the Quality Gate option in the post build action (with my project key). I have defined the parameters for sonar analysis in the Analysis Properties section.
Currently, when the quality gate threshold is not met the status changes to failed on the SonarQube server but the build is passed in Jenkins. During the next execution of the same job in Jenkins the build is failed by the Quality Gate. That is the build status is not changed in synchronization with the SonarQube server but in the following execution,
Can you pls let me know what m i missing here ?
it's been a while since you posted this but maybe I can help at least with my understanding.
In SonarQube 5.6 (don't know when this changed) the build analysis is been analysed in a background task in SonarQube. So the Jenkins Build is finished after it posted the analysis to the server and the build is finished long before the background task on the SonarQube server is finished.
During or on the end of the background task in SonarQube it checks the QualityGate.
So the Jenkins plugin get's always "outdated" QualityGate status at least with SonarQube versions higher than 5.6.
It's possible to extend the Jenkins plugin and add a "wait for background task" option. Of course this would lead longer build times in Jenkins. This is already done in this fork of the "Quality Gates Plugin".
Hope this all right :-)
see the also the doku here
Related
I am trying to run my sonar scanner from jenkins and I want my jenkins job to fail when the Quality gate at sonar is not met.
I have configured sonar host and sonar scanner with jenkins at global tool level, my project analysis is uploaded in sonar, but the jenkins job is still passing. what am i doing wrong.
so, basically I am trying to achieve this https://blog.sonarsource.com/breaking-the-sonarqube-analysis-with-jenkins-pipelines/ , I can do it via pipelines, but I want to achieve the same thing via a jenkins job.
Here is my job
just clone a project and run sonar scanner.
this is the build step
git clone 'https://github.com/SonarSource/sonar-scanning-examples.git # clone
cd $WORKSPACE # goto cloned workspace
Here are the properties passed to sonarscanner
Analysis properties:
sonar.projectKey=org.sonarqube:sonarqube-scanner
sonar.java.binaries=.
sonar.qualitygate.wait=true
I believe sonar.qualitygate.wait=true this is the extra step that I need to do at sonar scanner step.
I want my jenkins job to fail, as soon as Quality gate fails.
I have a Maven Java Jenkins job which has a Post Step which invokes the 'Execute SonarQube Scanner' with a scan task.
I have defined two SonarQube installations within the Jenkins configuration.
I can post to both servers by copying the 'Execute SonarQube Scanner' scan task and changing the SonarQube Installation.
This performs the scan twice.
Is there a method to perform the scan once and post the results to both SonarQube Installations?
I guess no.
What you can do instead is, export and import entire project (after scan is complete) between SonarQubes (if feasible)
Refer it here : https://docs.sonarqube.org/display/PLUG/Project+Move
However, it is advisable to have a central SonarQube.
I'm trying to user Sonarqube with Jenkins.
I've added the Quality Gates Plugin, to fail the build in Jenkins if the Quality Gates are not respected in Sonarqube.
However, as you can see below, there is no Project Key field for Quality Gates.
Also, if I try to save the configuration, I get:
JSONObject["projectKey"] not found.
Any idea why this would not appear?
In http://jenkinsInstance/configure I had setup SonarQube only in "SonarQube servers" but not in "Quality Gates" as well.
I have the same issue. I also didn't initially add the sonar server in the system config, after doing that, I see the Project Key field only in the Post Build Actions.
That doesn't help if you want to add it as a build step or post build step.
EG. maven install with sonar scan, then test the gate, then if gate passes, maven deploy.
You have to configure SonarCube Servers first, then configure QualityGates.
This will solve the issue.
I am using Maven as a build tool and Jenkins as a CI tool. Currently I have a Jenkins job configured with a Maven build step.
I started using SonarQube and was wondering what is the advantage of using the Jenkins SonarQube plugin and configuring the SonarQube analysis as a post-build-action over simply adding sonar:sonar to the goals of my existing Maven build step.
Thanks and best regards,
Ronald
You can save a lot of configuration. So, if you use jenkins sonar plugin you can centralize database credentials and sonar credentials but if you make a decision about execute sonar:sonar in each jenkins job you will configure each with the same credentials.
I just found: Why use sonar plugin for Jenkins rather than simply use maven goal "sonar:sonar"?
And to add one reason: Using the Jenkins SonarQube plugins one can specify "Skip if triggered by SCM Changes". This is nice if you trigger your Jenkins job for each commit but only want to do a SonarQube analysis at a scheduled time, e.g. one per night.
And here is a summary of the the points made by "emelendez":
Centralize database credentials and sonar credentials Use jenkins
Use jenkins sonar plugin configuring SonarRunner for non Java projects
I've just changed to maven-sonar-plugin from the Jenkins SonarQube plugin to avoid divergence of information between the pom.xml and sonar-project.properties.
For example, developers elsewhere had bumped the project version number in the pom.xml, but they don't use the Jenkins builds and didn't care about the sonar-project.properties (or probably understand it). By switching to the maven plugin instead, the project version is defined once and referenced in the sonar property set within the pom.
The downside is that I no longer have the SonarQube link from the project's Jenkins page.
I'm not sure where the responsibility might be for adding this link back for projects using maven-sonar-plugin... The link is "owned" by the Jenkins SonarQube Plugin, but this is not being used here. Meanwhile the maven-sonar-plugin component is integrating with maven not Jenkins.
Something would need to observe the build and extract the SonarQube link which is emitted as a [INFO] ANALYSIS SUCCESSFUL, you can browse http://... line in the log.
I have an Ant-based project which I am deploying using Jenkins. If I add 'Add standalone SONAR' analysis from the 'Add build steps' option, it works fine but takes a long time. The problem is that there is a post-build custom step which deploys the build on the server. Since Sonar analysis takes a long time, deployment has to wait till its complete. Can I somehow postpone the SONAR analysis to after the deployment has been done ?
Why no do the sonar analysis in a child jenkins job?
You can also run Sonar as a POST build step after the deployment step.