Menu
Context: In Sonar Qube, there exists a custom Quality Gate which is called say abcd. This is NOT the default quality gate. And in Jenkins, I had configured this SonarQube Quality Gate for a set of APIs by using the parameter
-Dsonar.QualityGate=abcd and it was working fine.
Recently Sonar Qube was upgraded to version 5.3. Since then, the abcd quality gate is not working and the default quality gate is coming into play instead of the abcd quality gate for all the APIs.
On analysis, I came to know that sonar.QualityGate is deprecated in Version 5.3.
Question: Can you please let me know what is the alternative? And how do I make sure that these set of APIs have abcd as the quality gate and not the default quality gate?
I would prefer a solution such that I can configure something on Jenkins as I have access to Jenkins but not to Sonar Qube configurations.
440
Setting sonar. qualitygate. wait to true forces the analysis step to poll your SonarQube instance until the Quality Gate status is available. This increases the pipeline duration and causes the analysis step to fail any time the Quality Gate fails, even if the actual analysis is successful.
Recommended Quality Gate We recommend the built-in Sonar way quality gate for most projects. It focuses on keeping new code clean, rather than spending a lot of effort remediating old code. Out of the box, it's already set as the default profile.
Check the Quality Gate of your code with SonarQube to ensure your code meets your own quality standards before you release or deploy new features. SonarQube is the leading product for Continuous Code Quality & Code Security. It supports most popular programming languages, including Java, JavaScript, TypeScript, C#, Python, C, C++, and many more.
SonarQube is the leading product for Continuous Code Quality & Code Security. It supports most popular programming languages, including Java, JavaScript, TypeScript, C#, Python, C, C++, and many more. A previous step must have run an analysis on your code. The workflow YAML file will usually look something like this::
Quality Profiles. Overview. Quality Profiles are a core component of SonarQube, since they are where you define sets of Rules that when violated should raise issues on your codebase (example: Methods should not have a Cognitive Complexity higher than 15).
Integrating SonarQube into a CI Making SonarQube part of a Continuous Integration process is possible. This will automatically fail the build if the code analysis did not satisfy the Quality Gate condition. For us to achieve this, we're going to be using SonarCloud which is the cloud-hosted version of SonaQube server.
It's indeed no more possible to set the Quality Gate of a project using a parameter when running an analysis. It's only possible from the UI/WS, where you can specify which Quality Gate should be used for which project.
See the documentation for more information : http://docs.sonarqube.org/display/SONAR/Quality+Gates.
51
You can still dynamically create an association gate - project via Sonarqube Web API.
From your Sonarqube instance, go to its /web_api URL (e.g. http://my-sonarqube/web_api) and check the list of available operations.
The web_api/api/qualitygates is the set of operations related to quality gates.
The web_api/api/qualitygates/select is the operation you need to associate a gate to a project.
Hence, as replacement of the deprecated sonar.qualitygate, you can use either the manual association via the web UI or a dynamic (and automated) association via web API, recommended. The latter case is the way to go in case of Continous Integration jobs (as you mentioned Jenkins in this context) that would need to create dynamically the link (especially useful for branches management).
As a mandatory step for this operation to work, you need to pass some permissions, e.g. an user token, as recommended approach from official Sonarqube documentation on Web API.
An example of what a CI step may look like just before invoking the sonar:sonar step:
curl -u ${sonar.password.token}: ${sonar.setqualitygate.url} \
-d "gateId=${sonar.gate.id}&projectKey=${sonar.project.key}:${planRepository.branch}"
Where:
sonar.password.token is a token you need to generate from the Sonarqube User management page, for a technical user (e.g. a Jenkins user used to make the connection between the component)sonar.setqualitygate.url the URL of the REST API endpoint (e.g. http://your.sonarqube.domain/api/qualitygates/select)sonar.gate.id is the gate id, you can find it easily on the URL of the concerned gate (e.g. http://your.sonarqube.domain/quality_gates/show/<id>)sonar.project.key and planRepository.branch here we are building dynamically the name of the project for a certain branch as well, you can skip this step if you don't want to handle branches dynamically (e.g. easy to do in Bamboo, a bit more tricky in Jenkins)
38
Using approach, suggested by A_Di-Matteo , I faced an issue: when trying to select a gate for brand new feature branch, Sonar throw an error saying that project does not exist. So one can assign a gate only after project has been created. In this case, i use a hack: manually create a project using Sonar Web API just before assigning a gate, and only then performing mvn sonar:sonar step. Here is creation of dummy new project:
def createNewProject(def config, def branch) {
String projectName = new XmlSlurper().parseText(readFile('pom.xml')).name as String
def url = "${config.sonarHost}/api/projects/create"
sh "curl -u ${config.sonarToken}: ${url} -d 'name=${projectName}&project=${projectKey()}&branch=${branch}'"
}
Next step is assigning a Gate for this dummy project:
def setSonarQualityGate(def config, def projectFullName, def gateId) {
def url = "${config.sonarHost}/api/qualitygates/select"
sh "curl -u ${config.sonarToken}: ${url} -d 'gateId=${gateId}&projectKey=${projectFullName}'"
}
And only after that I execute analysis itself:
def runSonarAnalysis(def config, def branch) {
echo "Run Sonar analysis"
sh "mvn sonar:sonar -Dsonar.host.url=${config.sonarHost} -Dsonar.branch=${branch}"
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
