stackoom
  简体   繁体   中英

Failing a Jenkins build pipeline based on Sonar Results

 原文  2017-01-07 16:32:48       sonarqube/ jenkins-pipeline/ devops

Question

I have created a Jenkins build pipeline and configured SOnar as I described in one of my earlier questions .

The Console Output for the build provides in it a URL that I am using for checking the results of Sonar Analysis. However, my requirement is that based on the number of defects that Sonar finds, it should fail the Jenkins build if a specific 'x' no. of defects are found. Pls suggest how this can be configured in the pipeline

4 answers

solution1
 3  2017-11-12 21:31:21

You can try to do it directly from you pipeline script: 

def scannerHome = tool 'SonarQube Scanner';
withSonarQubeEnv('SonarQube') {
    sh "${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=advant-web -Dsonar.sources=. -Dsonar.exclusions=node_modules/**,build/** -Dsonar.projectVersion=1.0.${BUILD_NUMBER}"
}
sleep 10
sh "curl -u user:password -X GET -H 'Accept: application/json' http://localhost:9000/api/qualitygates/project_status\\?projectKey\\=my-project > status.json"
def json = readJSON file:'status.json'
echo "${json.projectStatus.status}"
if ("${json.projectStatus.status}" == "ERROR") {
    currentBuild.result = 'FAILURE'
    error('SonarQube quality gate status of a project is invalid.')
}

or in case of upgrade SonarQube Scanner for Jenkins up to 2.61 you can write something like following: 

...
timeout(time: 5, unit: 'MINUTES') {
    def qualitygate = waitForQualityGate()
    if (qualitygate.status != "OK") {
        error "Pipeline aborted due to quality gate coverage failure."
    }
}

You can read more here: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Jenkins

solution2
 1  2017-01-09 16:10:14

You should:

  1. configure Quality Gate on SonarQube server and assign it to the project
  2. install SonarQube Build Breaker Plugin

Consider whether failing jobs is a good solution in your case: https://blog.sonarsource.com/why-you-shouldnt-use-build-breaker/

solution3
 0  2017-01-09 16:16:27

I've just done this recently. So yes - you need:

  • configure quality gate
  • Ensure that you have build breaker available on your sonar: Build Breaker Break the analyzer if the project does not pass its Quality Gate

solution4
 0  2021-11-22 13:49:43

For those who still search on it, I was looking for a similar solution especially can be used via Maven. I realized two solutions:

  1. You can set sonar.qualitygate.wait=true . Then, it will wait quality gate response. Final Maven run will be like:

    mvn verify sonar:sonar -Dsonar.qualitygate.wait=true

This will only work, If your Sonar Qube Server version is later than 8.1.

Ref: Sonar Qube Official Documentation

  1. If your version is lower than 8.1, then you can use below maven plugin

     <plugin> <groupId>io.github.r0bb3n</groupId> <artifactId>sonar-quality-gate-maven-plugin</artifactId> <version>1.1.0</version> </plugin>

Then, you will run the following Maven Command:

mvn sonar-quality-gate:check

Ref: Sonar Quality Gate Plugin

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Sonar failing to build Jenkins build project with javax.persistence.NonUniqueResultException sonar qube on jenkins pipeline Jenkins Script Pipeline sonar Integration sonar:sonar not working in jenkins maven build Sonar failing to get pylint results jacoco results differ in jenkins and sonar Sonar Buildbreaker Skip Failing the Build SonarQube Scanner Error while running the sonar qube from Jenkins build pipeline Jenkins Build failed - Sonar Maven Sonar Quality Gate behavior in Jenkins pipeline is unstable
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM