Analysing manually added project with specified quality gate
I am interested in analysising my Jenkins builds via SonarQube. Initially, I have used the following code
stage('SonarCloud') {
steps {
withSonarQubeEnv('SonarQube') {
sh 'mvn clean package sonar:sonar '
}
}
}
However, I have asked here about how can I specify the quality gate that server uses for my analysis. From the answer provided, I have modified my code to look like this
stage('SonarCloud') {
steps {
withSonarQubeEnv('SonarQube') {
script{
def projectName = "Some-Exp"
// Creating a fresh project and placing it on the server - Works fine
sh "curl -u ${env.SONAR_AUTH_TOKEN} '${env.SONAR_HOST_URL}/api/projects/create' -d 'name=${projectName}&project=${projectName}&branch=${env.BRANCH_NAME}'"
// Specifying Quality Gate that to be used when performing our analysis - Does not quite work
sh "curl -u ${env.SONAR_AUTH_TOKEN} '${env.SONAR_HOST_URL}/api/qualitygates/select' -d 'gateId=2&projectKey=${projectName}'"
// Analysing our project - Creates the entirely new project, much like the initial code did
sh "mvn sonar:sonar -Dsonar.host.url=${env.SONAR_HOST_URL}"
}
}
}
}
The code creates and places a project on SonarQube server, but the said project still has a default quality gate, and it contains no analysis (in fact, current code creates an identical output to the one created by sh 'mvn clean package sonar:sonar ' line that I have used initially). There are no errors or anything. The problem is that the code does not do what I would like it to do.
This post mentioned that I need to add my project to profile group, before analysing it (which makes a lot sense). Tried to add sh "curl -u ${env.SONAR_AUTH_TOKEN} '${env.SONAR_HOST_URL}/api/qualityprofiles/add_project'" with some parameters but it didn't help that much.
I wonder what am I missing. I think the final line needs to be parametrised but I could not find anything that would make it work.
I have created a sample Maven project and run sonar analysis from Jenkins. Also, I have used the Web API to assign the QualityGate.
You can use the below Jenkinsfile as an example, to do sonar analysis.
Jenkinsfile
pipeline {
agent any
tools {
maven 'MAVEN_HOME1'
}
stages {
stage('Git') {
steps {
git credentialsId: 'gitlab-test', url: 'https://example.com/gitlab/repo1/simple-java-maven-app.git'
}
}
stage('Maven Install') {
steps {
sh "mvn install"
}
}
stage('Create Sonar Proejct') {
steps {
sh 'curl -X POST -u "admin:admin" "https://example.com/sonarqube/api/projects/create?name=stackoverflow&project=stackoverflow"'
}
}
stage('Set Quality Gate') {
steps {
sh 'curl -u "admin:admin" -X POST "https://example.com/sonarqube/api/qualitygates/select?projectKey=stackoverflow&gateId=10100"'
}
}
stage('Sonarqube Analysis') {
steps {
sh """mvn -U install sonar:sonar -Dsonar.host.url=https://example.com/sonarqube/ -Dsonar.login=7yha3f47967iuednd8cd -Dsonar.projectKey=stackoverflow -Dsonar.projectName=stackoverflow -Dsonar.sources=. -Dsonar.java.binaries=**/* -Dsonar.language=java -Dsonar.exclusions=src/test/java/com/mycompany/app/AppTest.java"""
}
}
}
}
Please find below the SonarQube Analysis Result and other screenshots, for your reference.
Screenshots:
Jenkins Console Output:
List of Available QualityGate:
Note: In the above image, "id":10040,"name":"SonarQube way" is the default QualityGate. I have used "id":10100,"name":"SASSonarQube way" for setting Quality Gate to analyze the project
stackoverflowusing Web API. All are marked inyellow
SonarQube Analysis
In above image, you can see the Quality Gate
SASSonarQube wayhas been used to do sonar analysis. Marked inyellow
- Gitlab Pipeline fails Sonarqube tests which uses self signed certificate
- throws an error while running my custom rules in ESlint 1:1 error Definition for rule 'D:/Sports/eslint-rules/no-log.js' was not found
- Move "Won't fix" between projects in Sonarqube
- Sonarqube: Missing blame information for the following files
- Is it possible to run the sonarqube scanner without installing the sonarqube?
- Refactor this method to reduce its Cognitive Complexity from 21 to the 15 allowed. How to refactor and reduce the complexity
- Passing custom report template to sonar-cnes-report(https://github.com/cnescatlab/sonar-cnes-report/)
- Directory excluding in sonar-project.properties file doesn't work (for me)
- Decorating the pull request in GitHub with SonarQube (Community Edition)
- SonarQube Github Action for Objective-C
- Automatically merge "develop" branch into "sonar-scan" branch
- Check the code coverage for a project on sonar with rest api
- Can't replace SonarCloud @1 CLI tasks with @2 (Azure DevOps)
- You're not authorized to run analysis. Please contact the project administrator Sonarqube local
- preserving database when upgrading sonarqube to different helm chart
- SonarQube scanner for Javascript in Azure DevOps slower after moving to a faster computer
- Ignore files during coverage report
- sonaqube jest coverage cannot resolve file paths
- Why should we have to build the project first before executing the SonarQube code analysis in Azure DevOps?
- How to disable Sonar rules for specific files?
- Sonarqube maven plugin : "The 'report' parameter is missing" when analyzing Maven Project
- Viewing and Managing Duplicate Code Blocks in SonarQube 5.6.4
- Sonarqube Failed to upload report 413
- Simplifying nested if else loops Cognitive complexity in Java
- Is lcov file which has 2 other lcov files simply concatenated a valid lcov file?
- Sonarqube scan with different java version than project
- Import Angular unit test report into Sonarqube
- Scan wheel file without building it
- How to scan hidden folder such as ".nameFolder" in SonarQube?
- try to fix SonarQube bug - A "NullPointerException" could be thrown