Context: In Sonar Qube, there exists a custom Quality Gate which is called say abcd
. This is NOT the default quality gate. And in Jenkins, I had configured this SonarQube Quality Gate for a set of APIs by using the parameter
-Dsonar.QualityGate=abcd
and it was working fine.
Recently Sonar Qube was upgraded to version 5.3. Since then, the abcd
quality gate is not working and the default quality gate is coming into play instead of the abcd
quality gate for all the APIs.
On analysis, I came to know that sonar.QualityGate
is deprecated in Version 5.3.
Question: Can you please let me know what is the alternative? And how do I make sure that these set of APIs have abcd
as the quality gate and not the default quality gate?
I would prefer a solution such that I can configure something on Jenkins as I have access to Jenkins but not to Sonar Qube configurations.
It's indeed no more possible to set the Quality Gate of a project using a parameter when running an analysis.
It's only possible from the UI/WS, where you can specify which Quality Gate should be used for which project.
See the documentation for more information : http://docs.sonarqube.org/display/SONAR/Quality+Gates.
You can still dynamically create an association gate - project via Sonarqube Web API.
From your Sonarqube instance, go to its /web_api
URL (e.g. http://my-sonarqube/web_api
) and check the list of available operations.
The web_api/api/qualitygates
is the set of operations related to quality gates.
The web_api/api/qualitygates/select
is the operation you need to associate a gate to a project.
Hence, as replacement of the deprecated sonar.qualitygate
, you can use either the manual association via the web UI or a dynamic (and automated) association via web API, recommended. The latter case is the way to go in case of Continous Integration jobs (as you mentioned Jenkins in this context) that would need to create dynamically the link (especially useful for branches management).
As a mandatory step for this operation to work, you need to pass some permissions, e.g. an user token, as recommended approach from official Sonarqube documentation on Web API.
An example of what a CI step may look like just before invoking the sonar:sonar
step:
curl -u ${sonar.password.token}: ${sonar.setqualitygate.url} \
-d "gateId=${sonar.gate.id}&projectKey=${sonar.project.key}:${planRepository.branch}"
Where:
sonar.password.token
is a token you need to generate from the Sonarqube User management page, for a technical user (e.g. a Jenkins user used to make the connection between the component)
sonar.setqualitygate.url
the URL of the REST API endpoint (e.g. http://your.sonarqube.domain/api/qualitygates/select
)
sonar.gate.id
is the gate id, you can find it easily on the URL of the concerned gate (e.g. http://your.sonarqube.domain/quality_gates/show/<id>
)
sonar.project.key
and planRepository.branch
here we are building dynamically the name of the project for a certain branch as well, you can skip this step if you don't want to handle branches dynamically (e.g. easy to do in Bamboo, a bit more tricky in Jenkins)
Using approach, suggested by A_Di-Matteo , I faced an issue: when trying to select a gate for brand new feature branch, Sonar throw an error saying that project does not exist. So one can assign a gate only after project has been created.
In this case, i use a hack: manually create a project using Sonar Web API just before assigning a gate, and only then performing mvn sonar:sonar step.
Here is creation of dummy new project:
def createNewProject(def config, def branch) {
String projectName = new XmlSlurper().parseText(readFile('pom.xml')).name as String
def url = "${config.sonarHost}/api/projects/create"
sh "curl -u ${config.sonarToken}: ${url} -d 'name=${projectName}&project=${projectKey()}&branch=${branch}'"
}
Next step is assigning a Gate for this dummy project:
def setSonarQualityGate(def config, def projectFullName, def gateId) {
def url = "${config.sonarHost}/api/qualitygates/select"
sh "curl -u ${config.sonarToken}: ${url} -d 'gateId=${gateId}&projectKey=${projectFullName}'"
}
And only after that I execute analysis itself:
def runSonarAnalysis(def config, def branch) {
echo "Run Sonar analysis"
sh "mvn sonar:sonar -Dsonar.host.url=${config.sonarHost} -Dsonar.branch=${branch}"
}