Skip to first unread message
psain...@gmail.com
Feb 14, 2018, 12:24:44 PM2/14/18
to SonarQube
Hello Everyone,
I am using Jenkins v2.69 with Pipeline plugin v2.5. My Sonarqube version is - v6.6 and gradle sonarqube version is - 2.6.1.
I am using sonar analysis with gradle in my Jenkins Pipeline.
Till date - We were having Sonarqube version - 5.6.6 in which there was support for "preview" mode (property "sonar.analysis.mode", "preview"), so we used to do the analysis in that mode in our pre-commit pipeline step and used to fail our build if it doesn't match the quality.
Now in v6.6 as per documentation here (https://docs.sonarqube.org/display/SONARQUBE66/Analysis+Parameters), the property has been removed.
so does it mean this version of sonarqube does not support "preview" mode?
Though, i noticed if i try to do a sonar analysis ("publish" mode) with a user who don't have permissions to do then i get message as above which make sense here as user doesn't have permissions to do that.
But the error does mention about "preview" mode, so does that mean it is still there?
Error Snippet:
17:03:25 Execution failed for task ':sonarqube'.
17:03:25 > You're only authorized to execute a local (preview) SonarQube analysis without pushing the results to the SonarQube server. Please contact your SonarQube administrator.
17:03:25
So this is misleading me, could someone please clarify?
Also, if the preview mode has been take out, what is the way forward to do the equivalent in Jenkins pipeline.
Second problem is -
My Jenkins pipeline code snippet is -
Code Snippet -
stage('Static Analysis') {
withEnv(["PATH+GRADLE=${tool 'gradle-4-2-1'}/bin",
"PATH+JDK=${tool 'jdk-8u121'}/bin",
"JAVA_HOME=${tool 'jdk-8u121'}"]) {
timeout(time: 15, unit: 'MINUTES') {
withSonarQubeEnv('mobile-sbx-sonar') {
sh "gradle --info -Dsonar.analysis.mode=publish -Dsonar.login=test -Dsonar.password=myPassword -PsonarBranch=${SONAR_BRANCH} sonarqube"
}
}
}
}
stage("Quality Gate"){
timeout(time: 1, unit: 'HOURS') { // Just in case something goes wrong, pipeline will be killed after a timeout
def qg = waitForQualityGate() // Reuse taskId previously collected by withSonarQubeEnv
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
So if i allow anonymous access in Sonarqube to execute analysis, everything works fine.
But if i turns that off, then my "Quality Gate" stage fails.
org.sonarqube.ws.client.HttpException: Error 403 on https://mySomarQubeURL/api/ce/task?id=AWGUbGCkPui42V1PimXU
Basically, I am looking for a way to pass the credentials to waitForQualityGate().
(I don't want to specify the user details in Sonar plugin configuration in Jenkins as we manage that via ansible and then it will be in plain text?)
G. Ann Campbell
Feb 14, 2018, 2:19:32 PM2/14/18
to SonarQube
Hi,
So first, it is incumbent on me to mention that 7.0 is the current version of SonarQube and 6.7.1 is the current LTS. If you were going to make the leap from 5.6.*, then it would have been better to land on at least on the LTS, and it's not too late. :-)
Regarding the documentation you linked to, it states that analysis mode is deprecated, not deleted. Deprecated means it's still there, but you should be moving away from it with all due haste. But for the meantime it will still work.
Regarding your Jenkins pipeline, it would really have been better if you had opened a separate thread for it; one question-one thread works best. Nonetheless...
What I notice about your pipeline configuration is that you're analyzing with sonar.login and sonar.password. The pipeline job I have is configured to pass a token as the login and not use password. Can you switch to that and see if it works?
Ann
psain...@gmail.com
Feb 15, 2018, 5:26:16 AM2/15/18
to SonarQube
Thanks for your response (Let's discuss only first problem in this post).
So it means with v6.6 i can still use "preview" mode.
For that can you guide me what i can use to fail my build? does sonar has build breaker capability for this mode?
The quality gate doesn't seems to be working with "preview" mode, as it complains about - "cannot find task id" which i guess is as per design. Preview mode can't see the quality gates.
Pankaj
G. Ann Campbell
Feb 15, 2018, 7:52:26 AM2/15/18
to psain...@gmail.com, SonarQube
Thanks for your response (Let's discuss only first problem in this post).So it means with v6.6 i can still use "preview" mode.
Yep. :-)
For that can you guide me what i can use to fail my build? does sonar has build breaker capability for this mode?
Can you use preview mode and fail your build? Yes, but there's no canned integration for that; you'll have to write it.
Does SonarQube have build breaker capability? Not exactly. There is a community plugin called Build Breaker, but it's not going to work with preview mode.
The quality gate doesn't seems to be working with "preview" mode, as it complains about - "cannot find task id" which i guess is as per design. Preview mode can't see the quality gates.
No, the quality gate wouldn't work with preview mode. Quality Gate status is computed server-side. Preview mode doesn't send anything to the server, so there's no calculation to be made.
What I suggest you consider instead is to drop the use of the (deprecated) preview mode & run full analyses (BTW "publish" is the default value, so just stop using sonar.analysis.mode altogether) and use webhooks to check the quality gate after the analysis report has been processed server-side.
Ann
psain...@gmail.com
Feb 16, 2018, 9:05:37 AM2/16/18
to SonarQube
Many Thanks for your response.
I am happy to do "full analysis" but the problem i see in that is, suppose I introduce an error in code and run full analysis, so in that my build will fail as per the quality gate check, but as that is the step after analysis so my database is already updated?.
so think of a scenario, when multiple developers working on a project on master branch, then values of error could go up and down?
Can we do something like if the Quality gate fails it doesn't update the issue count?
Also as per your earlier suggestion i tried to switch to v6.7.1 but it complains - "Database must be upgraded. Please backup database and browse /setup". i am using Postgres v9.6
Is there any compatibility issues?
G. Ann Campbell
Feb 16, 2018, 9:12:04 AM2/16/18
to psain...@gmail.com, SonarQube
Hi,
Yes, if everyone is working directly in the master branch, values will go up and down. But that's kinda the point. You want your project's SonarQube homepage to reflect your project quality. Now. In the moment. If people are checking new issues into the master branch, you don't want to hide that. Yes, I understand your strategy is to fail the build to bring attention to the new issues and get them cleaned up, but IMO that should be in addition to reflecting your current project quality in SonarQube.
As for your upgrade, the message you got is exactly what's supposed to happen. You're at step 6 in the upgrade guide.
Ann
--
You received this message because you are subscribed to a topic in the Google Groups "SonarQube" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/sonarqube/lPKBBMOrk1s/unsubscribe.
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/88126073-b85b-4000-bf82-b95e5abd5af9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
psain...@gmail.com
Feb 16, 2018, 9:15:17 AM2/16/18
to SonarQube
Many Thanks, i think i understood the point now :)
Yeah, database upgrade i noticed that, to go to the /setup page.
To unsubscribe from this group and all its topics, send an email to sonarqube+...@googlegroups.com.
psain...@gmail.com
Feb 16, 2018, 10:41:00 AM2/16/18
to SonarQube
Hello Ann,
I assume Sonar support multiple concurrent analysis running at same time?
As i mentioned we have a team of multiple developers so could be a case + jenkins so could be a scenario multiple executions will happen at same time on a project. Will that be fine?
G. Ann Campbell
Feb 16, 2018, 10:47:39 AM2/16/18
to psain...@gmail.com, SonarQube
Hi,
Yes, now that analysis reports are queued and processed serially, multiple simultaneous analysis is not a problem.
And BTW, if you decide to switch to developing in branches rather than master, the Developer Edition($) will support that.
Ann
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/30d78fbf-ea7c-4147-b2d7-c8d87ca3332f%40googlegroups.com.
psain...@gmail.com
Feb 18, 2018, 3:56:16 PM2/18/18
to SonarQube
Thank you Ann,
Last query, checking quality gate is fine with Jenkins builds (running in publish mode).
But what about developer machine, if developer wants to execute sonar analysis locally before pushing the code to Jenkins. Is that possible to run sonar qube analysis on a developer machine and check quality gate status via web hook?
We have gradle build and using sonarqube gradle plugin.
Thanks
Pankaj
G. Ann Campbell
Feb 19, 2018, 7:24:43 AM2/19/18
to psain...@gmail.com, SonarQube
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/8121d3d8-c1a4-4c12-9df8-e4d409313b82%40googlegroups.com.
Pankaj Saini
Feb 19, 2018, 12:37:59 PM2/19/18
to G. Ann Campbell, SonarQube
Yeah, i read about that but the code is for iOS App, developers work in XCode, so does sonarlint got a plugin for Xcode? I am not aware.
G. Ann Campbell
Feb 20, 2018, 7:36:06 AM2/20/18
to Pankaj Saini, SonarQube
psain...@gmail.com
Feb 21, 2018, 11:21:52 AM2/21/18
to SonarQube
I will check on that.
Also, how can i see the previous analysis report in sonar.
It always shows the latest in project dashboard. I mean the history of the project.
I am on v6.7.1 LTS
G. Ann Campbell
Feb 21, 2018, 11:26:04 AM2/21/18
to Pankaj Saini, SonarQube
Hi,
You're not going to be able to see the previous analysis as such in SonarQube, although you'll be able to get some of it from the graphs on the Activity page.
Ann
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/73173fec-061d-4e8e-87a8-381efae2dd40%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages