[RFE] Jenkins pipeline - reason of the Quality gate failure

2,309 views
Skip to first unread message

Arnaud Héritier

unread,
Mar 8, 2018, 2:00:10 PM3/8/18
to SonarQube
Hi team,

  I'm not completely sure how to open a RFE. 
  This need was reported by a customer of CloudBees and I wanted to share it with you as I think it is a useful one.

  Let's say with have a classical pipeline with a sonar control and quality gate verification for a maven job (it could be anything else for sure even if it's not really serious to use others tools :-) ) like described in 

(you'll note the erroneous code header : SonarQube Scanner for MSBuild)

node {
  stage('SCM') {
  }
  stage('SonarQube analysis') {
    withSonarQubeEnv('My SonarQube Server') {
      sh 'mvn clean package sonar:sonar'
    // SonarQube taskId is automatically attached to the pipeline context
  }
}
  
// No need to occupy a node
stage("Quality Gate"){
  timeout(time: 1, unit: 'HOURS') { // Just in case something goes wrong, pipeline will be killed after a timeout
    def qg = waitForQualityGate() // Reuse taskId previously collected by withSonarQubeEnv
    if (qg.status != 'OK') {
      error "Pipeline aborted due to quality gate failure: ${qg.status}"
    }
  }
}

For now qg has only a status property (https://github.com/SonarSource/sonar-scanner-jenkins/blob/master/src/main/java/org/sonarsource/scanner/jenkins/pipeline/WaitForQualityGateStep.java#L52). 

Could it be possible to have (even if simplified) an access to the summary of the failures when the result is KO ? it could be used to send an email etc ... 
AFAIU it isn't so easy (otherwise I had proposed a PR instead of sending an email) because the Web Service Client doesn't allow it ( https://github.com/SonarSource/sonar-scanner-jenkins/blob/master/src/main/java/hudson/plugins/sonar/client/WsClient.java#L245 ) and I'm not sure if your remote APIs are already exposing them.

WDYT ? 

Cheers

Colin Mueller

unread,
Mar 8, 2018, 2:15:48 PM3/8/18
to SonarQube
Arnuad,

Deviating a little from your request, you might be interested to know that in SonarQube you can set at the project level to receieve an e-mail notification when the quality gate status changes (My Account > Notifications > Notifcations per Project). That e-mail should also include details on why the quality gate is now failing.

(Straying further, I couldn't trigger the notification when the quality gate changed based on live measures instead of a new scan. Is that a known limitation, @SonarSource?)

Colin

Arnaud Héritier

unread,
Apr 13, 2018, 8:26:13 AM4/13/18
to SonarQube
Hi Colin

  Effectively it could be an acceptable workaround if noone in SonarQube side wants to study the interest my request #sadpanda

Thanks a lot

G. Ann Campbell

unread,
Apr 13, 2018, 2:28:08 PM4/13/18
to SonarQube
Hi Arnaud,

Out of curiosity, what would you do with the QG condition values in this context?


Ann

Arnaud Héritier

unread,
Apr 13, 2018, 2:39:59 PM4/13/18
to G. Ann Campbell, SonarQube
Hi Ann 

As it is in a pipeline the goal is too reuse them in various notifiers (emails, chats,...) but it could allow to have a different workflow depending of the type / criticity of the error. 

Instead of just OK/KO we could have some more fine grain rules

If (qg.contains(« empty_catch ») {
  Notify « Freddy »
}

--
You received this message because you are subscribed to a topic in the Google Groups "SonarQube" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/sonarqube/nKizeHduEyw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/e97088b7-b6a7-4553-b896-a0569f358bcf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
-----
Arnaud Héritier
Mail/GTalk: aheritier AT gmail DOT com
Twitter/Skype : aheritier

G. Ann Campbell

unread,
Apr 13, 2018, 2:59:27 PM4/13/18
to SonarQube
Hi,

Just to be sure, you want this even though every condition is reported, not just the failed ones?

E.g.
 "conditions": [
      {
        "metric": "skipped_tests",
        "operator": "GREATER_THAN",
        "value": "0",
        "status": "OK",
        "onLeakPeriod": true,
        "warningThreshold": "0"
      },
      {
        "metric": "new_duplicated_lines_density",
        "operator": "GREATER_THAN",
        "value": "0.0",
        "status": "OK",
        "onLeakPeriod": true,
        "errorThreshold": "3"
      },
      ...

Ann
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.

Arnaud Héritier

unread,
Apr 13, 2018, 3:28:40 PM4/13/18
to G. Ann Campbell, SonarQube
For those who may need to create a specific report, yes it could be useful to have both of them 
Thus yes something similar to your proposition


For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages