Capturing quality gate status from Sonarqube

1,089 views
Skip to first unread message

m...@thomaskeller.biz

unread,
Nov 15, 2016, 4:49:10 AM11/15/16
to SonarQube
To capture the quality gate status from Sonarqube after a successful analysis I use the following Gradle task:

task sonarqubeResult {

        doLast {

            def branchName = envOrDefault('BRANCH_NAME', null)

            def sonarHost = envOrDefault('SONAR_HOST_URL', null)

            def sonarAuthToken = envOrDefault('SONAR_AUTH_TOKEN', null)

            if (!branchName || !sonarHost || !sonarAuthToken) {

                throw new GradleException('Sonarqube / Pipeline environment variables not set.')

            }

            def projectKey = project.group + ':' + project.name + ':' + branchName

            def url = sonarHost + '/api/qualitygates/project_status?projectKey=' + projectKey

            def basicAuth = (sonarAuthToken + ":").bytes.encodeBase64().toString()

            def json = url.toURL().getText(requestProperties: [Authorization: 'Basic ' + basicAuth])

            def parsed = new groovy.json.JsonSlurper().parseText(json)

            println 'Quality Gate Status is: ' + parsed['projectStatus']['status']

        }

}



What I always wondered however was why the Gradle Sonarqube task could itself not simple query this status and output it directly as a result of the execution? In the end, all the needed properties should be already known to the plugin (project key, auth token, host URL, etc.) and it would ease even more the integration of Sonarqube in CI pipelines.

vbal...@gmail.com

unread,
Dec 19, 2017, 9:50:58 AM12/19/17
to SonarQube
Hi,

First of all thanks for your post it helped me a lot. I improved a little bit your idea, now it runs the sonar validation and makes the gradle build fail if necessary

task sonarqubeResult {
    doLast {
        def sonarAuthToken = System.getProperty("sonar.login")
        def projectKey = project.group + ':' + project.name
        def sonarurl = System.getProperty("sonar.host.url")+'/api/qualitygates/project_status?projectKey='+projectKey
        def basicAuth = (sonarAuthToken + ":").bytes.encodeBase64().toString()
        def json = sonarurl.toURL().getText(requestProperties: [Authorization: 'Basic ' + basicAuth])
        def parsed = new groovy.json.JsonSlurper().parseText(json)

        if(parsed['projectStatus']['status'] != 'OK'){
             throw new GradleException("sonar quality gateway is failing!")
        }
    }
}

tasks.sonarqubeResult.dependsOn('sonarqube')

You can call it with: ./gradlew sonarqubeResult -Dsonar.host.url=[sonar url] -Dsonar.login=[my analysis token]

josuepa...@gmail.com

unread,
Dec 26, 2017, 7:58:10 PM12/26/17
to SonarQube
Hello I'm new in this kind of configurations. cloud you tell me what "project.group" is ?

vbal...@gmail.com

unread,
Dec 27, 2017, 4:18:51 PM12/27/17
to SonarQube
Hello,

The group is effectively a namespace for identifying the artifact or artifacts produced by a build. (https://stackoverflow.com/a/31440557).  
In Gradle you can set the group in the build.gradle the following way:
group = 'com.example'
name = 'example'

Sonar URL will contain the project group and the project name e.g. https://sonarcloud.io/api/qualitygates/project_status?projectKey=org.assertj%3Aassertj-core 
Note: colon ( : ) is encoded to %3A
Reply all
Reply to author
Forward
0 new messages