As of now I know sonar has dropped support for Build-braker plugin but I am trying to integrate build breaker plugin for sonarqube. I have 5.6 version of sonarqube and build breaker with 1.1 version installed.In Build breaker plugin I have setup sonar.buildbreaker.skip to false. And I run job using Jenkins and maven. for sonarqube analysis I have setup a phase as "prepare-package" where it runs automatically when I do mvn clean install. But, eventhough my quality gate shows failed, my build is still getting success rather than failing. I tried to find documentation but I didn't found better for this. https://docs.sonarqube.org/display/SONARQUBE45/Build+Breaker+Plugin
Related
i got a Maven Jenkins Job (not a Pipeline job) which runs a code analysis with sonar (mvn sonar:sonar). The Sonar report is create and everthing is fine. Now I want that the Jenkins job fails or at least gets a warning state if Sonar does not reach the quality gate.
I running Jenkins ver. 2.176.3.
How do I config the job? I only found a solution for a pipeline job with SonarQube (https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-jenkins/)
Thanks ...
Found a solution.
https://github.com/jenkinsci/sonar-quality-gates-plugin/blob/master/README.md
Just install the plugin and add as Post Build Step "Quality Gates SonarQube Plugin".
I am using SonarQube version 6.7 for running analysis of Maven projects using the command mvn clean verify sonar:sonar from the project directory using command prompt and get the results. The sonar configurations in settings.xml for maven (v3.5.3) are added respectively.
In Jenkins (version 2.161), I have installed SonarQube Scanner for Jenkins (v2.8.1) plugin. The SonarQube Server configuration is configured as below.
In the Jenkins maven project, I have configured the post steps as below.
I have checked the Prepare SonarQube Scanner environment in the Build Environment section and the Build goal is -e clean verify sonar:sonar.
My issue is, when the SonarQube analysis for a maven project is triggered through command prompt using the command mvn clean verify sonar:sonar, I am getting the results as expected. But when the Jenkins job is triggered with the configurations above for the same maven project, the results are different and incorrect. What am I missing?
P.S- In the Post-build Actions, I can see the SonarQube analysis with maven is deprecated.
Thanks in advance.
You use different scanners. First you used SonarScanner for Maven (mvn sonar:sonar). Next you used Basi SonarScanner, which requires manual configuration of all options.
The best option to sole it is always use the same scanner. You have Maven project, so you can enable Prepare SonarQube Scanner environment in Build Environment, and next execute Sonar goal $SONAR_MAVEN_GOAL in Build.
We are using sonarqube(5.1.2) and jenkins(2.51) to run code analysis. Now we are planning to upgrade sonarqube to version 5.6.4.
Do we also need to upgrade Jenkins ?
No you don't have to.
Sonar is an independent tool, Jenkins is responsible only for running maven/gradle script, that will 'feed' sonar with data. Just make sure you have same credentials for new sonar and it should be fine.
You could consider upgrading Sonar plugin version also.
Just check whether the sonar plugin installed in Jenkins will support the new Sonarqube version else you will have to upgrade the plugin.
I have installed Sonarqube plugin in Jenkins and configurations are done for SonarQube and sonar-runner in Manage Jenkins->configure System.
I want to trigger analysis for Gradle project. I would like to know the steps to be followed.
The Jenkins SonarQube plugin only allows to easily launch some SonarQube analysis with help of SonarRunner or Maven. If you want to launch a SonarQube analysis with help of the Gradle SonarQube plugin (see the docs) you must manually configure your Jenkins job to execute 'gradle sonarqube'. Simple example for SonarQube with Gradle is provided here.
I upgraded my sonarqube from 4.1 to 4.4. as in the latest java plugin 2.4 you don't need to have a JaCoCo plugin. I have deleted the jacoco plugin, but now i can not see Tes coverage on sonar dashboard - it's blank. We use bamboo for CI tool and run sonar build from Bamboo. we run below maven command from bamboo build .
clean verify -Psonar sonar:sonar -U -fae -Dsonar.forceAnalysis=true
With latest versions of the SQ Java plugin, tests are no longer automatically executed. They must be executed prior to the SonarQube analysis and configured so that they produce reports that can be read by the SQ Java plugin.
Everything is explained on the Code Coverage by Unit Tests for Java Project documentation page.