I am creating a GoCD pipeline to run sonar analysis for my project. Up to now, I have successfully configured sonar properties on my local file and it successfully pushes the metrics to the sonar server.
The problem occurs when creating a GoCD pipeline to run the analysis. I am unable to successfully install sonar scanner on GoCD agents. The error that I get when executing command sonar scanner from the pipeline is "SONAR_RUNNER_HOME does not point to a valid installation directory".
Currently We are running sonar-scanner from GoCD pipeline and checking SonarQube Quality Gates correctly.
What we do was the following: I created a bash script that launch the sonar-scanner. This script (and other ones used by our GoCD configuation) is inside a second Git Material (the first one is the Project source code). We have installed the 'SonarQube Quality Gates Task Plugin' to evaluate our SonarQube quality gates.
So we have a Job in our Pipeline with the following tasks:
Type: Custom Command --- Run if: Passed --- Command: /bin/bash
--- Arguments: path_to_sonar_scanner_bash_script_launcher.sh --- Working Directory: your_working_dir
Type: SonarQube - Quality Gate --- Run if:
Passed --- Key of the SonarQube project: sonar_qube_project_id ---
Fail Quality Gate result: error Sonar --- Api Url:
http://your_sonar:9000/api
We have GoCD agent and sonarqube installed in the same machine.
I expect this help you.
Related
I have a gitlab pipeline set up where it will invoke sonarqube for source code analysis. Unfortunately, SonarQube stubbornly claims 'The main branch has no lines of code.', but if I analyze the same code on gitlab-runner, the whole thing is displayed correctly and I can see the results of the analysis.
On gitlab-runner, I run the following command:
gitlab-runner exec shell sonarqube-analyze
Wheren sonarqube-analyze is a name of gitlab-ci job
We have a build that runs SonarQube from Jenkins using a bash script, and we want to get the results of the tests back in the Jenkins pipeline so we can prevent merges on fail. We are using v2 of Jenkins, but it is an old version that doesn't support the SonarQube Jenkins plugin, and upgrading Jenkins isn't something we can accomplish in our sprint.
Is there is a way to get the results to gate our pipeline with what we have? At the moment this is how we're running SonarQube from Jenkins in OpenShift.
dotnet build
~/.dotnet/tools/coverlet "./bin/Debug/netcoreapp3.1/AppTests.dll" --target "dotnet" --targetargs 'test . --no-build --logger "trx;LogFileName=TestResults.trx" --logger "xunit;LogFileName=TestResults.xml" --results-directory ../BuildReports/UnitTests' -f opencover -o ./BuildReports/Coverage/coverage
dotnet build-server shutdown
~/.dotnet/tools/dotnet-sonarscanner begin /k:${APP_NAME} /n:${APP_NAME} /d:sonar.host.url=${SONAR_URL} /d:sonar.cs.opencover.reportsPaths="./BuildReports/Coverage/coverage.opencover.xml" /d:sonar.exclusions="**/Migrations/*" /d:sonar.coverage.exclusions="**Tests*.cs","**/Migrations/*","**/Program.cs" /d:sonar.cpd.exclusions="**/Migrations/*" /d:sonar.cs.vstest.reportsPaths="./BuildReports/UnitTests/TestResults.trx" /d:sonar.cs.nunit.reportsPaths="./BuildReports/UnitTests/TestResults.xml"
dotnet build -v n
~/.dotnet/tools/dotnet-sonarscanner end
dotnet build-server shutdown
Install the Build Breaker plugin on the SonarQube server. And enable it for the project you are scanning -- to do this go to Project Settings on the SonarQube server. You may need server level and project level Administrative rights for doing this.
Now the Sonar Scanner will check for the quality gate status after doing the code analysis. In case the quality gate fails, the scanner returns with a non-zero status code that can be used to mark the build as “failed”.
https://github.com/adnovum/sonar-build-breaker#sonarqube-build-breaker-plugin
In case you don't have control over what gets installed on the SonarQube server, then you may write a bash script to use the curl command to hit web API of your SonarQube server to first find if the analysis report has been processed by the SonarQube server and then the quality gate status of the code analysis just concluded.
For the documentation of the web API, see http://<sonarqube-server-host>/web_api.
I have an application in springboot which uses gradle to build the code.
I have setup https://github.com/gabrie-allaigre/sonar-gitlab-plugin on SonarQube and have integrated gitlab CI
to analyse code on every push/commit. What I want to achieve is to break the push/commit if the analysis fails.
Below is my .gitlab-ci.yml
image: XXXXXX:oraclejdk:1.8.0_121
before_script:
- export GRADLE_USER_HOME=`pwd`/.gradle
sonarqube_master_job:
stage: test
only:
- master
- release2.0
script:
- ./gradlew assemble
- ./gradlew -x test sonarqube -Dsonar.host.url=http://sonarqube.XXX.XXX.XXX:9000/sonarqube -Dsonar.login=xxxxxxxxxxxxxxxxxxxx
sonarqube_preview_feature_job:
stage: test
only:
- /^feature\/*/
- development
script:
- git checkout $CI_COMMIT_REF_NAME
- git merge --no-commit --no-ff
- ./gradlew assemble
- ./gradlew -x test sonarqube -Dsonar.host.url=http://XXXX.XXXXX.com:9000/sonarqube -Dsonar.login=xxxxxxxxxxxxxxxxxxxxx -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_REF -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID --stacktrace
How do I make sure the push fails if the analysis fails? Do I need to use webhooks. Is there a sample CI file?
#jibsonline, You can refer to my answer provided in the below link.
However the script answers only how to break the build on sonar analysis and display the results.
How to integrate Sonar Quality Gates with Gitlab-CI
Since gitlab triggers the build, once the changes were pushed, it is not advisable to set up an automated tool to revert the code changes on your behalf. Whenever a build fails, write script (dependencies) such that the code will not be deployed. Since the code is not deployed, your environment will not be effected. Also,set up an email configuration whenever build fails.
I am trying to add SonarQube analysis to our OSS Project with travis on Github.
I performed the following steps:
Create a organization and project on sonarcloud.io
Add the sonarcloud definition in .travis.yml
Create a sonar-project.properties file
Push everything to a feature branch called feature/sonarcloud
Add this branch to travis.yml and properties file.
The final result can be seen here:
https://github.com/open62541/open62541/tree/feature/sonarcloud
Unfortunately Travis does not submit the sonar analysis:
INFO: Scanner configuration file:
/home/travis/.sonarscanner/sonar-scanner-2.8/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner analysis skipped
(See also https://travis-ci.org/open62541/open62541/jobs/287631673)
I already tried to forcefully set export SONARQUBE_SKIPPED=false but it is still skipped. How can I find out why the scanner analysis is skipped?
Related questions:
SonarQube Scanner analysis skipped in travis CI
Travis CI skipping SonarQube analysis
As you can read in the Travis CI logs, at line 556:
Skipping SonarCloud Scan because this branch is not master or it does not match declared branches
This is because you haven't activated analysis on that "feature/sonarcloud" branch. As described in the official documentation, you can achieve that like this:
addons:
sonarcloud:
organization: open62541
token:
secure: "..."
branches:
- master
- feature/sonarcloud
I am running the SonarScanner using the sonar-web-frontend-plugin from the commandLine, it picks up the files and runs and I get an execution Failure
ERROR: Error during SonarQube Scanner execution
java.lang.IllegalStateException: Report processing did not complete successfully
: FAILED
My sonar-project.properties look like this
# must be unique in a given SonarQube instance
sonar.projectKey=Test.UI
# this is the name displayed in the SonarQube UI
sonar.projectName=Test.UI
sonar.projectVersion=1.0
# Comma-separated paths to directories with sources (required)
sonar.sources=src/app
# exclude some files and folders (typically dependencies)
sonar.exclusions=bower_components/**/*, node_modules/**/*
# Encoding of the source files
sonar.sourceEncoding=UTF-8
You have the Build Breaker plugin installed on your SonarQube instance.
Your project failed its quality gate.
The Build Breaker plugin did its job, and "broke" (returned a non-success status code) your build.
Seems like it was because i had the default JS rules still installed and they can't exist side by side.