Help getting waitForQualityGate to work

Hi there

I’m struggling to get the waitForQualityGate to work and I think it’s a connection issue.

Jenkins server version 2.138.3
Jenkins Sonarqube Scanner plugin version 2.8
SonarQube Server Version 8.3.1.34397

Jenkins Pipeline Code

stage(“Sonar Scan”) {
steps {
script {
withSonarQubeEnv(‘Sonar’) {
sh “${scannerHome}/bin/sonar-scanner -X -Dproject.settings=sonar.properties -Dsonar.login=${SONAR_AUTH_TOKEN} -Dsonar.host.url=${SONAR_HOST_URL}”
}
}
}
}
stage (“Sonar Quality Gate”) {
steps {
timeout(time: 1, unit: ‘MINUTES’) {
waitForQualityGate abortPipeline: true
}
}
}

Jenkins output

Checking status of SonarQube task ‘AXNXBU3IelPMiWk7pwJG’ on server ‘Sonar’
SonarQube task ‘AXNXBU3IelPMiWk7pwJG’ status is ‘IN_PROGRESS’
Cancelling nested steps due to timeout
Timeout has been exceeded
Finished: ABORTED

Project Level Webhook

URL http://[jenkinsurl]:[jenkinsport]/sonarqube-webhook/
No secret

Project Level Webhook Output

Response: 403

Duration: 6ms

Payload:
{
“serverUrl”: “http://localhost:9000”,
“taskId”: “AXNXBU3IelPMiWk7pwJG”,
“status”: “SUCCESS”,
“analysedAt”: “2020-07-16T09:46:48+0000”,
“revision”: “061568d39829d058dc86dd67a936f3cd533d7806”,
“changedAt”: “2020-07-16T09:46:48+0000”,
“project”: {
“key”: “[project key]”,
“name”: “[project name]”,
“url”: “http://localhost:9000/dashboard?id=[project id]”
},
“branch”: {
“name”: “master”,
“type”: “BRANCH”,
“isMain”: true,
“url”: “http://localhost:9000/dashboard?id=[project id]”
},
“qualityGate”: {
“name”: “SonarQube Gate [project name]”,
“status”: “OK”,
“conditions”: [
{
“metric”: “new_reliability_rating”,
“operator”: “GREATER_THAN”,
“value”: “1”,
“status”: “OK”,
“errorThreshold”: “1”
},
{
“metric”: “new_maintainability_rating”,
“operator”: “GREATER_THAN”,
“value”: “1”,
“status”: “OK”,
“errorThreshold”: “1”
}
]
},
“properties”: {}
}

I think the issue is the connection from the sonarqube server back to the jenkins server.

As you can see above, the quality gate passes, so I would have expected the job to not abort.

Does anyone know how I’d setup a logger in jenkins to catch any information coming from the sonarqube server, or have any other ideas on how I could debug the issue?

Thanks in advance for all your help.

I think I’ve found the issue.

The traffic is getting blocked by our internal proxy server, lovely.

So, net question is how do I tell the sonarqube webhooks to not use a proxy server for a particular URL/IP?

I think I’m getting close now

Matt

Hi @vanderkerkoff ,

have you tried to set -Dhttp.nonProxyHosts=heregoesyourspecifichost ?

Hi @Tobias_Trabelsi

Thanks so much for getting back

That looks exactly like the the type of thing I need. Where would be the best place to set that option up?

Thanks again

Matt

NP
Try it like this in your jenkinsfile:

sh “{scannerHome}/bin/sonar-scanner -X -Dhttp.nonProxyHosts=heregoesyourspecifichost -Dproject.settings=sonar.properties -Dsonar.login={SONAR_AUTH_TOKEN} -Dsonar.host.url=${SONAR_HOST_URL}”

Thanks for this Tobias

I did try what you suggested, but the call from sonarqube back to the jenkins server still tried to use the proxy server.

I think I have to set this option somewhere in the sonarqube server, possibly in the sonarqube/conf/sonar.properties file, does that ring a bell?

From the server logs I can see when the services are starting up that there is a nonproxyhost list being set on startup in both the web and the ce keys. I can also see the http and https proxies and IP’s being set up, all in bold below.

Launch process[[key=‘web’, ipcIndex=2, logFilenamePrefix=web]] from [/opt/sonarqube]: /opt/java/openjdk/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.proxyHost=[proxyip] -Dhttp.proxyPort=[proxyport] -Dhttp.nonProxyHosts=localhost|127.*|[::1] -Dhttps.proxyHost=[proxyip] -Dhttps.proxyPort=[proxyport] -cp ./lib/common/*:/opt/sonarqube/lib/jdbc/postgresql/postgresql-42.2.11.jar org.sonar.server.app.WebServer /opt/sonarqube/temp/sq-process6131962639915821107properties

Launch process[[key=‘ce’, ipcIndex=3, logFilenamePrefix=ce]] from [/opt/sonarqube]: /opt/java/openjdk/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.proxyHost=[proxyip] -Dhttp.proxyPort=[proxyport] -Dhttp.nonProxyHosts=localhost|127.*|[::1] -Dhttps.proxyHost=[proxyip] -Dhttps.proxyPort=[proxyport] -cp ./lib/common/*:/opt/sonarqube/lib/jdbc/postgresql/postgresql-42.2.11.jar org.sonar.ce.app.CeServer /opt/sonarqube/temp/sq-process1447163564437871723properties

I can see that in the sonar.properties file on the server we’ve got these entries

http.proxyHost=[proxyip]
http.proxyPort=[proxyport]

So taking that into account, I’m thinking that if I add another line to that file like below, and restart the server, both services should pick those up, and then the webhooks will use that value and not try to use the proxy when communicating back to the jenkins server.

http.nonProxyHosts=localhost|127.*|[::1]|[proxyip]

Sound like a plan?

Thanks again

The above has worked @Tobias_Trabelsi

Thanks so much for your help

Matt

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.