How to get new quality gate values when re-evaluate pull requests

emonterodelrio · September 16, 2021, 6:14am

We have a script that checks the status of pull requests on sonar. After sending the scan we keep checking the completion of the scan because when the scan is not finished the sonar responds like this:

{"errors": [{"msg": "Pull request '175309' in project 'myProject' not found"}]}

Our analysis script:

gradlew sonarqube -Dsonar.pullrequest.key=$ghprbPullId -Dsonar.pullrequest.branch=$ghprbSourceBranch -Dsonar.pullrequest.base=$ghprbTargetBranch ....... 
    
while ! curl -f -s -X POST "http://my.sonar.host/api/qualitygates/project_status?projectKey=myProject&pullRequest=$ghprbPullId" > /dev/null; do
  echo "Waiting for analysis results, don't exists yet"
  sleep 1;
done

When sonar answers, checking .projectStatus.status in returned json will let us know how pull request analisys was.

if [ $(curl -s -X POST "http://my.sonar.host/api/qualitygates/project_status?projectKey=myProject&pullRequest=$ghprbPullId" | jq -r .projectStatus.status) == "OK" ]; then
  echo -e "\n\n\e[1m\e[32mOK, this pull request pass quality gate validations\e[0m\n\n"
  exit 0
fi

if [ $(curl -s -X POST "http://my.sonar.host/api/qualitygates/project_status?projectKey=myProject&pullRequest=$ghprbPullId" | jq -r .projectStatus.status) == "ERROR" ]; then
  echo -e "\n\n\e[1m\e[31mError, this pull request does not pass quality gate validations\e[0m\n\n"
  exit 1
fi

Problem comes now, developer’s fix what sonar says, then re-check that pull request. But when analysys has been sent, but not processed by sonar yet; curl answers saying ERROR because sonar has not finished current fixed pull request analysis.

Problem comes now, developers fix what sonar says and then recheck that pull request. But when the analysis has been sent, but not processed by sonar yet; curl:

curl -s -X POST "http://my.sonar.host/api/qualitygates/project_status?projectKey=myProject&pullRequest=$ghprbPullId" | jq -r .projectStatus.status

responds ERROR because sonar has not finished the analysis of the current pull request fixed and is showing previous analysis results.

I have seen that there is a analysisId at GET method api/qualitygates/project_status api, but gradle analysis does not return that id. With that id i could differentiate several analysis over same pull request, checking just current analysis.

I also try to sleep one minute after sending analysis to ensure sonar has finished with it, but is a bad solution because normally it takes seconds and i am lossing time.

How could i differentiate analysis of same pr using api?
Maybe is there some api methor to query about pull request analysis status instead of waiting for .projectStatus.status? I don’t find it

Regards
Eloy

emonterodelrio · September 20, 2021, 8:22am

I found a workaround. I could delete pull request from sonar using POST api/project_pull_requests/delete before relaunch analysis.

But if relaunched analysis fails, i wont have any data at sonar for this pull request.

Does anyone come up with a less destructive solution?

Regards
Eloy

ganncamp · September 23, 2021, 4:48pm

Hi Eloy,

This is what we wrote webhooks for - to notify your system that processing is complete. The webhook payload even includes the QG status and conditions. I think switching to using webhooks would be your best bet.

HTH,
Ann

emonterodelrio · September 24, 2021, 5:55am

Hi,
ok, webhooks.

But what if i haven’t any kind of server to receive them? I im using bash.

Regards

ganncamp · September 24, 2021, 12:12pm

Hi,

If you’re using bash, what’s kicking off your jobs? Surely you have some kind of automation in place?

Ann

emonterodelrio · October 6, 2021, 6:27am

Hi, I finally managed to solve it using the api:

#Get date
START_DATE=$(date "+%s")

#Execute analysis
./gradlew clean build jacocoTestReport sonarqube --max-workers=4 --rerun-tasks --stacktrace -Dsonar.pullrequest.key=$ghprbPullId -Dsonar.pullrequest.branch=$ghprbSourceBranch -Dsonar.pullrequest.base=$ghprbTargetBranch

#While empty date retry, empty date means analysis has not being finished yet at sonar.
while [[ -z $(curl -f -s -X POST "http://sonar-sonarqube-01.kite.lab/api/project_pull_requests/list?project=mc-tdr" | jq -r ".pullRequests[] | select(.key==\"$ghprbPullId\") | .analysisDate") ]]; do
  echo "Waiting for results at sonar"
  sleep 1
done

#Once we have data, we ask for analysis date
END_DATE=$(date -d $(curl -f -s -X POST "http://sonar-sonarqube-01.kite.lab/api/project_pull_requests/list?project=mc-tdr" | jq -r ".pullRequests[] | select(.key==\"$ghprbPullId\") | .analysisDate" ) +"%s")

#While analysis is newer than start date, then retry. This check allows me to diferentiate between analysis of same pull request
while [ "$START_DATE" -gt "$END_DATE" ]; do
  echo "Waiting for analysis results"
  END_DATE=$(date -d $(curl -f -s -X POST "http://sonar-sonarqube-01.kite.lab/api/project_pull_requests/list?project=mc-tdr" | jq -r ".pullRequests[] | select(.key==\"$ghprbPullId\") | .analysisDate" ) +"%s")
  sleep 1;
done

After this, i could check analysis status.

system · October 13, 2021, 6:28am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sonarqube api qualitygates/project_status recieve wrong status SonarQube Server / Community Build	12	4519	June 15, 2020
Pull request has violations but still mark the quality gate as passed SonarQube Server / Community Build java , sonarqube	3	485	January 12, 2021
SonarQuality Gate API issue SonarQube Server / Community Build	2	573	April 8, 2021
Pull request - Quality gate new code not being scanned SonarQube Server / Community Build sonarqube , scanner , quality-gate	6	715	June 28, 2022
How to get the Quality Gate satus and the revision of an analysed PR over Web-API? Product Manager for a Day web_api , pull-request , quality-gate	3	1745	June 1, 2023

How to get new quality gate values when re-evaluate pull requests

Related topics