I have done in scan Java project by using integration between Jenkins and SonarQube. However, I receive “Failed” status despite of buid successfull. If I scan source code on server, I receive “Passed”. Can you explain this issue for me? Thanks.
Hey there.
A failed Quality Gate doesn’t necessarily mean your build will fail (unless you’ve configured it that way). I would suggest looking at the documentation for the SonarScanner for Jenkins > Pause pipeline until the Quality Gate is computed
thank for your reply, can you explain more detail information about this issue Quality Gate? I do not configure Quality Gate and use default configuration in SonarQube. Moreover, I scanned many times and never see that failed status so I feel confused when I use Jenkins to SonarQube! @Colin
Hi,
did you use the waitForQualityGate() step in your pipeline ?
You need also configure a webhook in Sonarqube for your Jenkins instance, see
Gilbert
Hi Gibert,
Thanks for your reply. In Jenkins configuration, I do not use pipleplines so I do not configure waitForQualityGate() in Jenkins. I configured credentials to connect between Jenkins and SonarQube instead of webhooks.
What is wrong here? @Rebse
I still don not understand when there is a difference between using Jenkins to SonarQube and single SonarScanner.
I used the same source code to build and scan, and I meet a issue when I combination integration Jenkins to SonarQube to check security and received that report in my attached above image. However, if I only use SonarScanner to check, I receive a report that has “Passed” status.
So how do you check the quality gate status in your classic Jenkins Job ?
Since Sonarqube 8.x you may use
sonar.qualitygate.wait and sonar.qualitygate.timeout (default 300sec) to make the scanner do the polling for you, no need to ask for the quality gate result via rest api
see Analysis parameters
However, I receive “Failed” status despite of buid successfull. If I scan source code on server, I receive “Passed”. Can you explain this issue for me? Thanks.
@Hieu_Ha Scanning code for issues is not going to find something like test coverage, because that requires the code to be built and executed by the unit tests and the results and coverage data from those tests needs to be forwarded to Sonar.
Your quality gate is set to fail if the new code coverage is not 80%. It looks like Sonar thinks its 0% which is why its reporting “Failed”. Is your unit test coverage really 0%? Are you reporting coverage information to Sonar in addition to the scanner results?