Howdy,
We’re using the following versions of SonarQube:
SonarScanner CLI: 4.3.0 (also tried with 4.2.0)
SonarQube Server: 7.9.1
Attempting to run sonar-scanner in either GitLab CI OR locally with the flag -Dsonar.qualitygate.wait=true does not work as expected. sonar-scanner will always return a successful exit code regardless of whether or not the project fails the quality gate, which means our pipelines will always succeed.
INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 11.0.3 AdoptOpenJDK (64-bit)
INFO: Linux 3.10.0-957.el7.x86_64 amd64
INFO: User cache: /home/scanner-cli/.sonar/cache
INFO: SonarQube server 7.9.1
INFO: Default locale: "en_US", source code encoding: "US-ASCII" (analysis is platform dependent)
INFO: Load global settings
INFO: Load global settings (done) | time=186ms
INFO: Server id: <REDACTED>
INFO: User cache: /home/scanner-cli/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=50ms
INFO: Load/download plugins (done) | time=2071ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=4ms
INFO: Project key: <REDACTED>
INFO: Base dir: <REDACTED>
INFO: Working dir: <REDACTED>
INFO: Load project settings for component key: '<REDACTED>'
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=48ms
INFO: Detected Gitlab CI
INFO: Load active rules
INFO: Load active rules (done) | time=510ms
INFO: Indexing files...
INFO: Project configuration:
INFO: 68 files indexed
INFO: 0 files ignored because of scm ignore settings
INFO: Quality profile for kotlin: Sonar way
INFO: Quality profile for xml: Sonar way
INFO: ------------- Run sensors on module <REDACTED>
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=24ms
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by net.sf.cglib.core.ReflectUtils$1 (file:/home/scanner-cli/.sonar/cache/866bb1adbf016ea515620f1aaa15ec53/sonar-javascript-plugin.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of net.sf.cglib.core.ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=4ms
INFO: Sensor Kotlin Sensor [kotlin]
INFO: 42 source files to be analyzed
INFO: Load project repositories
INFO: Load project repositories (done) | time=9ms
INFO: Sensor Kotlin Sensor [kotlin] (done) | time=1393ms
INFO: Sensor JavaXmlSensor [java]
INFO: 42/42 source files have been analyzed
INFO: 2 source files to be analyzed
INFO: Sensor JavaXmlSensor [java] (done) | time=176ms
INFO: Sensor HTML [web]
INFO: 2/2 source files have been analyzed
INFO: Sensor HTML [web] (done) | time=16ms
INFO: Sensor XML Sensor [xml]
INFO: 2 source files to be analyzed
INFO: Sensor XML Sensor [xml] (done) | time=127ms
INFO: 2/2 source files have been analyzed
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=15ms
INFO: SCM provider for this project is: git
INFO: 44 files to be analyzed
INFO: 44/44 files analyzed
INFO: 5 files had no CPD blocks
INFO: Calculating CPD for 37 files
INFO: CPD calculation finished
INFO: Analysis report generated in 74ms, dir size=186 KB
INFO: Analysis report compressed in 98ms, zip size=100 KB
INFO: Analysis report uploaded in 224ms
INFO: ANALYSIS SUCCESSFUL, you can browse <REDACTED>
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at <REDACTED>
INFO: Analysis total time: 5.301 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 9.461s
INFO: Final Memory: 14M/54M
INFO: ------------------------------------------------------------------------
Here are all of the CLI properties I am defining:
sonar-scanner \
-Dsonar.qualitygate.wait=true \
-Dsonar.qualitygate.timeout=300 \
-Dsonar.projectKey=<REDACTED> \
-Dsonar.projectName=<REDACTED> \
-Dsonar.projectVersion=1.0.0
Is this expected? I would like to re-iterate that this happens OUTSIDE of GitLab as well, so it has NOTHING to do with the integration between GitLab and SonarQube.
Regards,
Jayden