Sonar Webhook unreachable

sonarqube
webhooks
(Louis Heche) #1

I tried to put in place a sonar webhook in order to notify Jenkins that the quality gate is well updated, in my Jenkins file I added the following step:

   timeout(time: 1, unit: 'HOURS') {
        waitForQualityGate abortPipeline: true
    }    

And try to put in place a webhook from the sonar server with the url :
http://my-jenkins-server/sonarqube-webhook

The server seems to like the url that I provide (a green green check mark appear), but then when I launch a Jenkins job, Jenkins never receive the post and I have an error “server unreachable” next to the web hook in sonarQube. Any idea why?

Version of the tools:

  • Jenkins 2.150.2
  • Sonar quality gate plugin V1.3.1
  • SonarQube Developer Edition Version 7.7
(Gilbert Rebhan) #2

Hi Louis,

You don’t need the Sonar quality gate plugin installed, but the Sonarqube Scanner for Jenkins -
see https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Jenkins
The community plugin Sonar quality gate plugin does active polling via web api (it was made for older Sonarqube versions without webhook feature), it doesn’t consume the webhook from Sonarqube server.
Is your Sonarqube behind a proxy ?
The jvm options with proxysettings has to be set on the Jenkins master, jvm settings on the node don’t work for pipelines.

Gilbert

1 Like
(Luigi) #3

How to make webhook working if SonarQube server is behind a proxy?

(Gilbert Rebhan) #4

Hi,

to make it work, the communication Sonarqube Server <-> Jenkins has to work both ways.
Jenkins > Sonarqube Server, the waitForQualityGate() of the plugin does an initial call
to Sonarqube server:
Thanks to the webhook, the step is implemented in a very lightweight way: no need to occupy a node doing polling, and it doesn't prevent Jenkins to restart (step will be restored after restart). Note that to prevent race conditions, when the step starts (or is restarted) a direct call is made to the server to check if the task is already completed.
If Sonarqube uses a proxy you have to make sure, Jenkins is able to reach Sonarqube.
Sonarqube Server > Jenkins
The Sonarqube webhook sends a JSON to Jenkins after background task has finished, so it must be able to reach Jenkins. e.g. in our case we have one central Sonarqube instance using a proxy , but multiple Jenkins in different network areas, so a lot of configuration involved (firewall … etc.)

Gilbert

(Luigi) #5

Clear, same configuration from my side.
Do you think it’s enough to check reachability of servers (Jenkins, SonarQube) through the browser?

Because Jenkins webhook is reachable through the browser, then JSON result POST needs to work but there is this “Server unreachable” issue from SonarQube response.

Also, do you know if webhook request make some logs inside SonarQube instance? Into web.log there are no trace…

Thanks
Luigi

(Gilbert Rebhan) #6

Hi @luigisaggese,

we had the same problem and solved it with adopting the sonar.ce.javaOpts in
%SONARQUBE_HOME%/conf/sonar.properties
It’s a gotcha, as one wouldn’t suppose the sonar.ce.JavaOpts setting would also
be used for the webhook. If you have several Jenkins you have to use '|' as separator.
sonar.ce.javaOpts=-server -Xmx4G -Xms512m -Xss1G -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=jenkins.com.foo|jenkins.com.fooo|jenkins.com.foooo
To see the Sonarqube webhook logs, see
https://yoursonarhost/admin/webhooks then open the gearwheel on the right of the webhook configuration and choose ‘Show recent deliveries’

Gilbert

(G Ann Campbell) #7

Hi Gilbert,

Thanks for chiming in!

FYI, I’ve added a notation to SONAR-11251.

 
Ann