Sonar Webhook unreachable

I tried to put in place a sonar webhook in order to notify Jenkins that the quality gate is well updated, in my Jenkins file I added the following step:

   timeout(time: 1, unit: 'HOURS') {
        waitForQualityGate abortPipeline: true
    }    

And try to put in place a webhook from the sonar server with the url :
http://my-jenkins-server/sonarqube-webhook

The server seems to like the url that I provide (a green green check mark appear), but then when I launch a Jenkins job, Jenkins never receive the post and I have an error ā€œserver unreachableā€ next to the web hook in sonarQube. Any idea why?

Version of the tools:

  • Jenkins 2.150.2
  • Sonar quality gate plugin V1.3.1
  • SonarQube Developer Edition Version 7.7

Hi Louis,

You donā€™t need the Sonar quality gate plugin installed, but the Sonarqube Scanner for Jenkins -
see https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Jenkins
The community plugin Sonar quality gate plugin does active polling via web api (it was made for older Sonarqube versions without webhook feature), it doesnā€™t consume the webhook from Sonarqube server.
Is your Sonarqube behind a proxy ?
The jvm options with proxysettings has to be set on the Jenkins master, jvm settings on the node donā€™t work for pipelines.

Gilbert

1 Like

How to make webhook working if SonarQube server is behind a proxy?

Hi,

to make it work, the communication Sonarqube Server <-> Jenkins has to work both ways.
Jenkins > Sonarqube Server, the waitForQualityGate() of the plugin does an initial call
to Sonarqube server:
Thanks to the webhook, the step is implemented in a very lightweight way: no need to occupy a node doing polling, and it doesn't prevent Jenkins to restart (step will be restored after restart). Note that to prevent race conditions, when the step starts (or is restarted) a direct call is made to the server to check if the task is already completed.
If Sonarqube uses a proxy you have to make sure, Jenkins is able to reach Sonarqube.
Sonarqube Server > Jenkins
The Sonarqube webhook sends a JSON to Jenkins after background task has finished, so it must be able to reach Jenkins. e.g. in our case we have one central Sonarqube instance using a proxy , but multiple Jenkins in different network areas, so a lot of configuration involved (firewall ā€¦ etc.)

Gilbert

Clear, same configuration from my side.
Do you think itā€™s enough to check reachability of servers (Jenkins, SonarQube) through the browser?

Because Jenkins webhook is reachable through the browser, then JSON result POST needs to work but there is this ā€œServer unreachableā€ issue from SonarQube response.

Also, do you know if webhook request make some logs inside SonarQube instance? Into web.log there are no traceā€¦

Thanks
Luigi

Hi @luigisaggese,

we had the same problem and solved it with adopting the sonar.ce.javaOpts in
%SONARQUBE_HOME%/conf/sonar.properties
Itā€™s a gotcha, as one wouldnā€™t suppose the sonar.ce.JavaOpts setting would also
be used for the webhook. If you have several Jenkins you have to use '|' as separator.
sonar.ce.javaOpts=-server -Xmx4G -Xms512m -Xss1G -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=jenkins.com.foo|jenkins.com.fooo|jenkins.com.foooo
To see the Sonarqube webhook logs, see
https://yoursonarhost/admin/webhooks then open the gearwheel on the right of the webhook configuration and choose ā€˜Show recent deliveriesā€™

Gilbert

Hi Gilbert,

Thanks for chiming in!

FYI, Iā€™ve added a notation to SONAR-11251.

Ā 
Ann