The PR decoration works, if we pass the following parameters in the gradle.build file:
property ‘sonar.pullrequest.key’, ‘68’
property ‘sonar.pullrequest.base’, ‘master’
property ‘sonar.pullrequest.branch’, ‘feature/sonarqube_properties’
However, its desirable to pass these parameters programatically by Jenkins, as we often do not know the ‘sonar.pullrequest.key’ until after the Pull Request is raised.
As per https://docs.sonarqube.org/latest/analysis/pull-request/ , in the analyses parameters section at the end of the document, the statement “Scanners running on Jenkins with the Branch Source plugin configured, GitLab CI/CD, and Cirrus CI automatically detect these parameters, and you don’t need to pass them manually”
– We use Jenkins as our CI/CD tool…but it appears that Jenkins is either not passing these values (Bitbucket Branch Source plugin is configured correctly) or the pipeline step withSonarQubeEnv(‘SonarQube’) is ignoring these values. I cant find a document that details what env variables can be passed automatically and how to enable them.
Note: Our Sonarqube scanner runs on a docker container. Is there a way to pass these values through the Jenkins when it pulls and builds the docker container? Or is there any other way?
Thank you very much for the detailed case you are sharing here. Let’s dig a bit deeper into this together.
Can I please ask you to share the full debug logs of the SonarQube analysis step as performed in the Jenkins build job?
What is the Jenkins job type? Did you create this as a Multibranch Pipeline?
If you are using Jenkins’ Multibranch Pipeline job, did you specifically configure it as described below?
Setting your Branch Source Plugin for Pull Request Decoration
You need to configure your Multibranch Pipeline job correctly to avoid issues with Pull Request decoration. From your Multibranch Pipeline job in Jenkins, go to Configure > Branch Sources > Behaviors > Discover pull requests from origin and make sure The current pull request revision is selected.
We managed to resolve the issue by passing the mandatory analysis parameters through our pipeline code:
withSonarQubeEnv('SonarQube') {
def SONARQUBE_SCANNER_MAP = new JsonSlurperClassic().parseText(SONARQUBE_SCANNER_PARAMS)
if (BRANCH_NAME =~ /^PR-/) {
SONARQUBE_SCANNER_MAP.put('sonar.pullrequest.base', "${CHANGE_TARGET}") // Mandatory parameter for Pull Request Decoration in Sonarqube
SONARQUBE_SCANNER_MAP.put('sonar.pullrequest.branch', "${BRANCH_NAME}") // Mandatory parameter for Pull Request Decoration in Sonarqube
SONARQUBE_SCANNER_MAP.put('sonar.pullrequest.key', "${CHANGE_ID}") // Mandatory parameter for Pull Request Decoration in Sonarqube
} else {
SONARQUBE_SCANNER_MAP.put('sonar.branch.name', "${BRANCH_NAME}") //Mandatory parameter for BRANCH scanning in Sonarqube
}
SONARQUBE_SCANNER_PARAMS = groovy.json.JsonOutput.toJson(SONARQUBE_SCANNER_MAP)
println("SONARQUBE_SCANNER_PARAMS that have been passed: ${SONARQUBE_SCANNER_PARAMS}")
Jenkins Output:
[Pipeline] withSonarQubeEnv
Injecting SonarQube environment variables using the configuration: SonarQube
[Pipeline] {
[Pipeline] echo SONARQUBE_SCANNER_PARAMS that have been passed: {"sonar.pullrequest.branch":"PR-89","sonar.host.url":"[http://sonar.<full_url>]","sonar.login":"******","sonar.pullrequest.key":"89","sonar.pullrequest.base":"master"}