Sonarqubes quality profile gate plugin integration issue with jenkins

SonarQube Server / Community Build
1

Hi Team,

Thanks for the help.

As per the request : Sonarqube not working - Get help / SonarQube - SonarSource Community we upgraded the sonarqube to the latest LTS version( sonarqube-8.5.7).

But when we are running the sonarqube from the Jenkins, the build is getting scanned but the build is failing with the below failure :

org.quality.gates.jenkins.plugin.QGException: Expected status 200, got: 400. Response: {“errors”:[{“msg”:“The \u0027component\u0027 parameter is missing”}]}
at org.quality.gates.sonar.api.SonarHttpRequester.executeGetRequest(SonarHttpRequester.java:124)
at org.quality.gates.sonar.api.SonarHttpRequester.getAPITaskInfo(SonarHttpRequester.java:151)
at org.quality.gates.sonar.api.QualityGatesProvider.getAPIResultsForQualityGates(QualityGatesProvider.java:62)
at org.quality.gates.jenkins.plugin.BuildDecision.getStatus(BuildDecision.java:24)
at org.quality.gates.jenkins.plugin.QGPublisher.perform(QGPublisher.java:85)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:803)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:752)
at hudson.model.Build$BuildExecution.post2(Build.java:177)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:697)
at hudson.model.Run.execute(Run.java:1931)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:97)
at hudson.model.Executor.run(Executor.java:429)
Build step ‘Quality Gates Sonarqube Plugin’ marked build as failure

and we are using below quality gate profile in our Jenkins :

And below is the sonar profile in the Jenkins :

Though sonarqubes is running fine in our linux machine still the builds are failing at the quality gate profile stage.

Please advise further.

Thanks in advance.

sonarqubes
sonarqubes991×334 16.6 KB

Uploading: sonarqubes_profile.png…
sonarqubes
sonarqubes991×334 16.6 KB

sonarqubes_plugin
sonarqubes_plugin1037×391 13.3 KB

2

Hi Team,

Please read the sonarqube instance mentioned above as sonarqube-8.9.7.
It is a typo.

Please help on the above request at the earliest convenience.

Thanks and Regards,
Subhasish

3

It seems to be a bug on the “Sonar Quality Gates Plugin”. This plugin doesn’t support SQ 8.x+ and the fix wasn’t merged by the maintainers yet: https://github.com/jenkinsci/sonar-quality-gates-plugin/pull/17

As an alternative, you could disable this plugin and add the parameter sonar.qualitygate.wait=true to the analysis step, as described on CI integration overview

Setting sonar.qualitygate.wait to true forces the analysis step to poll your SonarQube instance until the Quality Gate status is available. This increases the pipeline duration and causes the analysis step to fail any time the Quality Gate fails, even if the actual analysis is successful. You should only use this parameter if it’s necessary.

4

Hi Team,

Just an update…!!

We can bypass the Quality Gate Profile portion but the question arises how can we scan the code because in the Quality Gate Profile, we basically define the rules which will be scanned accordingly and the results can be scanned.

Could you please suggest any other alternative plugin which we can integrate with our jenkins and if so, at what stage to imitate the action of Quality Gate Profile.

Or if no such plugin is available, then how do we fix this plugin issue as it’s not producing the desired scanning reports in the sonarqubes ui page.

Please help on this asap.

Thanks in advance.

Regards,
Subhasish

5

Hi Subhasish,
bro, how can you bypass the quality gate profile?

6

Hi Eko,

To bypass the Quality Gate in SonarQube, you typically have to adjust or override the configuration that enforces it. Here’s a general guide on how you might do this:

  1. Modify the Quality Gate Configuration:
  • Go to Quality Gates in the SonarQube dashboard.
  • Select the Quality Gate that is assigned to your project.
  • You can either:
  • Disable certain rules that are blocking your build.
  • Reduce the threshold for conditions (e.g., lower coverage requirement).
  1. Change the Project-Level Quality Gate:
  • You can assign a less strict Quality Gate to your project temporarily.
  • Go to the project settings in SonarQube:
  • Navigate to **Project Settings > Quality Gate
  • Change the assigned Quality Gate to one that’s more lenient or custom-configured.
  1. Run the SonarQube Analysis with a Custom Profile:
  • Instead of using the default Quality Gate, you can pass a custom profile with relaxed rules via the command line:
sonar-scanner -Dsonar.qualitygate=YourCustomQualityGate
  • This allows you to run the analysis with a different Quality Gate without changing the global or project-level settings.
  1. Temporarily Disable Quality Gate in CI/CD Pipeline:
  • If the pipeline fails due to the Quality Gate, you can temporarily disable the gate check in your CI/CD tool (like Jenkins, GitHub Actions, etc.).
  • For example, in Jenkins:
withSonarQubeEnv('SonarQube') {
sh 'mvn clean verify sonar:sonar'
}
// Temporarily skip the Quality Gate check
// waitForQualityGate abortPipeline: true // Comment out this line
  • This will prevent the pipeline from failing due to a non-passing Quality Gate.
  1. Ignore Quality Gate Result via Webhook or Script:
  • In some cases, a webhook or script is used to enforce Quality Gates. You can adjust this script to ignore the Quality Gate result or bypass it.
  1. Use Permissions to Override the Quality Gate (if you have admin rights):
  • If you have administrative access, you can edit or override certain rules or gate conditions.

Let me know if you need more details!

Thanks and Regards,
Subhasish