Using Quality Gates SonarQube Plugin in jenkins

Sonarqube version 6.7

Hi I need to Add Quality Gate Sonarqube plugin in jenkins, so that jenkins will marked as failed if quality gates is not passed.
i try to use the plugin but it won’t work with below error when save configuration in jenkins.
:
our sonarqube server is using https , can anyone have experience how to added sonarqube server certificate in jenkins server ?

org.quality.gates.sonar.api.ApiConnectionException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.quality.gates.sonar.api.SonarHttpRequesterFactory.getSonarHttpRequester(SonarHttpRequesterFactory.java:44)
at org.quality.gates.sonar.api.QualityGatesProvider.(QualityGatesProvider.java:29)
at org.quality.gates.jenkins.plugin.BuildDecision.(BuildDecision.java:14)
at org.quality.gates.jenkins.plugin.QGPublisher.(QGPublisher.java:28)
at org.quality.gates.jenkins.plugin.QGPublisherDescriptor.newInstance(QGPublisherDescriptor.java:84)
at org.quality.gates.jenkins.plugin.QGPublisherDescriptor.newInstance(QGPublisherDescriptor.java:17)
at hudson.model.Descriptor.newInstancesFromHeteroList(Descriptor.java:1060)
at hudson.model.Descriptor.newInstancesFromHeteroList(Descriptor.java:1022)
at hudson.util.DescribableList.rebuildHetero(DescribableList.java:208)
at hudson.model.Project.submit(Project.java:231)
at hudson.model.Job.doConfigSubmit(Job.java:1350)
at hudson.model.AbstractProject.doConfigSubmit(AbstractProject.java:772)
at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:408)
at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:212)
at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:145)
at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:537)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:739)

Hi,

this means the Java runtime you’re using for Jenkins/Sonarqube Scanner has no valid cacerts file
(path = JAVA_HOME\jre\lib\security\cacerts) with the root CAs needed for authenticating.
See this thread for details and solution:

Gilbert

Hi Gilbert,

Thank for your help, it’s solved now after insert the certificate to java cacert.

Hi,

i’m happy you managed to fix the problem.
You may tag the answer as solution for others with a similar problem.

Gilbert

Hey @Rebse
After adding cert to cacert fix my sonar scanner issue but when our pipeline is run “waitForQualityGate” it throws same certificate error for it.
On sonarqube webhook I can see 200 response code but jenkins not able to receive it.

Hi,

in general hijacking threads from the past is not recomended.
What are your versions of Sonarqube, Sonarqube Jenkins plugin, Sonarqube Scanner ?
Where do you see the certificate error ?, the errormessage might also be helpful.
Are you sure that sonarqube scan and the waitForQualityGate() step are using the same java ?
Do you already have a custom Jenkins logger for Sonarqube to get more details ?

jenkins_custom_logger

Gilbert

Sorry for starting old thread @Rebse
I have already created a new topic for this.

After moving sonarqube behind https getting certificate issue on jenkins for “waitForQualityGate”

Few details sharing here as well.

  • SonarQube - Community Editions 8.9.1
  • Jenkins - 2.277.2
  • SonarQube Scanner - 4.3.0.2102
  • Sonar Scanner plugin - 2.13

I have imported cert to sonar-scanner jre directly so Sonar Scanner works fine but I have also imported cert to my node java on waitForQualityGate() is executing but it has same result.