WaitforQualityGate not working with authentication in Jenkins


Im trying to create a step in Jenkins that calls waitforQualityGate. According to the pipeline syntax, the format is something like this:

waitForQualityGate abortPipeline: false, credentialsId: ‘my_key’

When executing this, i receive a 403 error:

org.sonarqube.ws.client.HttpException: Error 403 on $URL : {“errors”:[{“msg”:“Insufficient privileges”}]}

If i try to do a curl to the url that retrieves the quality gate with this token, it works fine

curl -k -u $my_key: $URL/api/ce/task?id=$My_ID

Do anybody has an example of how to use waitforqualitygate step in the jenkins pipeline when authentication is enforced?


1 Like


The examples are in the docs. Are you sure the error your getting comes from the waitForQualityGate portion of the pipeline and not the earlier analysis step? Because the wait step should be just that: passive waiting to receive a notification from SonarQube.


A post was split to a new topic: WaitforQualityGate problem

We also have this problem when adding waitForQualityGate to our pipeline, which is similar to the “Declarative pipeline example”:

pipeline {
    agent any
    stages {
        stage('SCM') {
            steps {
                git url: 'https://github.com/foo/bar.git'
        stage('build && SonarQube analysis') {
            steps {
                withSonarQubeEnv('My SonarQube Server') {
                    // Optionally use a Maven environment you've configured already
                    withMaven(maven:'Maven 3.5') {
                        sh 'mvn clean package sonar:sonar'
        stage("Quality Gate") {
            steps {
                timeout(time: 1, unit: 'HOURS') {
                    // Parameter indicates whether to set pipeline to UNSTABLE if Quality Gate fails
                    // true = set pipeline to UNSTABLE, false = don't
                    waitForQualityGate abortPipeline: true

The stack trace is:

org.sonarqube.ws.client.HttpException: Error 403 on https://sonarqube.l-bank.intern.ads/api/qualitygates/project_status?analysisId=AYBMldcKb_BZ4CWWwH2l : {"errors":[{"msg":"Insufficient privileges"}]}
	at org.sonarqube.ws.client.BaseResponse.failIfNotSuccessful(BaseResponse.java:36)
	at hudson.plugins.sonar.client.HttpClient.getHttp(HttpClient.java:38)
	at hudson.plugins.sonar.client.WsClient.requestQualityGateStatus(WsClient.java:70)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.lambda$checkTaskCompleted$0(WaitForQualityGateStep.java:235)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkQualityGate(WaitForQualityGateStep.java:288)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkTaskCompleted(WaitForQualityGateStep.java:235)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.start(WaitForQualityGateStep.java:171)
	at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:319)

When we remove waitForQualityGate, the pipeline succeeds.

Any ideas?

We were indeed missing permissions. waitForQualityGate no longer fails with:

  • Browse
  • See Source Code
  • Execute Analysis
1 Like