waitforQualityGate without webhooks

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube 8.2, dependency-check-gradle 5.3.+, Jenkins 2.204.2, Sonar Scanner for Jenkins 2.11

  • what are you trying to achieve
    trying to use waitForQualityGate in a network environment that doesn’t allow Sonarqube webhook to work (jenkins can reach Sonarqube server, but Sonarqube can’t reach Jenkins server – and we can’t easily change that)

  • what have you tried so far to achieve this

  1. I’ve tried adding a sleep between dependency-check and waitForQualityGate and that does work, but it’s not ideal as if we don’t sleep long enough (how long is “long enough”? :slight_smile: ) we’ll end up hanging on waitForQualityGate (2m30s?) and then timeout and abort jenkins pipeline

  2. I’ve tried to implement a status-polling model like this:

  try {
      sonarResult = waitForQualityGate abortPipeline: false
  } catch(ex) {
      echo "caught exception ${ex}"
  }
  echo "waitForQualityGate status is ${sonarResult.status}"
  while (sonarResult.status == "PENDING" || sonarResult.status == "IN_PROGRESS") {
  	try { 
  	    sonarResult = waitForQualityGate abortPipeline: false
  	} catch(ex) {
  		echo "caught exception ${ex}"
  	}
  	echo "waitForQualityGate status is ${sonarResult.status}"
  }
  if (sonarResult.status != 'OK') {
                error "Quality gate failure for SonarQube: ${sonarResult.status}"
            }

The initial waitForQualityGate call hangs (2m30s +/-) as expected and an exception is thrown and caught properly, but rather than continuing on to my loop, jenkins pipeline aborts… See log below.

I’m wondering if there are (undocumented?) parameters that might allow using waitForQualityGate like this – in an environment where webhook isn’t an option?

  1. started looking at build breaker community version, but the Jenkins integration isn’t nearly as clean and we’d prefer to stick with Sonarqube support solution (especially after reading “Why You Shouldn’t Use Build Breaker”)

Thanks in advance for any advice!

[Pipeline] // withSonarQubeEnv
[Pipeline] timeout
Timeout set to expire in 20 min
[Pipeline] {
[Pipeline] waitForQualityGate
Checking status of SonarQube task ‘AXDPvpdRDuLy3Vw0kBtl’ on server ‘SonarQubeServer’
SonarQube task ‘AXDPvpdRDuLy3Vw0kBtl’ status is ‘SUCCESS’
SonarQube task ‘AXDPvpdRDuLy3Vw0kBtl’ completed. Quality gate is ‘OK’
[Pipeline] echo
waitForQualityGate status is OK
[Pipeline] error
[Pipeline] }
[Pipeline] // timeout
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // timeout
[Pipeline] }
[Pipeline] // stage
[Pipeline] echo
Failed in stage “Static Analysis” - Quality gate failure for SonarQube: OK
[Pipeline] }
[Pipeline] // node
[Pipeline] echo
Sending notification…
[Pipeline] End of Pipeline
[BFA] Scanning build for known causes…
[BFA] No failure causes found
[BFA] Done. 0s

GitHub has been notified of this commit’s build result

ERROR: Quality gate failure for SonarQube: OK
Finished: FAILURE

The following seems to work as a “can’t receive webhooks” workaround – comments?

  def tries = 0
  sonarResultStatus = "PENDING"
  while ((sonarResultStatus == "PENDING" || sonarResultStatus == "IN_PROGRESS") && tries++ < 5) {
      try {
          sonarResult = waitForQualityGate abortPipeline: true
          sonarResultStatus = sonarResult.status
      } catch(ex) {
          echo "caught exception ${ex}"
      }
      echo "waitForQualityGate status is ${sonarResultStatus} (tries=${tries})"
  }
  if (sonarResultStatus != 'OK') {
      error "Quality gate failure for SonarQube: ${sonarResultStatus}"
  }