Template for a good new topic, formatted with Markdown:
Bitbucket Cloud
Jenkins
Scanner command used when applicable ./mvnw -B -ff -ntp install sonar:sonar
Java
*
Error observed
sporadically the webhooks from the sonarcloud to jenkins do not work. I see error “destination server not reachable”. But if I allow 0.0.0.0/0 the webhooks are working
Steps to reproduce. Just wait and the webhooks will fail
Potential workaround - allow 0.0.0.0/0 or remove waitForQualityGate()
Webhooks actually aren’t covered by these IP addresses (I asked when we introduced these static IP addresses)
SonarCloud currently allows the following static IP addresses for outgoing calls to supported DevOps platforms (GitHub, GitLab, Azure DevOps Services, and BitBucket Cloud):
…
IP filtering is not supported for any other use case.
Hi Colin, is there other list of Sonarcloud IPs that I can whitelist to allow only access from the Sonarcloud to the build server. I really don’t want to allow everything to get the webhooks back to the CICD server.But without them I cannot integrate the source check into the pipelines. If there is no explicit list, what other workaround we can use. Thank you.
Hi, I believe both are the same. The first is an inline parameter, the second is a plugin function. But in both cases, I need to wait for the quality gate to send webhooks, that I have to whitelist. I am looking for the source IPs of all Sonar webhooks so I can whitelist them in the build system.
No – sonar.qualitygate.wait makes calls from Jenkins to SonarCloud to check that Quality Gate status. waitForQualityGate() requires that SonarCloud can send Jenkins a webhook.