Allowing Projects with SonarQube Warnings to Merge in GitLab

Using Jenkins Ask a question
1

Hi everyone,

I’m trying to configure Jenkins to allow projects that have a warning status after being scanned by SonarQube. I’m encountering an issue where my Jenkins pipeline fails whenever SonarQube reports a warning. Instead of treating these warnings as failures, I want SonarQube to provide warnings based and I want the Jenkins pipeline to return a successful scan result even if there are warnings.

My goal is for Jenkins to not block the merging processes but to allow them with a warning status so that our development team remains aware of the issues.

Could you guys please provide guidance on how I can achieve this setup in Jenkins?

Is it possible?

Any steps or configurations we need to adjust would be greatly appreciated.

Thanks!

2

Hello and welcome to this community, @prox40. :wave:

I think it’s possible to configure Jenkins to not fail the build when SonarQube reports a warning. :thinking:

I guess this could be achieved by adjusting the Quality Gate settings in SonarQube and the pipeline script in Jenkins.

Adjust Quality Gate in SonarQube:
Quality Gates are a key feature in SonarQube that allows you to set a threshold for your project’s quality. If the project doesn’t meet the criteria, SonarQube will report a failed status. :no_entry:
I thought you could adjust these settings to not fail when a warning is reported but I haven’t found the proof in the documentation.

Adjust Jenkins Pipeline Script:
In your Jenkins pipeline script, you would have to ensure that the build doesn’t fail when SonarQube reports a warning. I think this could be done by adjusting the sonar-scanner or mvn sonar:sonar command in your script.

stage('SonarQube analysis') {
    steps {
        script {
            try {
                // Run sonar-scanner or mvn sonar:sonar command
                sh 'mvn sonar:sonar'
            } catch (Exception e) {
                // Log the error but don't fail the build
                echo "SonarQube analysis reported a warning: ${e}"
            }
        }
    }
}

Not pretty, heh? :person_shrugging:

You could also use the catchError step in Jenkins Pipeline to allow the build to continue even if the SonarQube step fails.
The catchError step changes the result of the step that it encloses to UNSTABLE if an error occurs during its execution, but it allows the pipeline to continue.

stage('SonarQube analysis') {
    steps {
        catchError(buildResult: 'SUCCESS', stageResult: 'UNSTABLE') {
            // Run sonar-scanner or mvn sonar:sonar command
            sh 'mvn sonar:sonar'
        }
    }
}

Here, if the mvn sonar:sonar command fails, the catchError step will catch the error, mark the build result as SUCCESS and the stage result as UNSTABLE, and allow the pipeline to continue.

Be aware that this approach will treat any error in the mvn sonar:sonar command as a warning, not just Quality Gate warnings, which is not paramount.

If you want to specifically handle Quality Gate warnings, you would need to check the analysis result and adjust the build status accordingly. :person_shrugging:

This would likely require parsing the SonarQube analysis report or using the SonarQube API to get the Quality Gate status. :scream:

3

Hello @poddingue,

Nice to meet you!

Thank you so much for your response to my question! I really appreciate you taking the time to help.

Your advice was super helpful, and I’m excited to try out your suggestions.

Thanks again!

4

You’re welcome, @prox40, and nice to meet you too. :wink:

I hope my suggestions work for you.
If they don’t, I’m sure someone more knowledgeable will chime in.