DevOps and System Administration Discussions
Dive into SAP DevOps and system administration. Join discussions to collaborate on optimizing workflows, share knowledge, and leverage resources effectively.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Continuous Integration and Delivery - SonarQube scan

Go to solution
marcmaurí
Participant

‎02-17-2023 10:47 AM

0 Kudos

Hi experts,

In a trial environment, we are using SAP Continuous Integration and Delivery to deploy our CAP applications.

We have configured the SonarQube Scan stage and the scan is running as expected, but a failed result in SonarQube is being considered as success by the job:

The result in SonarQube:

I would expect that failed scan runs stop my CI/CD job execution.

I did some research and I guess that you get the result from the task instead of getting it from the analysis. Details below.

In the execution logs we get a set of urls and the final result: SUCCESS.

The url you provide with belongs to the task summary, in that case the url is https://xxxxxxxxxxxx.com/api/ce/task?id=AYZWEGSC8rBChjMtw6Rt and the content is the following, with status SUCCESS (wich means that the task has been executed succesfully).

But this is not the result of the scan, that is provided by the analysis (analysysId property in the previous json) by the url https://xxxxxxxxxxxx.com/api/qualitygates/project_status?analysisId=AYZWEGr5vNmC9pE5H0K-, with status ERROR:

Could you please check it or tell me if, on the contrary, the problem can come from the configuration of my SonarQube?

Best regards,

Marc

Preview file
9 KB
Preview file
59 KB
Preview file
42 KB
Preview file
32 KB
Preview file
42 KB
1 ACCEPTED SOLUTION

Go to solution
thorsten_duda
Explorer

‎02-17-2023 11:32 AM

Hi Marc,

you need to create the file sonar-project.properties in the root of your project and add the line

sonar.qualitygate.wait=true

After you pushed it to your repository and re-run the pipeline, it should fail in the Compliance stage.

For more infos please also have a look at our blog post https://blogs.sap.com/2023/01/05/how-to-add-sonarqube-scans-to-your-ci-cd-pipeline/

Best regards,
Thorsten

View solution in original post

3 REPLIES 3

Go to solution
marcmaurí
Participant

‎02-17-2023 10:49 AM

0 Kudos

Hi thorsten.duda ,

could you please take a look at this?

Best regards,

Marc

Go to solution
thorsten_duda
Explorer

‎02-17-2023 11:32 AM

Hi Marc,

you need to create the file sonar-project.properties in the root of your project and add the line

sonar.qualitygate.wait=true

After you pushed it to your repository and re-run the pipeline, it should fail in the Compliance stage.

For more infos please also have a look at our blog post https://blogs.sap.com/2023/01/05/how-to-add-sonarqube-scans-to-your-ci-cd-pipeline/

Best regards,
Thorsten

Go to solution
marcmaurí
Participant
In response to thorsten_duda

‎02-17-2023 1:09 PM

0 Kudos

Thank you thorsten.duda for your prompt reply. It did indeed work.

Thanks also for the referenced blog.

Best regards,

Marc