02-17-2023 10:47 AM
Hi experts,
In a trial environment, we are using SAP Continuous Integration and Delivery to deploy our CAP applications.
We have configured the SonarQube Scan stage and the scan is running as expected, but a failed result in SonarQube is being considered as success by the job:
The result in SonarQube:
I would expect that failed scan runs stop my CI/CD job execution.
I did some research and I guess that you get the result from the task instead of getting it from the analysis. Details below.
In the execution logs we get a set of urls and the final result: SUCCESS.
The url you provide with belongs to the task summary, in that case the url is https://xxxxxxxxxxxx.com/api/ce/task?id=AYZWEGSC8rBChjMtw6Rt and the content is the following, with status SUCCESS (wich means that the task has been executed succesfully).
But this is not the result of the scan, that is provided by the analysis (analysysId property in the previous json) by the url https://xxxxxxxxxxxx.com/api/qualitygates/project_status?analysisId=AYZWEGr5vNmC9pE5H0K-, with status ERROR:
Could you please check it or tell me if, on the contrary, the problem can come from the configuration of my SonarQube?
Best regards,
Marc
02-17-2023 11:32 AM
Hi Marc,
you need to create the file sonar-project.properties in the root of your project and add the line
sonar.qualitygate.wait=true
After you pushed it to your repository and re-run the pipeline, it should fail in the Compliance stage.
For more infos please also have a look at our blog post https://blogs.sap.com/2023/01/05/how-to-add-sonarqube-scans-to-your-ci-cd-pipeline/
Best regards,
Thorsten
02-17-2023 10:49 AM
02-17-2023 11:32 AM
Hi Marc,
you need to create the file sonar-project.properties in the root of your project and add the line
sonar.qualitygate.wait=true
After you pushed it to your repository and re-run the pipeline, it should fail in the Compliance stage.
For more infos please also have a look at our blog post https://blogs.sap.com/2023/01/05/how-to-add-sonarqube-scans-to-your-ci-cd-pipeline/
Best regards,
Thorsten
02-17-2023 1:09 PM
Thank you thorsten.duda for your prompt reply. It did indeed work.
Thanks also for the referenced blog.
Best regards,
Marc