Setting up a pipeline pause
To configure an automatic failing of your Jenkins pipeline when the quality gate computed by SonarQube Cloud fails, you must set up a pipeline pause.
Starting in the SonarQube Cloud Team plan, you can configure an automatic failing of your pipeline in case the quality gate fails (see the Automatic interruption of your pipeline in case the quality gate fails article). To do so, you must set up a pipeline pause by using the waitForQualityGate
step.
Proceed as follows:
Make sure the
withSonarQubeEnv
step is included in your pipeline so that the taskId is correctly attached to the pipeline context; see the Adding analysis to a Pipeline job article.Configure a webhook for your project in SonarQube Cloud pointing to
<yourJenkinsInstance>/sonarqube-webhook/
(This is the URL exposed by the Jenkins extension). You may use a webhook configured at the global level if applicable to your project. This step is mandatory (and cannot be performed in a Free plan organization)! For more information, check the Webhooks page.You may want to enable the verification of the quality gate payload sent to Jenkins by setting a webhook secret: see below.
Add a quality gate stage with
waitForQualityGate
to your Jenkins file as described below through examples.
Adding a quality gate stage
This section gives examples of the adding of a quality gate stage to your Jenkins file with waitForQualityGate
.
Scripted pipeline
Thanks to the webhook, the step is implemented in a very lightweight way: no need to occupy a node doing polling, and it doesn’t prevent Jenkins from restarting (the step will be restored after restart). Note that to prevent race conditions, when the step starts (or is restarted) a direct call is made to the server to check if the task is already completed.
Declarative pipeline
Configuring a Webhook secret
If you want to verify the webhook payload that is sent to Jenkins, you can add a secret to your webhook on SonarQube Cloud.
To set the secret:
In Jenkins, navigate to Manage Jenkins > Configure System > SonarQube Server > Advanced > Webhook Secret and click the Add button.
Select Secret text and give the secret an ID.
Select the secret from the dropdown menu.
If you want to override the webhook secret on a project level, you can add the secret to Jenkins and then reference the secret ID when calling waitForQualityGate
as follows:
Last updated
Was this helpful?