Setting up a pipeline pause
To configure an automatic failing of your Jenkins pipeline in case the quality gate computed by SonarQube Server fails, you must set up a pipeline pause.
To configure an Key features, you must set up a pipeline pause by using the waitForQualityGate step.
Proceed as follows:
- Make sure the - withSonarQubeEnvstep is included in your pipeline so that SonarQube Server taskId is correctly attached to the pipeline context: see Adding the SonarQube stage to a pipeline in Adding analysis to a Jenkins job.
- Configure a webhook for your project in your SonarQube Server pointing to - <yourJenkinsInstance>/sonarqube-webhook/(This is the URL exposed by the Jenkins extension). You may use a webhook configured at global level if applicable to your project. See Webhooks. This step is mandatory!
- You may want to enable the verification of the quality gate payload sent to Jenkins by setting a webhook secret: see below. 
- Add a quality gate stage with - waitForQualityGateto your Jenkins file as described below through examples.
Adding a quality gate stage
This section gives examples of the adding of a quality gate stage to your Jenkins file with waitForQualityGate.
Scripted pipeline
Thanks to the webhook, the step is implemented in a very lightweight way: no need to occupy a node doing polling, and it doesn’t prevent Jenkins from restarting (the step will be restored after restart). Note that to prevent race conditions, when the step starts (or is restarted) a direct call is made to the server to check if the task is already completed.
Declarative pipeline
Configuring a Webhook secret
If you want to verify the webhook payload that is sent to Jenkins, you can add a secret to your webhook on SonarQube Server.
To set the secret:
- In Jenkins, navigate to Manage Jenkins > Configure System > SonarQube Server > Advanced > Webhook Secret and click the Add button. 
- Select Secret text and give the secret an ID. 
- Select the secret from the dropdown menu. 
If you want to override the webhook secret on a project level, you can add the secret to Jenkins and then reference the secret ID when calling waitForQualityGate as follows:
Related pages
Last updated
Was this helpful?

