diff --git a/README.md b/README.md index 3baa77f30e876ed297008d82d5784025e1385148..038d7423d3ac5bc236d4298bf5369acf6008df51 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,7 @@ It is bound to the `test` stage, and uses the following variables: | :lock: `SONAR_LOGIN` | SonarQube login (depends on your authentication method) | _none_ | | :lock: `SONAR_PASSWORD` | SonarQube password (depends on your authentication method) | _none_ | | `SONAR_BASE_ARGS` | SonarQube [analysis arguments](https://docs.sonarqube.org/latest/analysis/analysis-parameters/) | `sonar:sonar -Dsonar.links.homepage=${CI_PROJECT_URL} -Dsonar.links.ci=${CI_PROJECT_URL}/-/pipelines -Dsonar.links.issue=${CI_PROJECT_URL}/-/issues` | -| `SONAR_QUALITY_GATE_ENABLED` | Set to `true` to enables check of SonarQube [Quality Gate](https://docs.sonarqube.org/latest/user-guide/quality-gates/) | _none_ (disabled) | +| `SONAR_QUALITY_GATE_ENABLED` | Set to `true` to enable SonarQube [Quality Gate](https://docs.sonarqube.org/latest/user-guide/quality-gates/) verification.<br/>_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarqube.org/latest/analysis/ci-integration-overview/#header-1))._ | _none_ (disabled) | #### Automatic Branch Analysis & Merge Request Analysis diff --git a/kicker.json b/kicker.json index eec1a667a23fe7ed1e79c721078bacf5b638919e..f9f80829a7913b005a0a93b21d57797ba668b4f4 100644 --- a/kicker.json +++ b/kicker.json @@ -75,7 +75,7 @@ }, { "name": "SONAR_QUALITY_GATE_ENABLED", - "description": "Enable blocking check of SonarQube [Quality Gate](https://docs.sonarqube.org/latest/user-guide/quality-gates/) (for `master` branch)", + "description": "Enables SonarQube [Quality Gate](https://docs.sonarqube.org/latest/user-guide/quality-gates/) verification.\n\n_Uses `sonar.qualitygate.wait` parameter ([see doc](https://docs.sonarqube.org/latest/analysis/ci-integration-overview/#header-1))._", "type": "boolean" } ] diff --git a/templates/gitlab-ci-maven.yml b/templates/gitlab-ci-maven.yml index dd078ff591d468b56c5212cbe8de97816872e750..615610783a89d0259b9da7d3c9bc57e075bcec4d 100644 --- a/templates/gitlab-ci-maven.yml +++ b/templates/gitlab-ci-maven.yml @@ -138,46 +138,6 @@ stages: fi } - function sonar_http_auth_args() { - if [[ -n "$SONAR_TOKEN" ]] - then - echo "$SONAR_TOKEN:" - elif [[ -n "$SONAR_LOGIN" ]] && [[ -n "$SONAR_PASSWORD" ]] - then - echo "$SONAR_LOGIN:$SONAR_PASSWORD" - else - echo "" - fi - } - - function sonar_quality_gate_check() { - log_info "--- Waiting for Sonar analysis end..." - taskId=$(grep ceTaskId target/sonar/report-task.txt | cut -c10-) - curl -sS -k --user "$(sonar_http_auth_args)" "$SONAR_URL/api/ce/task?id=$taskId" -o analysis.json - analysisStatus=$(grep --only-matching --extended-regexp "\"status\":\"[A-Z_-]+\"" analysis.json | awk -F: '{print $2}' | tr -d '"') - while [ "$analysisStatus" == "IN_PROGRESS" ] || [ "$analysisStatus" == "PENDING" ]; do - sleep 5s - curl -sS -k --user "$(sonar_http_auth_args)" "$SONAR_URL/api/ce/task?id=$taskId" -o analysis.json - analysisStatus=$(grep --only-matching --extended-regexp "\"status\":\"[A-Z_-]+\"" analysis.json | awk -F: '{print $2}' | tr -d '"') - done - - # Check quality gate - if [ "$analysisStatus" == "SUCCESS" ]; then - analysisId=$(grep --only-matching --extended-regexp "\"analysisId\":\"[a-zA-Z0-9_-]+\"" analysis.json | awk -F: '{print $2}' | tr -d '"') - qualityGateStatus=$(curl -sS -k --user "$(sonar_http_auth_args)" "$SONAR_URL/api/qualitygates/project_status?analysisId=$analysisId" | grep --only-matching --extended-regexp "{\"projectStatus\":{\"status\":\"[A-Z_]+\"" | awk -F: '{print $3}' | tr -d '"') - if [ "$qualityGateStatus" == "ERROR" ]; then - log_error "... quality gate FAILED" - exit 1 - else - log_info "... quality gate SUCCEEDED" - exit 0 - fi - else - log_error "... Sonar analysis FAILED" - exit 1 - fi - } - function maybe_set_version_from_git() { if [[ -n "$MAVEN_RELEASE_VERSION_FROM_GIT" ]]; then # compute version as timestamp of latest commit @@ -478,8 +438,8 @@ mvn-sonar: mvn ${TRACE+-Dsonar.verbose=true} $MAVEN_CLI_OPTS $mvn_settings_opt $java_proxy_args ${SONAR_LOGIN+-Dsonar.login=$SONAR_LOGIN} ${SONAR_PASSWORD+-Dsonar.password=$SONAR_PASSWORD} + ${SONAR_QUALITY_GATE_ENABLED+-Dsonar.qualitygate.wait=$SONAR_QUALITY_GATE_ENABLED} $SONAR_BASE_ARGS - - if [[ "$SONAR_QUALITY_GATE_ENABLED" == "true" ]]; then sonar_quality_gate_check; fi rules: # exclude if $SONAR_URL and $SONAR_HOST_URL not set - if: '($SONAR_HOST_URL == null || $SONAR_HOST_URL == "") && ($SONAR_URL == null || $SONAR_URL == "")'