This repository is deprecated, no future releases will happen. You are advised to use the built-in functionality available from SonarQube 8.8. Please check the official documentation to learn more.
| SonarQube Version | Plugin Version(s) |
|---|---|
| 1.12 - 2.14 | 1.0 |
| 3.0 - 5.1 | 1.0, 1.1 |
| 5.2 | Not compatible due to limitations with SonarQube platform |
| 5.3 - 5.4 | 2.0, 2.1, 2.2 |
| 5.5 - 7.2 | 2.1, 2.2 |
| 7.3 - 8.7 | 2.3, 2.3.1 |
| 8.8 - | Use the built-in property |
Since the release of SonarQube 8.8, the plugin is no longer in the marketplace because SonarQube introduced a built-in property to break builds.
- Download the appropriate
sonar-build-breaker-plugin-${version}.jarfile from the releases page, based on the compatibility chart - Copy the plugin into
/path/to/sonarqube/extensions/plugins/ - Remove older versions of the plugin from
/path/to/sonarqube/extensions/plugins/, if present - Restart SonarQube
This plugin will mark the build failed if the project fails its quality gate or uses a forbidden configuration. These checks happen after analysis has been submitted to the server, so it does not prevent a new analysis from showing up in SonarQube.
Upon uploading the analysis information, the plugin follows the below workflow to check the quality gate:
- Search
${sonar.working.directory}/report-task.txtforceTaskId, the server-side Compute Engine (CE) task associated with the current analysis.- If the project configures
sonar.scanner.metadataFilePath, that file is used instead of${sonar.working.directory}/report-task.txt
- If the project configures
- Call the
${sonar.host.url}/api/ce/task?id=${ceTaskId}web service to retrieveanalysisId- If the CE Task Status is
PENDINGorIN_PROGRESS, waitsonar.buildbreaker.queryIntervaland repeat step 2 - If the CE Task Status is
SUCCESS, save theanalysisIdand proceed to step 3 - If the CE Task Status is
FAILEDor none of the above, break the build - If step 2 has been attempted
sonar.buildbreaker.queryMaxAttemptstimes, break the build
- If the CE Task Status is
- Call the
${sonar.host.url}/api/qualitygates/project_status?analysisId=${analysisId}web service to check the status of the quality gate- If the quality gate status is
OK, allow the build to pass - If the quality gate status is
WARN, allow the build to pass and log the current warnings - If the quality gate status is
ERROR, break the build and log the current warnings and errors
- If the quality gate status is
The build "break" is accomplished by throwing an exception, making the analysis return with a non-zero status code. This allows you to benefit from the notifications built into CI engines or use your own custom notifications that check the exit status.
- Associate a quality gate to your project
- Optional: Tune
sonar.buildbreaker.queryMaxAttemptsand/orsonar.buildbreaker.queryInterval- Check the duration of previous CE (background) tasks for your project, from submission until completion
- Ensure
sonar.buildbreaker.queryMaxAttempts * sonar.buildbreaker.queryIntervalis longer than the above duration (with default values, total wait time is ~5 minutes) - For small projects, a faster interval may be desired so your build times are not longer than necessary
- For very large projects or servers with a busy CE queue, more attempts or a longer interval may be necessary
- Run an analysis on your project
- If analysis fails while waiting for CE to complete, increase either
sonar.buildbreaker.queryMaxAttempts,sonar.buildbreaker.queryInterval, or both
Define the property sonar.buildbreaker.forbiddenConf with comma-separated key=value configurations that will break
the build.
For example, if you set the property to sonar.gallio.mode=skip, each analysis on .NET projects executed with
Gallio skipped will be marked "broken".
| Property | Description | Default value | Example |
|---|---|---|---|
sonar.buildbreaker.skip |
If set to true, the quality gate is not checked. By default the build will break if the project does not pass the quality gate. | false |
|
sonar.buildbreaker.queryMaxAttempts |
The maximum number of queries to the API when waiting for report processing. The build will break if this is reached. Total wait time is sonar.buildbreaker.queryMaxAttempts * sonar.buildbreaker.queryInterval. |
30 |
|
sonar.buildbreaker.queryInterval |
The interval (ms) between queries to the API when waiting for report processing. Total wait time is sonar.buildbreaker.queryMaxAttempts * sonar.buildbreaker.queryInterval. |
10000 |
|
sonar.buildbreaker.forbiddenConf |
Comma-separated list of key=value pairs that should break the build. |
sonar.gallio.mode=skip |
|
sonar.buildbreaker.alternativeServerUrl |
URL to use for web service requests. If unset, uses the serverUrl property from ${sonar.working.directory}/report-task.txt. |
If your SonarQube instance does not allow anonymous analyses, i.e. you're passing sonar.login to your analysis command,
you must make sure that the analysis user has one of the following permissions on the project:
- 'Administer System'
- or 'Administer' on the specified project
- or 'Browse' on the specified project
This is required so the plugin can call the api/qualitygates/project_status web service.
When reporting issues, please include complete steps to reproduce the issue and all relevant logs.
Pull requests are welcome, but may not always be reviewed immediately. We try our best to respond within a couple of days.
- This project uses google-java-format. The code is auto-formatted whenever you build it.
- For the most part, the project follows standard Oracle Java code conventions
- Include unit tests
- Do not use PowerMock unless there is no alternative
- Update the documentation (this
README.md) with new configuration parameters and usage notes - Make sure your change works with all versions of SonarQube starting at the minimum version
defined in
pom.xml- You can use the scripts in the
verificationfolder to check compatibility. See the verification/README.md for details. - If you need to upgrade the base SonarQube version, create an issue for discussion first
- Once upgraded, the base version will not be downgraded
- You can use the scripts in the