Feat: Add wait flag for SonarCloud quality gates 52/69152/9 v0.71.0
authorKevin Sandi <ksandi@contractor.linuxfoundation.org>
Mon, 22 Nov 2021 23:15:39 +0000 (17:15 -0600)
committerKevin Sandi <ksandi@contractor.linuxfoundation.org>
Tue, 30 Nov 2021 21:12:19 +0000 (15:12 -0600)
Add support for wait flag on SonarCloud quality gates, this way jobs
won't finish until the quality gate reports back the result during
the analysis step, which will fail anytime the quality gate fails.

Issue-ID: RELENG-4011
Signed-off-by: Kevin Sandi <ksandi@contractor.linuxfoundation.org>
Change-Id: Idd75faab59e55363d65fc930790336f370ce60d4

.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml
docs/jjb/lf-maven-jobs.rst
jjb/lf-maven-jobs.yaml
jjb/lf-python-jobs.yaml
releasenotes/notes/add-sonarcloud-qualitygate-wait-flag-d402b152fb3e16fe.yaml [new file with mode: 0644]
shell/maven-sonar.sh

index 8cbed76..fae9729 100644 (file)
@@ -14,6 +14,7 @@
     sonarcloud-project-organization: ORGANIZATION
     sonarcloud-api-token: TOKEN
     scan-dev-branch: false
+    sonarcloud-qualitygate-wait: false
 
 - project:
     name: example-sonarcloud-with-prescan-script
@@ -32,6 +33,7 @@
     sonar-prescan-script: |
       echo "Run script at start of job."
     scan-dev-branch: false
+    sonarcloud-qualitygate-wait: false
 
 - project:
     name: example-sonarcloud-verify
@@ -48,3 +50,4 @@
     sonarcloud-project-organization: ORGANIZATION
     sonarcloud-api-token: TOKEN
     scan-dev-branch: true
+    sonarcloud-qualitygate-wait: true
index 86e586e..6302864 100644 (file)
@@ -41,6 +41,8 @@ Runs Sonar against a Maven project and pushes results to SonarCloud.
     :sonarcloud-project-organization: SonarCloud project organization.
     :sonarcloud-api-token: SonarCloud API Token.
     :sonarcloud-java-version: Version of Java to run the Sonar scan. (default: openjdk11)
+    :sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to
+        wait for the quality gate result. (default: false)
 
 lf-maven-build
 --------------
@@ -568,6 +570,8 @@ This job runs on dev branches and its triggered on new patchsets.
         (default: '')
     :sonarcloud-api-token: SonarCloud API Token. (default: '')
     :sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11)
+    :sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to
+        wait for the quality gate result. (default: false)
     :stream: Keyword that represents a release code-name.
         Often the same as the branch. (default: master)
     :submodule-recursive: Whether to checkout submodules recursively.
index 04ae40f..49d3f3f 100644 (file)
     sonarcloud-project-key: ""
     sonarcloud-project-organization: ""
     sonarcloud-api-token: ""
+    sonarcloud-qualitygate-wait: false
     # SonarCloud scan using jdk8 will become deprecated by Oct, 2020
     # Projects not compatible with jdk11 can set java-version to something else
     sonarcloud-java-version: openjdk11
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
                 sonarcloud-java-version: "{sonarcloud-java-version}"
+                sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
                 scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
                 sonarcloud-java-version: "{sonarcloud-java-version}"
+                sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
                 scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
             API_TOKEN={sonarcloud-api-token}
             SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
             SCAN_DEV_BRANCH={scan-dev-branch}
+            SONARCLOUD_QUALITYGATE_WAIT={sonarcloud-qualitygate-wait}
       - lf-provide-maven-settings:
           global-settings-file: global-settings
           settings-file: "{mvn-settings}"
 
     sonarcloud: true
     scan-dev-branch: true
+    sonarcloud-qualitygate-wait: false
 
     gerrit_sonar_triggers:
       - patchset-created-event:
index 6a40d17..5d62828 100644 (file)
     sonarcloud-project-key: ""
     sonarcloud-project-organization: ""
     sonarcloud-api-token: ""
+    sonarcloud-qualitygate-wait: false
     # SonarCloud scan using jdk8 will become deprecated by Oct, 2020
     # Projects not compatible with jdk11 can set java-version to something else
     sonarcloud-java-version: openjdk11
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
                 sonarcloud-java-version: "{sonarcloud-java-version}"
+                sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
                 scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
diff --git a/releasenotes/notes/add-sonarcloud-qualitygate-wait-flag-d402b152fb3e16fe.yaml b/releasenotes/notes/add-sonarcloud-qualitygate-wait-flag-d402b152fb3e16fe.yaml
new file mode 100644 (file)
index 0000000..116c547
--- /dev/null
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Add support for wait flag on SonarCloud quality gates, this way jobs
+    won't finish until the quality gate reports back the result during
+    the analysis step, which will fail anytime the quality gate fails.
index 5b460c5..9d13003 100644 (file)
@@ -39,9 +39,11 @@ if [ "$SONAR_HOST_URL" = "https://sonarcloud.io" ]; then
         # shellcheck disable=SC2236
         if [ ! -z ${GERRIT_CHANGE_NUMBER+x} ]; then
             GERRIT_SHORT_LIVED_BRANCH=${GERRIT_CHANGE_NUMBER}-${GERRIT_PATCHSET_NUMBER}
+            lowercase_SONARCLOUD_QUALITYGATE_WAIT=$(echo "$SONARCLOUD_QUALITYGATE_WAIT" | tr '[:upper:]' '[:lower:]')
             params+=("-Dsonar.analysis.gerritProjectName=$PROJECT")
             params+=("-Dsonar.branch.target=$GERRIT_BRANCH")
             params+=("-Dsonar.branch.name=$GERRIT_SHORT_LIVED_BRANCH")
+            params+=("-Dsonar.qualitygate.wait=$lowercase_SONARCLOUD_QUALITYGATE_WAIT")
         fi
     fi
 fi