search

opendevstack / ods-jenkins-shared-library

Shared Jenkins library which all ODS projects & components use - provisioning, SonarQube code scanning, Nexus publishing, OpenShift template based deployments and repository orchestration
Apache License 2.0
72 stars 57 forks source link

SonarQube quality gate always report from default project branch #1016

Closed gerardcl closed 1 year ago

gerardcl commented 1 year ago

Describe the bug We have detected when enabling the enforcement of quality gate for sonarqube that it always gets, from whatever branch you are scanning, the default branch (usually master).

To Reproduce Steps to reproduce the behavior:

  1. Create a branch on your repo and enable the quality gate
  2. Check the report is returning the info from default branch, not the one in scope
  3. Pipeline might fail or not as false info is back

Expected behavior To get the quality gate info from the right branch in scope of that pipeline.

Screenshots N/A

Affected version (please complete the following information):

Log Output (ensure to remove any confidential information like tokens, project names, etc. API call does not use the branch query parameter: https://github.com/opendevstack/ods-jenkins-shared-library/blob/befbc61c64eab4f309aae0a924ade64d05298fc9/src/org/ods/services/SonarQubeService.groovy#L88

Additional context Must be fixed

michaelsauter commented 1 year ago

Haha, just noticed the same issue a few weeks back: https://github.com/opendevstack/ods-pipeline/pull/704/files#diff-819a83bd48fb2fe12110e0b2b9b1ccd1c927fc30fa7fd8f14a983aefbf36f6c2

gerardcl commented 1 year ago

Ok @braisvq1996 we found out that the & parameter in the URL was a problem so we need to provide a fix by using the full cURL CLI with flags for url encodings. I would recommend to go full on flags anywhere we use cURL CLI in the lib.

BraisVQ commented 1 year ago

closed by #1020