From 33b2f79ff8ebb6bbb28088277abcb1454864a9d9 Mon Sep 17 00:00:00 2001 From: MikeBirnstiehl Date: Tue, 15 Oct 2019 14:55:22 -0500 Subject: [PATCH] SONAR-12588 Update 'SonarScanner for Jenkins' docs to include configuration of webhook secret validation --- .../analysis/scan/sonarscanner-for-jenkins.md | 30 +++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md index ab20d87ccf8..1bbb40b1c7b 100644 --- a/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md +++ b/server/sonar-docs/src/pages/analysis/scan/sonarscanner-for-jenkins.md @@ -20,10 +20,10 @@ Once the job is complete, the plugin will detect that a SonarQube analysis was m ## Installation 1. [Install the SonarScanner for Jenkins via the Jenkins Update Center](https://plugins.jenkins.io/sonar). -1. Configure your SonarQube server(s) - * Log into Jenkins as an administrator and go to Manage Jenkins > Configure System - * Scroll down to the SonarQube configuration section, click on Add SonarQube, and add the values you're prompted for. - * The server authentication token should be created as a 'Secret Text' credential +1. Configure your SonarQube server(s): + 1. Log into Jenkins as an administrator and go to **Manage Jenkins > Configure System**. + 1. Scroll down to the SonarQube configuration section, click **Add SonarQube**, and add the values you're prompted for. + 1. The server authentication token should be created as a 'Secret Text' credential. ## Analyzing a .NET solution **Global Configuration** @@ -42,11 +42,11 @@ If you do not see any available version under Install from GitHub, first go to M 1. Add the SonarQube for MSBuild - End Analysis build steps to your build ## Analyzing a Java project with Maven or Gradle -** Global Configuration** +**Global Configuration** 1. Log into Jenkins as an administrator and go to Manage Jenkins > Configure System 1. Scroll to the SonarQube servers section and check Enable injection of SonarQube server configuration as build environment variables -** Job Configuration** +**Job Configuration** 1. **Configure** the project, and go to the **Build Environment** section. 1. Enable **Prepare SonarScanner environment** to allow the injection of SonarQube server values into this particular job. If multiple SonarQube instances are configured, you will be able to choose which one to use. Once the environment variables are available, use them in a standard Maven build step (Invoke top-level Maven targets) by setting the Goals to include, or a standard Gradle build step (Invoke Gradle script) by setting the Tasks to execute. @@ -237,3 +237,21 @@ pipeline { } } ``` + +### Configuring a webhook secret + +If you want to verify the webhook payload that is sent to Jenkins, you can add a secret to your webhook on SonarQube. + +To set the secret: + +1. In Jenkins, navigate to **Manage Jenkins > Configure System > SonarQube Server > Advanced > Webhook Secret** and click the **Add** button. +1. Select **Secret text** and give the secret an ID. +1. Select the secret from the dropdown menu. + +If you want to override the webhook secret on a project level, you can add the secret to Jenkins and then reference the secret ID when calling `waitForQualityGate`. + + waitForQualityGate(webhookSecretId: 'yourSecretID') +if your pipeline is declarative or + + waitForQualityGate webhookSecretId: 'yourSecretID' +if your pipeline is scripted. -- 2.39.5