ci(data-prepper): harden quality evidence helpers

2026-04-22 12:58:27 -03:00 · 2026-04-22 12:58:27 -03:00 · be0d3e4300
commit be0d3e4300
parent ba6848a67a
1 changed files with 34 additions and 6 deletions
--- a/services/logging/Jenkinsfile.data-prepper
+++ b/services/logging/Jenkinsfile.data-prepper
@ -82,6 +82,30 @@ spec:
            set +e
            sonar-scanner "${args[@]}" | tee build/sonar-scanner.log
            sonar_rc=${PIPESTATUS[0]}
+            sonar_report="${QUALITY_GATE_SONARQUBE_REPORT:-build/sonarqube-quality-gate.json}"
+            host="${SONARQUBE_HOST_URL%/}"
+            query="$(printf '%s' "${SONARQUBE_PROJECT_KEY}" | sed 's/ /%20/g')"
+            sonar_ok=0
+            if [ -n "${SONARQUBE_TOKEN:-}" ]; then
+              auth="$(printf '%s:' "${SONARQUBE_TOKEN}" | base64 | tr -d '\\n')"
+              if command -v curl >/dev/null 2>&1; then
+                curl -fsS -H "Authorization: Basic ${auth}" "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}" && sonar_ok=1
+              elif command -v wget >/dev/null 2>&1; then
+                wget -qO "${sonar_report}" --header="Authorization: Basic ${auth}" "${host}/api/qualitygates/project_status?projectKey=${query}" && sonar_ok=1
+              fi
+            elif command -v curl >/dev/null 2>&1; then
+              curl -fsS "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}" && sonar_ok=1
+            elif command -v wget >/dev/null 2>&1; then
+              wget -qO "${sonar_report}" "${host}/api/qualitygates/project_status?projectKey=${query}" && sonar_ok=1
+            fi
+            if [ "${sonar_ok}" -ne 1 ]; then
+              cat > "${sonar_report}" <<EOF
+{
+  "status": "ERROR",
+  "error": "sonarqube query failed"
+}
+EOF
+            fi
            scan_root=build/data-prepper-supply-chain-scan
            rm -rf "${scan_root}"
            mkdir -p "${scan_root}/dockerfiles" "${scan_root}/services/logging"
@ -214,11 +238,11 @@ EOF
              add_case "pipeline_config_present" "data_prepper_pipelines.yaml is missing or empty"
            fi

-            if grep -q 'data-prepper-helmrelease.yaml' services/logging/kustomization.yaml; then
-              add_case "logging_kustomization_includes_data_prepper" ""
-            else
-              add_case "logging_kustomization_includes_data_prepper" "services/logging/kustomization.yaml does not include data-prepper HelmRelease"
-            fi
+            kustomization_contents="$(cat services/logging/kustomization.yaml 2>/dev/null || true)"
+            case "${kustomization_contents}" in
+              *data-prepper-helmrelease.yaml*) add_case "logging_kustomization_includes_data_prepper" "" ;;
+              *) add_case "logging_kustomization_includes_data_prepper" "services/logging/kustomization.yaml does not include data-prepper HelmRelease" ;;
+            esac

            cat > build/junit-data-prepper.xml <<EOF
 <testsuite name="data_prepper.packaging" tests="3" failures="${failures}" errors="0" skipped="0">
@ -510,7 +534,11 @@ METRICS
      }
      script {
        if (fileExists('build/junit-data-prepper.xml')) {
-          junit allowEmptyResults: true, testResults: 'build/junit-*.xml'
+          try {
+            junit allowEmptyResults: true, testResults: 'build/junit-*.xml'
+          } catch (err) {
+            echo "junit step unavailable: ${err.class.simpleName}"
+          }
        }
      }
      archiveArtifacts artifacts: 'build/**', allowEmptyArchive: true, fingerprint: true