Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-72575

Failed quality gate does not prevent whole pipeline execution

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • warnings-ng-plugin
    • Jenkins 2.426.2
      Warnings NG plugin 10.5.3

      While executing the recordIssues step with a defined quality gate to set stage and build results to "failed", it just sets status, but it doesn't prevent execution of the rest of the pipeline and I'm not sure if this is the expected behavior.

      In my case, I'm executing whole security checks before uploading built artifacts, and I would like to prevent this step execution for artifacts that do not meet specific security requirements (defined via quality gate). But even if the "Security scans" stage and even the whole build are set to "failed" due to the quality gate status, the next stages, including "Upload artifacts", are still executed.
       

      pipeline {
          agent {...}
      
          stages {
              stage("Earlier stages") {...}
              
              stage("Security scans") {
                  makeSecurityScans()
                  recordIssues tools: [...], qualityGates: [[threshold: 1, type: 'TOTAL_ERROR', unstable: false]]
              }
      
              stage("Upload artifacts") {
                  uploadArtifacts()
              }
          }
      }
      

        1. dependency-check.PNG
          7 kB
          Łukasz Jackiewicz
        2. dependency-check-stage-view.PNG
          18 kB
          Łukasz Jackiewicz
        3. warnings-ng.PNG
          7 kB
          Łukasz Jackiewicz

            Unassigned Unassigned
            ljackiewicz Łukasz Jackiewicz
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: