Include Code Quality for Bamboo
Include Code Quality for Bamboo
Breadcrumbs

Changelog

Version 4.x

4.2.5:

Improvements

  • Better experience when WebSudo is required to configure tasks.

4.2.4:

Improvements

  • improve compatibility with latest SonarQube™ versions

Bug Fixes

  • fix duplication of plans in some views.

4.2.3:

Improvements

  • Makes Java field optional to support newer SonarQube™ Scanner version with integrated Java

Bug Fixes

  • Fix drop-down rendering in task (Bamboo 11)

4.2.2:

Bug Fixes

  • Another bugfix for maven based tasks on remote agents

4.2.1:

Update to 4.2.2 recommended.

Bug Fixes

  • Bugfix for maven based tasks

4.2.0:

Update to 4.2.2 recommended.

⚠️ Announcements
New Features

  • Enforce SonarQube™ token on plan-level

    • New config option allowing Bamboo admins to enforce that build plans configure their own SonarQube™ token, instead of using the globally configured one. In the spirit of the Principle of Least Privilege, this allows you to use separate tokens with less permissions. Bamboo admins can now also see which plans would be affected when this gets enforced.

4.0.0:

⚠️ Announcements

  • Bamboo 10 Support

    • Bamboo 10.0 includes a major overhaul on how it interacts apps, also known as Atlassian Data Center Platform 7. This required many adaptions in the app to continue to work on Bamboo 10.0.

    • This also means minimum Bamboo version required is Bamboo 9.6.

    • ⚠️ This version is more strict if you pass the authentication options during the build.

      Ensure that your plans use one of the options:

      1. [recommended] “Override authentication settings from SonarQube server” or

      2. “Use SonarQube server authentication settings from environment variables”

Bug Fixes

  • Improved logging if an executable cannot be found

  • Fix issue where adding links to Bamboo build in SonarQube™ does not work

Version 3.x

3.3.3:

Bug Fixes

  • Prevent rare cases of broken build result summary section

3.3.2:

Announcements

  • Added telemetry for improving application usage and performance

    • In a desire of continuously improving the application, the app now gathers data about usage and performance. You can opt out of sending telemetry statistics by setting the Bamboo property plugin.ch.mibex.bamboo.sonar4bamboo.telemetry to false in the file BAMBOO_HOME/shared/configuration/bamboo-shared.cfg.xml.

Improvements

  • Clearer description of task options

Bug Fixes

  • Prevent exceptions in the Bamboo logs when visiting the configuration pages

3.3.1:

Bug Fixes

  • Fix unwanted branch character replacement for branch analysis

3.3.0:

⚠️ Announcements / breaking changes

  • Require Support for SonarQube™ 7.7 or Newer

    • We removed the support for versions older than SonarQube™ 7.7.

Bug Fixes

  • Fixed inconsistencies in the handling for SonarQube™ Community and Enterprise editions.

  • Fix issues with parameter encoding on Windows build agent.

3.2.7:

Improvements

  • Support SonarQube instances with SSO enabled

3.2.6:

Improvements

3.2.5:

Improvements

  • Support SonarQube service account token override on tasks

Bug Fixes

  • Fixed bug where ‘Create SonarQube Project per Branch’ setting does not keep it’s state on save

3.2.4:

New Features

  • Support JDK selection in MSBuild/dotnet tasks

Improvements

  • Improved description of MSBuild/dotnet capability requirements

Bug Fixes

  • Fixed exceptions when a plan has no repository attached

  • Fix missing enforcement of JDK requirements

3.2.3:

Improvements

  • Improved SonarQube Edition detection handling

Bug Fixes

  • Fixed missing SonarQube server configurations in admin configuration page

3.2.2:

Improvements

  • Improved user experience when switching between plaint text field and Bamboo variable for SonarQube user token.

Bug Fixes

  • Fixed parsing of missing analysis result URL for SonarQube 9.4

  • Fixed bug where 'Disable SQ project per branch' checkbox does not keep it's state on save

  • Fixed bug where unreachable SonarQube server leads to timeout of admin configuration page

3.2.1:

Bug Fixes

  • Fixed bug where Incremental mode not visible in Sonar Tasks configuration

  • Fixed bug where PR analysis is triggered for Community Edition

  • Fixed bug where some users get Access Denied when trying to Create/Edit Sonar Task configurations

3.1.3:

Bug Fixes

  • Fixed bug where Incremental mode not visible in Sonar Tasks configuration

  • Fixed bug where PR analysis is triggered for Community Edition

    • Hint: tasks created with versions 3.1, 3.1.1 and 3.1.2 need to be saved again to work correctly!

  • Fixed bug where some users get Access Denied when trying to Create/Edit Sonar Task configurations

3.1.2:

Bug Fixes

  • Fixed bug where a new Sonar Task cannot be saved when 'Show and break build on broken quality gates' is selected

3.1.1:

Bug Fixes

  • Fixed bug where a selected shared SonarQube server configuration is ignored in new Sonar Tasks

3.1.0:

Improvements

  • Simpler Configuration

    • Simplified configuration based on your SonarQube Edition to only show the relevant configuration options.

  • Debug Logging in Build Log

    • New task option to write debug logs directly to the build log.

      Potential issues with Sonar for Bamboo can be debugged with less effort, as getting the debug server logs from Bamboo itself is not necessary anymore, since all relevant info is now in build log.

  • Improved Wording

    • We improved the wording of configuration options, making it more clear what they do.

3.0.3:

Improvements

  • Improved formatting of CodeOwners active rules explanation in pull request comments and tool-tips.

  • Improved positioning of CodeOwners avatar decorations (Bitbucket 7.9.x and newer)

Bug Fixes

  • Fix combined use of CodeOwners with Default reviewers from Bitbucket

    • Earlier 3.x versions are not compatible with Default reviewers feature

  • Fix Merge checks for rules with individual users, if group merge check is active.

    • If  CodeOwners merge checks are active, any user which is mentioned individually in a active code owner rule, must approve, before pull request can be merged.

    • There was a bug in the group based Merge check validation. If an individual user was also member of a active group rule, the check did not enforce the approval of this individual, if other group members have approved.


3.0.2:

Bug Fixes

  • Bamboo Data Center compatibility notice: use server version of app which is compatible with DC. DC version will be provided as soon as Atlassian DC certification for Bamboo apps is available.

3.0.1:

Bug Fixes

  • Fixed bug where the app crashed when using SonarQube Commercial Editions < 8.1 and the Bamboo build plan did not use Bitbucket

3.0.0:

⚠️ Announcements

  • Bamboo 8.0 is now supported.

    • The minimal required version is Bamboo 6.10, as older versions reached their End of Life.

  • Removed obsolete features

    • If you use one of the removed features, check the migration guide or contact us.

    • Removed support for:

      • SonarRunner, because it is deprecated since 2017.

      • Maven 2, because Maven 2 is at end of life since 2014.

      • Gradle task: sonarRunner., because Gradle remove it in 2016.

      • SonarQube 5.x released in 2016. The minimum required version is SonarQube 6.7. This also removes the JDBC configuration used for these old releases.

Improvements

  • Improved wording

    • We improved the wording of configuration options, making it more clear what the do.

Bug Fixes

  • Fixed Sonar Server configuration panel opening slowly and creating Stacktrace spam in the Bamboo logs

  • Fixed Sonar Server configuration edition fail to switch from password based login to token based login.

Version 2.x

2.10.1:

Bug Fixes

  • With SonarQube commercial edition < 8.1 and Bamboo < 6.9, a "bamboo user needed" error is thrown when executing the task with incremental mode disabled

2.10.0:

Improvements

  • Incremental mode: no analysis required for pull request destination branch anymore

    • If the destination branch has not been analyzed by SonarQube, incremental mode was not executed.

    • The app does not require an existing analysis of the destination branch anymore, making the incremental mode more flexible.

  • SonarQube 8.1 and greater:
    Uniform handling of short/long-living branches and removal of deprecated SonarQube parameter: -Dsonar.branch.target

    • Since SonarQube 8.1 stopped making a distinction between short (e.g. feature branches) and long-living branches (e.g. develop). The flag -Dsonar.branch.target got deprecated.

    • For SonarQube greater than 8.1, the app will not differentiate between branch types and therefore not add the parameter -Dsonar.branch.target anymore.

  • Translations for missing quality gate alert keys

    • For the display of quality gates on the build results page, some quality gate alert keys were not internationalized. This has now been fixed.

2.9.4:

Bug Fixes

  • When upgrading to 2.9 releases, existing Sonar task sometimes showed an unexpected NullPointerException error.

2.9.2:

Bug Fixes

  • Wrong sonar scanning result mapping in build jobs with multiple Sonar tasks

2.9.1:

Bug Fixes

  • For some MSBuild SonarQube Scanner versions, the SonarQube result link is not displayed on the build results page

2.9.0:

Improvements

  • Incremental mode only passes as many files for sonar.inclusions as the OS allows, otherwise executes a full build

    • For the incremental mode, we now only pass as many files from the Bitbucket pull request diff to sonar.inclusions as the OS allows, preventing build errors for very large pull requests.

  • New option to show quality gates on the build results summary without breaking the build

    • In earlier releases, it was only possible to show the quality gate status on the build results summary page with the build breaker option enabled, thus enforcing breaking the build if the SonarQube quality gate thresholds are exceeded:

2.8.1:

Bug Fixes

  • Do not escape invalid branch characters when using commercial SonarQube editions

  • Improved "escape invalid branch characters" task option descriptions

2.8.0:

Improvements

  • Compatibility with latest SonarQube community versions >= 8.4 where project key cannot contain Git branch name characters like "/" anymore

    • For SonarQube community versions which do not support -Dsonar.branch.name, the app uses the branch name as part of the project key like Dsonar.projectKey=PROJECT_KEY:BRANCH_NAME

    • But latest SQ versions >= 7.9.4 and >= 8.4, this is problematic for branch names containing “/“, since SQ does not allow "/" in project keys anymore.
      Fixed by using the replacement character “-” for “/” automatically.

  • Prevent multiple Sonar server configurations with the same name

    • So far it was possible to configure multiple Sonar server configurations with the same name. This is now prevented by the app to avoid any confusion.

  • Improve log message in Quality gate check for canceled SonarQube tasks

  • Message in build log when a task was canceled in SQ was confusing. Improved to make root cause more clear.

Bug Fixes

  • Sonar Gradle Task doesn't use configured project key override

  • Maven Sonar analysis fails with NullPointerException when updated from Bamboo specs and no additional SQ parameters are configured

2.7.3:

Bug Fixes

  • Sonar analysis result link cannot be shown with SQ 8.4 and SonarScanner 4.4

  • MSBuild and .NET Core end task yields "Cannot deduce sonar.projectKey for this build" error when using legacy branching and SQ >= 7.8

2.7.2:

Improvements

  • Remark that the quality gate status can only be displayed if the option to fail the build in case of failed quality gates is enabled

  • Improved help text about using Bamboo variables for SonarQube credentials

Bug Fixes

  • Illegal branch character replacement option always uses "_"

  • App does not show Sonar build results for multiple Sonar tasks within the same build job

  • As sonar.branch.target is deprecated since SQ 8.1, the app should not pass it to the scanner invocation anymore





SONAR™, SONARQUBE™ and SONARCLOUD™ are independent and trademarked products and services of SonarSource SA: see sonarsource.com, sonarqube.com and sonarcloud.com.