We’ve recently started using SonarCloud with Azure Devops. Our branch now has a policy that requires the SonarCloud quality gate to have passed before a PR can be merged.
However, this requires us to enable the “pull request decoration” feature with a token (sonar.pullrequest.vsts.token.secured). Without setting this token the build validation is stuck on “waiting” forever (even though the pipeline steps report a successful analysis). This means the user we’ve used for the connection will start posting comments with the analysis results, which we do not like.
Is it possible to separate the two settings: build quality validation and PR decoration?
Thanks!