Custom quality gate seems to be ignored by sonar scanner

Hi everyone,

  • ALM used - GitHub
  • CI system used - Github Actions
  • Scanner command used when applicable - sonarqube-verify
  • Languages of the repository - Typescript
  • Error observed

After running several steps in CI (lint, build, test), we trigger the sonar scanner to analyse the project.
For this project, test coverage is low and not really needed so we created a custom quality gate based on Sonar Way with Condition Coverage is less than 0.0% for new code.
The problem is that the analysis report this:

...
Protocol = https:
Report status : SUCCESS
Check the Quality gate ***/api/qualitygates/project_status?projectKey=broker-service
Protocol = https:
QUALITY GATE STATUS : ERROR
QUALITY GATE HAS FAILED
Verification ended in error
[new_coverage]: 0.0 LT 80
...

So it seems to still require the 80% coverage from the Sonar way quality gate.
What is even more mysterious to me, is that the PR decoration indicates Kudos, SonarCloud Quality Gate passed!

Hopefully this issue is not really one, but i cannot find the proper setup neither a discussion that would lead to a consistent result.
So i would appreciate advice to solve it.

Hello @getlarge ,

Welcome to the community!

Does the same thing happen if you remove the condition Condition Coverage from the quality gate or when you set quality gate to empty (without any conditions)?

There should be no differences between PR decoration and Sonarcloud UI. Is your quality gate failed or passed in the UI? (in other words is it consistent with GitHub PR status)

image

Can you double check if you have correct quality gate selected from the administration menu?
image

Best,
Marcin

Hello @Marcin_Majewski and thanks for your reply.

The same result happened when i removed Condition Coverage but it seems an empty quality gate is forbidden so i could not try to create one.

From what i remember the UI indicated a failed quality gate too (due to the coverage below 80%).

Anyway the problem is “solved” now, out of desperation i tried sonarcloud github action to replace sonarqube-verify in my CI flow and now the quality gate is respected.

No idea why, but at least it works!

Hi @getlarge,

Glad it works! Just to point out the sonarqube-verify - npm is not an official tool. If you are analyzing Typescript it is recommended to use Github Action (as you did) or sonar-scanner which you can download from Sonarcloud when selecting manual analysis.

Best,
Marcin

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.