The Azure Devops cloud offering as well as recent versions of Azure Devops Server were improved with tighter integration of PR Analysis Quality Gate status checks.
The guide for the configuration for Azure Devops Server 2019 and TFS 2015+ is still applicable.
This post thus describes the configuration steps needed to block the possibility to merge PRs after the Quality Gate for them failed:
- SonarQube 8.x (official Azure Devops Services support expected for the next LTS with MMF-2132)
- SonarScanner for Azure Devops installed
- Project analyzed with SonarQube with PR decoration enabled as documented with the Decorating Pull Request page
- Project build pipeline set with the Publish Quality Gate Result task
To do that:
Select the branch you want to protect by enforcing the Quality Gate check. Navigate to branches, on the branch you want to protect, click on the vertical […] icon on the right, and select the Branch Policies menu:
In the Branch Policies screen, add a Status Check:
Search and select SonarQube/quality gate, set it as Required and save:
You are all set!