How to block the merge of Pull Requests when SonarQube Quality Gate is failed, with GitHub

This feature is available with and GitHub Enterprise 2.17 and higher (maybe earlier versions too but this is to be verified)

With GitHub it’s possible to block the merge of a pull request if the SonarQube Quality Gate is failed on the PR (Pull Request).

This is called a Branch protection rule in GitHub, and can be defined per target branch, ie you can select which branches can accept pull request merges only if Quality Gate is passed. These branches are called protected branches

To do that:

  1. In the interested repository, browse to repository settings --> Branches --> Branch protection rules
  2. Click on Add Rule. Define branch name that should comply to this rule ("*" in the screenshot below
  3. Select Require status check to pass before merging
  4. Tick the SonarQube Code Analysis check.
    Note that there must have been at least one SonarQube analysis on the repository in the last week (on any branch) to have this check available in the list.

Once you’ve done that you should notice that the PR can’t be merged if the SonarQube Quality Gate failed on the PR… (Note: As per the screenshot below you can still merge but only if you are the repository Administrator. This is however probably a bad idea)

See also: