How to fail an Azure pipline on a failed Sonar quality gate

jerry.brimacombe · January 5, 2021, 11:39am

We are using

Developer Edition
Version 8.3.1 (build 34397)

We are moving our pipelines from Jenkins to Azure, Currently in Jenkins our pipelines correctly fail if the SonarQuality gate is not passed.
We are having problems replicate this in Azure
Our yaml looks like

- task: SonarQubePrepare@4
    inputs:
      SonarQube: 'Devlopment-Sonarqube'
      scannerMode: 'CLI'
      configMode: 'manual'
      cliProjectKey: ${{ parameters.sonarProjectKey }}
      cliProjectName: ${{ parameters.sonarProjectName }}
      cliSources: 'app'
  - task: SonarQubeAnalyze@4
  - task: SonarQubePublish@4
    inputs:
      pollingTimeoutSec: '300'

This works in the sense that we can see the see the code has been scanned and correctly failed in Sonar itself. But we want the pipeline to end at this point if it fails

I’ve seen others have had this problem, and have resulted in calling the rest API. Is this still the best method? E.g Something like

Joe · January 7, 2021, 5:31am

Hi @jerry.brimacombe,

Welcome to SonarSource community!

Are you able to still block merges if the quality gate fails? Perhaps these community guides will help:

Joe

jerry.brimacombe · January 14, 2021, 8:17am

Thank you for your replies - we will look to do this. It certainly seems like something we should do,
However, we really also just want the pipeline to fail. At the moment we have achieved this by calling the rest API - which works, but just seems on overly complex way of achieving something that would appear to be a standard requirement.

Rouke.Broersma.IS · January 18, 2021, 4:26pm

There are azure devops extensions in the marketplace that can achieve what you want.

tlnarayana · February 9, 2021, 6:27am

Dear @Rouke.Broersma.IS ,
may you please elaborate the extension names which will help to fail the pipeline.
Regards,
LnT

Rouke.Broersma.IS · February 9, 2021, 8:22am

https://marketplace.visualstudio.com/items?itemName=SimondeLang.sonar-buildbreaker

jerry.brimacombe · February 9, 2021, 9:02am

Hi,
Thank you for the update. That would be perfect. However due to our security policy its very hard for us to get none official extensions approved for use.
In the end we solved this by calling the rest api (with curl), I’m still surprised their is not a way to directly do this with the official extensions.
Thank you all for your help.

Rouke.Broersma.IS · February 9, 2021, 9:03am

Sonarsource removed this from the official extension because they do not believe in breaking your build. They believe only in pull request decoration.

jerry.brimacombe · February 9, 2021, 9:07am

How odd. You would think they would make it configurable so the choice was with the pipeline architects. For us it’s a hard quality gate. We don’t want the build to to progress if it fails at this point. I can see why others would have it different.

system · February 16, 2021, 9:08am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.