How to fail an Azure pipline on a failed Sonar quality gate

We are using

  • Developer Edition
  • Version 8.3.1 (build 34397)

We are moving our pipelines from Jenkins to Azure, Currently in Jenkins our pipelines correctly fail if the SonarQuality gate is not passed.
We are having problems replicate this in Azure
Our yaml looks like

- task: SonarQubePrepare@4
      SonarQube: 'Devlopment-Sonarqube'
      scannerMode: 'CLI'
      configMode: 'manual'
      cliProjectKey: ${{ parameters.sonarProjectKey }}
      cliProjectName: ${{ parameters.sonarProjectName }}
      cliSources: 'app'
  - task: SonarQubeAnalyze@4
  - task: SonarQubePublish@4
      pollingTimeoutSec: '300'

This works in the sense that we can see the see the code has been scanned and correctly failed in Sonar itself. But we want the pipeline to end at this point if it fails

I’ve seen others have had this problem, and have resulted in calling the rest API. Is this still the best method? E.g Something like

Hi @jerry.brimacombe,

Welcome to SonarSource community! :wave:

Are you able to still block merges if the quality gate fails? Perhaps these community guides will help:


Thank you for your replies - we will look to do this. It certainly seems like something we should do,
However, we really also just want the pipeline to fail. At the moment we have achieved this by calling the rest API - which works, but just seems on overly complex way of achieving something that would appear to be a standard requirement.

There are azure devops extensions in the marketplace that can achieve what you want.

Dear @Rouke.Broersma.IS ,
may you please elaborate the extension names which will help to fail the pipeline.

Thank you for the update. That would be perfect. However due to our security policy its very hard for us to get none official extensions approved for use.
In the end we solved this by calling the rest api (with curl), I’m still surprised their is not a way to directly do this with the official extensions.
Thank you all for your help.

Sonarsource removed this from the official extension because they do not believe in breaking your build. They believe only in pull request decoration.

How odd. You would think they would make it configurable so the choice was with the pipeline architects. For us it’s a hard quality gate. We don’t want the build to to progress if it fails at this point. I can see why others would have it different.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.