I need to stop an Azure DevOps pipeline when the SonarQube “Code Analysis” fails to meet certain criteria or metrics.
So far I configured the pipeline so the following stage depends on the previous job, however, since the SonarQube Analysis succeeds (if it finds duplicated code/code smells/etc, it won’t stop, just report it), the pipeline just continues, thus, the stage is successful.
Here is part of the yml file and we are using SonarQube Developer EditionVersion 8.9.2 (build 46101).
stages:
- stage: Sonarqube
jobs:
- job: analysis
displayName: "Sources analysis"
steps:
- task: SonarQubePrepare@5
displayName: Preparing Sonar
inputs:
SonarQube: $(serviceConnection)
scannerMode: 'CLI'
configMode: 'manual'
cliProjectKey: $(Build.Repository.Name)
cliProjectName: $(Build.Repository.Name)
cliSources: '.'
- task: SonarQubeAnalyze@5
displayName: analysis
- task: SonarQubePublish@5
- stage: RunTests
dependsOn: analysis
...
I think there must be a way to ask if the SonarQube analysis found any code smells or something of the sort and after that, make the condition based on that.
Edit: I found a couple of extensions that allows to “break” the pipeline based on certain policies that can be configured within the yml file. I’m still looking for a “native” way to configure this.