We have got to the point where we can run the sonar alalysis via maven and our build system.
The problem is there is no connection with developers or the development process.
When the analysis runs, e.g. on your local dev machine or a pipeline which runs when you push a branch, you dont know if it passed or failed, or what the results were. Developer may or may not login to the sonar UI, but even if they do they just see the results from the latest run, which may or may not be their code - it could have been from someone else editing unrleated files from the same repo.
According to the marketing material, there are gates which would stop PRs being merged. Is this possible with bitbucket? If so, where is this documented?
We havent been able to find any mention of this, e.g. this doc: Bitbucket Cloud | SonarQube Cloud Documentation
Just stops at the point when the analysis is run, it doesnt say how gates can be setup or how the rules it applies (which we have seen so far are bad in terms of incorrect/obvious false positives).