Implementation of Mandatory SonarQube Report Verification Before Merging into Master Branch

Must-share information (formatted with Markdown):
Hi Team,
I’m using trail version of developer edition of Sonarqube- version and sonar-scanner-

My proposal is to implement a workflow where any code changes being merged into the master branch must first pass the quality gate checks set in SonarQube. This means that if any issues are flagged by SonarQube during code analysis, the merge process will be blocked until those issues are addressed and resolved.

To achieve this, we can configure Bitbucket branch permissions to require that the SonarQube quality gate status for a given branch be “passed” before allowing merges into the master branch. By doing so, we can ensure that only code meeting our predefined quality standards is merged into production, thereby minimizing the risk of introducing defects and vulnerabilities.

Could someone kindly suggest how we need to achieve it, or do we have any video links for step-by-step instructions? We will go through that.
Please help me on that.



Welcome to the community!

I’m not sure what the question is. Are you asking how to set up analysis? If so, the docs should help.