Pipeline getting successful even if Quality Gate failed

Hello,

I am using sonarqube in azure pipeline and having below configuration

steps:
          - task: SonarQubePrepare@6
            displayName: 'Prepare code for SonarQube analysis'
            inputs:
              SonarQube: 'Sonarqube'
              scannerMode: 'Other'
              projectKey: 'storeline-adaptor'
              extraProperties: |
                sonar.qualitygate.wait=true
          - task: Gradle@2
            env:
              username: $(nexus_creds_usr)
              password: $(nexus_creds_psw)
            inputs:
              gradleWrapperFile: 'gradlew'
              tasks: 'clean build'
              sonarQubeRunAnalysis: true
              testResultsFiles: '**/TEST-*.xml'

          - task: SonarQubePublish@6
            displayName: 'Publish code analysis from SonarQube'
            inputs:
              pollingTimeoutSec: '300'

I can see the pipeline build is still completing all tasks even if quality gates get failed. I can see in docs that although we can use sonar.qualitygate.wait=true in analysis step but it’s not recommended. Also I can see in some other posts that Failing pipeline is supported in PR merge but not in main branch push. Doesn’t it defeat the purpose of integration ?

Honestly I didn’t get any clarity on this yet even after going through multiple posts. Could someone please help me understand - whether it’s recommended to terminate build pipeline on quality gate failure or not ?

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension): * Enterprise Edition v9.9.9
  • how is SonarQube deployed: zip, Docker, Helm
  • what are you trying to achieve: I am trying to fail the build pipeline when code pushed in main branch to origin and Azure CICD get trigerred
  • what have you tried so far to achieve this: I have implemented pipeline, it triggers Prepare, Analysis and publish report but don’t fail pipeling even if quality gate is failed.

Thanks,

Hey there

Can you try formatting it like this instead?

steps:
          - task: SonarQubePrepare@6
            displayName: 'Prepare code for SonarQube analysis'
            inputs:
              SonarQube: 'Sonarqube'
              scannerMode: 'Other'
              projectKey: 'storeline-adaptor'
              extraProperties: 'sonar.qualitygate.wait=true'

Hi Colin, Thanks for your response.

Shouldn’t it be default feature as that’s the reason we are using sonar integration in CI/CD ? I read here in docs that it should be used only when necessary. What exactly does it mean ? is it not recommended ?

Integrating Sonar into your CI/CD ensures every commit gets analyzed. That doesn’t mean every build must fail on a failing quality gate. If you’d like to read a very old (somewhat outdated) blog post on this, here you go! (this one might be worth a read as well).

That said – it’s up to you.