Quality Gate is Passed even after having bugs in Code

amit.saurabh · June 25, 2021, 10:26am

Template for a good bug report, formatted with Markdown:

Versions used (SonarQube, Scanner, Plugin, and any relevant extension)
Error observed (wrap logs/code around triple quote ``` for proper formatting)
Steps to reproduce
Potential workaround
Scanner command used when applicable (private details masked)
In case of SonarCloud:
- ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
- CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI, Jenkins, other)

when we are scanning code in SonarQube using default quality gate, the reliability metrix shows that there are 15 bugs and rated it as E, But quality gate is passed.

Whereas in threshold it has been mentioned that Reliability Metrix should be worse than A for default quality gate.

As you can see that quality gate is passed but we have 15bugs in code.

And as per the screen shot reliability is set to A for default quality gate.

Carine_Bayon · June 25, 2021, 12:26pm

Hi @amit.saurabh

Can you confirm the version of SQ you are running (written in the footer of your SQ homepage)?
And send a full screenshot of your project?

Looks like there is nothing called “New Code” on your project hoempage, whereas your Quality Gate is focusing on Bugs on New Code only.

Thanks,
Carine

amit.saurabh · June 25, 2021, 3:00pm

Hi @Carine_Bayon ,
we are using SoanrQube 7.9.3 Enterprise edition. our concern is when we are analyzing code for the first time then sonarqube should consider our code as new code and if we have bugs in our code then our quality gate should fail. But our quality gate is passed even our code have bugs.

Regards,
Amit

amit.saurabh · June 30, 2021, 6:33am

Hi @Carine_Bayon,

Do you have any additional information related to this, it would be great if we can get some more clarification on this.

Thanks,
Amit

Carine_Bayon · July 1, 2021, 1:44pm

Hi @amit.saurabh
sorry, I was really busy these last days
First time you scan = Baseline for the analysis = Overall code
All the scans after = New Code (see here and here)
https://docs.sonarqube.org/latest/project-administration/new-code-period/

If you re-analyse your code and add a new bug in it now, you’ll fail the QG.

Carine

bsmith · November 10, 2021, 10:13pm

I’m having the same issue in my environment as well. My scan results have a Reliability result of a C but the Quality Gate says it passed just like the screenshots in the original post. I’m being asked to get the report to show that it failed and the C rating for the Bugs category and I’m at a loss. How can I get the results to show this as a Failure?

I’m using SQ Enterprise 9.1 build 47736.

Thanks,
Brent

bsmith · November 10, 2021, 10:40pm

I just created a custom Quality Gate that was scoped to Overall code rather than New code and that showed me what I was looking for. So much to learn…

Brent

Topic		Replies	Views
Quality gate passes on new code, although new code has issues SonarQube Server / Community Build sonarqube , scanner , q_gate	4	1544	November 17, 2021
Quality gate condition on new code doesn't reflect in scanning SonarQube Server / Community Build	5	643	September 15, 2022
SonarQube Clean As You Code and Quality Gates SonarQube Server / Community Build	4	960	August 6, 2021
Quality gate passed, even when the coverage didn't pass the threshold SonarQube Cloud javascript , coverage , sonarqube-cloud	7	1656	December 26, 2021
Always getting quality gate passed SonarQube Server / Community Build sonarqube	1	3095	March 7, 2019

Quality Gate is Passed even after having bugs in Code

Related topics