- SonarQube version 188.8.131.52547
- Azure DevOps Server Version 17.143.28621.4 (2019 on premise)
- SonarScanner for Azure DevOps Version 4.21.0
- Mule SonarQube Plugin v1.0.4
We are attempting to test a quality gate failure to prevent pull request completion and merge, however our quality gate never seems to fail.
Rule we are attempting to violate:
- Code added which should trigger vulnerability:
- Quality gate shows 0 new vulnerabilities, meaning the gate responds passed:
- Therefore the quality gate is shown as passed in Azure DevOps (we have ALM integration set up).
However, due to adding code which should trigger the rule, we would expect the quality gate to fail with 1 new vulnerability. Can you see why this is not happening?