Quality gate with condition of New code coverage passes after re-running the pipeline through gitlab

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    Community Edition Version 8.9.6 (build 50800)
  • what are you trying to achieve
    I believe, it is a default behavior of sonarqube as while we rerun the pipeline, sonarqube considers the job being run on a newer code which has no change with code that was scanned previous time, therefore pipeline pass saying 0 lines to cover in New Code. But the code was not newer in reality, thus we expect sonarqube check to fail again.

When a Quality Gate fails due to condition on coverage of new code, it should show status as FAILED if we trigger the sonar scan pipeline another time.

  • what have you tried so far to achieve this
    So far, We have checked that version in each activity is set as the job id of the gitlab pipeline and we are using ciricihq/gitlab-sonar-scanner image to run the scan. So not sure how the version is set also, not sure if changing the leak period using sonar.properties file will help.

Hey there.

It looks like you’re passing a new sonar.projectVersion to SonarQube on each run, which when using the default New Code Period of “Previous Version” will reset the New Code Period with each run. You may want to choose a different New Code Period.

Hey @Colin
Thanks for replying. I am not sure how sonar.projectVersion is passed with a new value on each run. That might be default behavior of gitlab-sonar-scanner but I did try to custom set this value in properties file, still the run is getting passed when scan is re-run.
And I am positive about the properties file getting applied to the scan since other attributes work as expected like sonar.exclusions.

I would suggest you move over to the officially supported way to run analysis in GitLab CI/CD, documented here.

GitHub - ciricihq/gitlab-sonar-scanner: This project is no longer maintained looks quite old, and may be passing version information on each scan.