QUALITY GATE details
Sonar way (default)
Conditions
Conditions on New Code
Conditions on New Code apply to all branches and to Pull Requests.
Metric Operator Value Coverage is less than 80.0% Duplicated Lines (%) is greater than 3.0% Maintainability Rating is worse than A(Technical debt ratio is less than 5.0%) Reliability Rating is worse than A(No bugs) Security Hotspots Reviewed is less than 100% Security Rating is worse than A(No vulnerabilities)
Issues:
Sometimes sonar report doesnot show all the conditions of quality gate for branches
Same for main branch:
sometimes, it shows all conditions for branch
Script used to fetch and print report in Github actions workflow logs:
#!/bin/bash
set -a
echo 'FETCH QUALITY GATE STATUS'
# Extracting branch name and assigning it to a variable
CURRENT_BRANCH=$(echo "$CURRENT_BRANCH" | sed 's/refs\/heads\///')
echo "Current Branch: $CURRENT_BRANCH"
api_url="https://server.com/api/qualitygates/project_status?branch=$CURRENT_BRANCH&projectKey=$SONAR_PROJECT_KEY"
echo "API called: $api_url"
response=$(curl -s --cacert /etc/ssl/certs/CA1.crt \
-u $SONAR_TOKEN: \
$api_url)
status=$(echo "$response" | jq -r '.projectStatus.status')
report=$(echo "$response" | jq '.')
echo " "
echo "Report:"
echo "$report" | jq -r '.projectStatus | "\(.conditions[] | "Metric: \(.metricKey)\nStatus: \(.status) (Actual: \(.actualValue), Threshold: \(.errorThreshold)) \n ")"'
if [ "$status" == "ERROR" ]; then
echo "QUALITY GATE FAILED😭. PROJECT STATUS: $status"
echo "INFO: If you want to still merge this Pull Request, please take exceptional approval from DEV Leads"
exit 1
elif [ "$status" == "OK" ]; then
echo "QUALITY GATE PASSED😎🎉. PROJECT STATUS: $status"
else
echo "Please re-run. Couldn't fetch status😅, PROJECT STATUS: $status"
exit 1
fi
