SonarCloud combine quality gate for new code and overall code does not work

Hello dear Sonar Team,

  • GitHub Enterprise
  • Azure DevOps
  • Scanner command should not be relevant
  • Languages of the repository: Scala
  • Private instance
  • We have a quality gate in place, that explicitly differentiates between New Code checks and Overall code checks, as we wanted to also improve the quality of the legacy code, especially for Security and Reliability rating. However the PRs are passing, even if I can see on the Overview tab, that the main branch analysis failed. My expectation would be that all Hotspot are being reviewed and the same with the Reliability. The Reliability Rating shows B, but the quality gate is configured to “worse than A”. We evaluate the status of the quality via the GitHub check.
    The quality gate for new code is working as expected, for example when code coverage is below the configured threshold.

Do I have wrong expectations?


Hey there.

On Pull Requests, only the conditions targeting New Code are checked. It doesn’t seem fair to prevent merging a PR because of an issue that might have existed in the repo for years (introduced by another developer).

If you set conditions on Overall Code, which apply to your long-lived branches (and especially your main branch), it will be a normal occurence that PRs have a passing QG while your main branch has a failing QG until you fix the issues plaguing your main branch.

Hey @Colin - I did some testing again today and I just came here to answer my own question:

Conditions on Overall Code

Conditions on Overall Code apply to long-lived branches only.

Thanks for your answer, I was overlooking that and hoped we can easily improve our legacy code base as well.


1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.