Hi,
We’ve been using SonarCloud for non-Maven project successfully using Scan action + Quality Gate check action
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@v1.6
env: …
- name: SonarQube Quality Gate check
uses: sonarsource/sonarqube-quality-gate-action@master
env: …
When using the same approach for Maven project, the scan fails with a message Maven project detected. You should run the goal ‘org.sonarsource.scanner.maven:sonar’ during build rather than using this GitHub Action
The scan does complete successfully sonar-maven-plugin
However when using sonar-maven-plugin there is no feedback from the Quality Gates configured for the project.
Regardless of the number of new issues the message in the log is ANALYSIS SUCCESSFUL, you can find the results at:
Is there a way to break GitHub pipeline when using sonar-maven-plugin and new issues are found?
If not, is it possible to bypass a “Maven project” check and do a code scan using SonarCloud Scan GitHub Action?
The objective is to have immediate feedback in the pipeline based on Quality Gates.
You can set the sonar.qualitygate.wait=true analysis parameter to break the pipeline when the Quality Gate fails.
And, when using GitHub and having your Pull Requests decorated by SonarCloud, we’d hope that the failing GitHub check is enough. Can you help us understand why it isn’t?
Thank you!
Using sonar.qualitygate.wait=true
generated the expected message in Sonar scan with the Maven Plugin Error: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project spring-petclinic: QUALITY GATE STATUS: FAILED - View details on
Without using sonar.qualitygate.wait=true
The scan completes regardless of the quality gates.
Attempting to use GitHub action to check the Quality Gates - name: SonarQube Quality Gate check uses: sonarsource/sonarqube-quality-gate-action@master
Doesn’t work because I suspect there is a dependency on running the scan with a GitHub action prior to that. report-task.txt Is not available when scan with maven plugin completes.
Message: Run sonarsource/sonarqube-quality-gate-action@master Run $GITHUB_ACTION_PATH/script/check-quality-gate.sh .scannerwork/report-task.txt .scannerwork/report-task.txt does not exist. Error: Process completed with exit code 1.