Sonarcloud quality gate failed, but pr mergable

anthony.house.dat · August 7, 2024, 5:19pm

Hi team,

I am experiencing an issue with getting Sonarcloud to fail a PR in GitHub when a quality check fails. Sonarcloud correctly reports that there has been code added that is a duplication of other code. However, the CI reports that it is successful and allows a merge. The Sonar code analysis has been set up to be required to pass in the settings of the repo.

Here is the failure message in GitHub

And here is the CI results

ALM used: GitHub
CI system used: GitHub Actions
Languages of the repository: Java
SonarCloud project is private
Steps to reproduce
- duplicate a controller in a backend repo to trigger sonarcloud’s duplication logic to execute
- submit a pr with duplicate code
- All tests will pass and allow merge, but sonarcloud will report a quality gate failure

anthony.house.dat · August 7, 2024, 5:23pm

Note: Sonarcloud does have access to all of our private repos.

anthony.house.dat · August 7, 2024, 7:59pm

I finally figured out what the issue was. We are using the gradle plugin and a dockerfile to run the scan. I had to add the property -Dsonar.qualitygate.wait=true. This waited for sonar to return the quality gate and fail the build.

RUN --mount=type=secret,id=sonarToken,target=/run/secrets/sonarToken,required=true \
    --mount=type=secret,id=githubToken,target=/run/secrets/githubToken,required=true \
      SONAR_TOKEN=$(cat /run/secrets/sonarToken) \
      GITHUB_TOKEN=$(cat /run/secrets/githubToken) \
     ./gradlew sonar \
    -Dsonar.pullrequest.key=${PR_KEY} \
    -Dsonar.pullrequest.branch=${PR_BRANCH} \
    -Dsonar.pullrequest.base=${PR_BASE} \
    -Dsonar.pullrequest.provider=github \
    -Dsonar.qualitygate.wait=true

system · August 14, 2024, 8:00pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.