SonarCloud should block Gitlab MR from merging if SonarCloud quality gates failed

Ajinkya · October 16, 2024, 10:48am

ALM used (GitLab)
CI system used (GitLab)
Scanner command used when applicable (gradle sonar -Dsonar.token=$SONAR_TOKEN -Dsonar.organization=$SONAR_ORGANIZATION -Dsonar.projectKey=$SONAR_PROJECT_KEY)
Languages of the repository: Gradle Kotlin Java 17
Error observed (Quality gates fail in SonarCloud and a comment is added to Gitlab MR with results, but the MR is still allowed to be merged)

We want to block the MR merge if the SonarCloud Quality gates fail.

I have attached a Screenshot for your reference.

Also it would be great to have a detailed MR decorations for Gitlab

Best Regards,
Ajinkya

ganncamp · October 17, 2024, 12:52pm

Hi Ajinkya,

Based on the docs, I’m wondering if you’ve set allow_failure: true:

It is also possible to allow a job to fail without impacting the rest of the CI suite with the allow_failure: true parameter of GitLab CI. The failing job won’t stop the pipeline but will be displayed as in a warning state.

It seems like unsetting that should get the result you’re after.

HTH,
Ann

Ajinkya · October 18, 2024, 8:25am

Hi @ganncamp ,

Thanks for the reply
I tried your suggesstion of adding the

I am still getting an option to merge the MR with a warning on the Pipeline results

I have attached a screenshot for your reference.

I would like to block anyone from merging the MR if the Sonarcloud quality gate fails

Please let me know how can I enable that on my current pipeline

Also below is the code snippet for my Gitlab CI

variables:
  SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
  GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task

stages:
  - build
  - test
  - code_quality

build_project:
  image: gradle:jdk17
  stage: build
  tags:
    - cibuild
  script: 
    - gradle clean build
  only:
    - merge_requests
    - master
    - branches
  artifacts:
    paths:
      - builds/demo/demo-sonar-test/libs/

test_project:
  image: gradle:jdk17
  stage: test
  tags:
    - cibuild
  script: 
    - gradle test
  only:
    - merge_requests
    - master
    - branches  
  artifacts:
    paths:
      - builds/demo/demo-sonar-test/test-results/
    when: always 

sonarcloud-check:
  image: gradle:jdk17
  stage: code_quality
  tags:
    - cibuild
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - gradle sonar -Dsonar.token=$SONAR_TOKEN \
      -Dsonar.pullrequest.key=$CI_MERGE_REQUEST_IID	\
      -Dsonar.pullrequest.branch=$CI_COMMIT_REF_NAME \
      -Dsonar.pullrequest.base=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME --info > log.txt
  artifacts:
    paths:
      - log.txt
    expire_in: 1 week
  only:
    - merge_requests
    - master
    - develop
  allow_failure: true

Best Regards,
Ajinkya

ganncamp · October 18, 2024, 12:56pm

Hi Ajinkya,

My point was not to add this, if that’s what you did. But that setting this option would allow merge of an MR that fails the Quality Gate. You should make sure this is not set.

And then I suppose the missing piece is this (again from the docs):

To enable this feature, you can set the sonar.qualitygate.wait=true parameter

HTH,
Ann

Topic		Replies	Views
How to block the merge of Merge Requests when SonarQube Quality Gate is failed, with GitLab Guides sonarqube , gitlab , pull-request	0	12830	January 31, 2020
Sonarcloud not blocking MR on gitlab even if the sonar scan is not passed SonarQube Cloud scanner , sonarqube-cloud	7	19	December 23, 2024
SonarQube/GitLab Integration: Set merge request approval SonarQube Server / Community Build sonarqube , scanner	4	66	September 9, 2024
Unable to Interrupt Gitlab Pipeline if Quality Gate Fails SonarQube Cloud gitlab , node , sonarqube-cloud	2	4090	October 25, 2020
GitLab + SonarCloud Java SonarQube Cloud java , gitlab	2	1437	December 13, 2021

SonarCloud should block Gitlab MR from merging if SonarCloud quality gates failed

Related topics