Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Quality gate does not fail in Pull Request #33

Open
timothyconnolly5 opened this issue Sep 6, 2021 · 0 comments
Open

Quality gate does not fail in Pull Request #33

timothyconnolly5 opened this issue Sep 6, 2021 · 0 comments

Comments

@timothyconnolly5
Copy link

Using:

  • SonarQube version 8.9.1.44547
  • Azure DevOps Server Version 17.143.28621.4 (2019 on premise)
  • SonarScanner for Azure DevOps Version 4.21.0
  • Mule SonarQube Plugin v1.0.4

We are attempting to test a quality gate failure to prevent pull request completion and merge, however our quality gate never seems to fail.

Rule we are attempting to violate:

image

Code added which should trigger vulnerability:

image

and you can see the validation result as false for the specific file in Azure DevOps logs (starting line 3162)

image

Quality gate shows 0 new vulnerabilities, meaning the gate responds passed:

image

Therefore the quality gate is shown as passed in Azure DevOps (we have ALM integration set up).
However, due to adding code which should trigger the rule, we would expect the quality gate to fail with 1 new vulnerability.

when doing overall code analysis on develop/master branches, the quality gate does successfully fail.

image

https://community.sonarsource.com/t/quality-gate-not-failing-in-pull-request/48754

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant