1

According to the tutorial written on the sonarcloud blog (https://blog.sonarsource.com/integrate-sonarcloud-with-vsts-to-boost-code-quality) and the Azure DevOps lab (https://www.azuredevopslabs.com/labs/vstsextend/sonarcloud/) I should be able to use the outcome of the analysis as a qualitygate for my pullrequest. Unfortunatly this option does not appear when adding a new status policy.

The code has been analysed in the build and in the buildsummary you can see the outcome from sonarcloud.

The last thing I need to do is add it as an approval pull-request requirement.

Andries
  • 175
  • 1
  • 9
  • Do you mean that you could not see the SonarCloud / Quality Gate in the drop list while you add policy status. Could you add some screenshots details about this? – Mengdi Liang Jun 24 '19 at 12:15
  • @MerlinLiang-MSFT Yes, this is exactly what i meant. I'm not entirely sure what you want to see in the screenshot? Maybe this can help? – Andries Jun 24 '19 at 12:58
  • It's better to show the screenshots about the drop list. In addition, you have been execute the build which analysed the code once right? I ever meet your issue, that's caused by I never execute this build before, after I execute it, it displayed in the drop list. – Mengdi Liang Jun 24 '19 at 13:22
  • @MerlinLiang-MSFT I did run the build. And i do have results in sonarcloud and on the bottom of the buildsummary there is a topic "SonarCloud Analysis Report" where a "pass" or "failed" is shown. I want to know how this option was added to the dropdown list for adding a new status policy. Apparently it is not always added automaticly. – Andries Jun 25 '19 at 05:12

3 Answers3

1

After several attempts, changes and other setting tweaks i'd managed to get this operational. I think the problem was solved by creating a new personal access token with only the code read/write option selected. Now the sonarcloud decoration works (providing comments for codesmells) and the status policy is selectable in the branch security policy settings.

Andries
  • 175
  • 1
  • 9
1

If SonarQube is updating each time you run a build, but when you try to add a PR Status Check via AzDO you cannot see the 'SonarQube/quality gate' option appear in the dropdown list you must then enable 'PR Decoration'.

As a SQ Admin, go-to General Settings -> PR Decoration -> select the organisation URL and add the AzDO project name and repository name.

alv
  • 1,037
  • 12
  • 15
0

If anyone else is having this issue, I found the solution after some research.

Solution: To be able to select 'SonarQube/quality gate' on the branch policy, you need to run at least once the pipeline that checks your code through a PR.

In other words, add the check pipeline as part of the build validation to your PR policy, create a random PR and let it run. After that you will be able to select it in status check.

Credits to Mickaël Caro on this thread: https://community.sonarsource.com/t/azure-devops-pull-request-quality-gate-status-check/33957/14

Bruno R. Rodrigues
  • 48
  • 4