{"id":11713,"date":"2016-02-11T17:26:57","date_gmt":"2016-02-11T17:26:57","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/?p=11713"},"modified":"2019-02-14T17:36:20","modified_gmt":"2019-02-15T01:36:20","slug":"use-sonarqube-quality-gates-to-control-your-visual-studio-team-services-builds","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/use-sonarqube-quality-gates-to-control-your-visual-studio-team-services-builds\/","title":{"rendered":"Use SonarQube quality gates to control your Visual Studio Team Services builds"},"content":{"rendered":"<p><span style=\"color: #ff00ff\">Note: a more recent documentation is available from <a href=\"http:\/\/docs.sonarqube.org\/display\/SCAN\/Analyzing+with+SonarQube+Extension+for+VSTS-TFS?src=breadcrumbs-parent\">Analyzing with SonarQube Extension for VSTS\/TFS<\/a><\/span><\/p>\n<p>In Visual Studio Team Services and Team Foundation Server you can cause a build to fail if the code does not meet the conditions imposed by a SonarQube quality gate. This post describes how to configure this when using SonarQube 5.3 and earlier, and discusses other related issues:<\/p>\n<ul>\n<li><a href=\"#failing_the_build\">Failing the build on quality gate violations with SonarQube 5.3 or later<\/a><\/li>\n<li><a href=\"#earlier_versions\">Failing the build when using earlier versions of SonarQube<\/a><\/li>\n<li><a href=\"#pr_builds\">SonarQube analysis and \u201cpull request\u201d builds<\/a><\/li>\n<li><a href=\"#analysis_versioning\">The default quality gate and changes to the project version<\/a><\/li>\n<\/ul>\n<p><a><\/a><\/p>\n<h3>Failing the build on quality gate violations with 5.3 or later<\/h3>\n<p>The build task \u201cSonarQube for MSBuild \u2013 Begin Analysis\u201d in Team Services and TFS has a new option: break the build when the quality gate associated with the SonarQube project is not met. You need to use a SonarQube server version 5.3 or later for this. This was possible with older versions of SonarQube only by using the \u201cBuild Breaker\u201d plug-in. In the new \u201cSonarQube for MSBuild \u2013 Begin Analysis\u201d build task, you can set the <strong>Fail the build on quality gate failure<\/strong> checkbox when you are using SonarQube 5.3 or later.<\/p>\n<p><img decoding=\"async\" width=\"762\" height=\"403\" class=\"alignnone size-full wp-image-11714\" alt=\"Fail the build on quality gate failure (SQ 5.3+) checkbox\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/02\/14.png\" \/><\/p>\n<p>Setting this option causes the \u201cSonarQube for MSBuild \u2013 End Analysis\u201d task step to fail if the quality gate associated with the project fails; which, in turn, causes the entire build to fail and generate a SonarQube quality gate error message.<\/p>\n<p><a href=\"https:\/\/devblogs.microsoft.com\/wp-content\/uploads\/sites\/6\/2019\/05\/26.png\"><img decoding=\"async\" width=\"676\" height=\"80\" class=\"alignnone size-full wp-image-11724\" alt=\"2\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/02\/26.png\" \/><\/a><\/p>\n<p>Note that, even though version 5.2 and later of SonarQube allowed some processing to take place by on build agent in order to improve performance, the quality gate check is part of the server-side processing. Therefore, you will see a minor effect on overall build performance when you use this option because the task has to wait for server-side processing to complete so that the quality gate can be evaluated.<\/p>\n<p><a><\/a><\/p>\n<h3>Failing the build when using earlier versions of SonarQube<\/h3>\n<p>Depending on the version of SonarQube you are using, consider the following options for causing the build to break when the quality gate fails:<\/p>\n<ul>\n<li><strong>SonarQube 4.x<\/strong>: you can install and use the SonarQube \u201cBuild Breaker\u201d plug-in.<\/li>\n<li><strong>SonarQube 5.2<\/strong>: you should upgrade to SonarQube version 5.3 or later. Architectural changes in version 5.2 mean that the \u201cBuild Breaker\u201d plug-in cannot be used.<\/li>\n<\/ul>\n<p>Ideally, you should upgrade to SonarQube 5.3 or later.\n<a><\/a><\/p>\n<h3>SonarQube analysis and \u201cpull request\u201d builds<\/h3>\n<p>Team Services and TFS can be configured to initiate a build whenever a pull request (PR) is submitted. However, we <strong>do not<\/strong> recommend you perform a SonarQube analysis in a PR build\u00a0because the SonarQube task will upload analysis results to SonarQube for code that has not been (and may never be) checked in.<\/p>\n<p>However, you can use build break option as part of a continuous integration (CI) build that is initiated in response to changes in your branch, as well as for manually triggered and scheduled run builds.<\/p>\n<p><em>Note: We are currently working on a separate feature that will integrate code analysis into PR builds without the undesirable side-effects.<\/em><\/p>\n<p><a><\/a><\/p>\n<h3>The default quality gate and changes to the project version<\/h3>\n<p>SonarQube quality gates may use baselines related to a specific project version. For example, the default quality gate in SonarQube 5.3 states that the project should:<\/p>\n<ul>\n<li>Have a code coverage on new code greater than 80%<\/li>\n<li>Have no new blocker or critical issues on new code<\/li>\n<li>Have a Tech Debt ratio on new code greater than 5<\/li>\n<\/ul>\n<p>There are all relative to the previous version of the project as defined in the build task settings:<\/p>\n<p><a href=\"https:\/\/devblogs.microsoft.com\/wp-content\/uploads\/sites\/6\/2019\/05\/34.png\"><img decoding=\"async\" width=\"255\" height=\"123\" class=\"alignnone size-full wp-image-11734\" alt=\"3\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/02\/34.png\" \/><\/a><\/p>\n<p>Changing the product version number will create a new baseline to compare with. If done too soon, it will prevent the proper operation of the quality gate and consequent build failure &#8211; which may result in lack of control of your overall code quality and technical debt. Typically, you should avoid changing the project version more often than is necessary.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Note: a more recent documentation is available from Analyzing with SonarQube Extension for VSTS\/TFS In Visual Studio Team Services and Team Foundation Server you can cause a build to fail if the code does not meet the conditions imposed by a SonarQube quality gate. This post describes how to configure this when using SonarQube 5.3 [&hellip;]<\/p>\n","protected":false},"author":194,"featured_media":45953,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[253,229,1,249],"tags":[],"class_list":["post-11713","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure-devops-server","category-community","category-devops","category-open-source"],"acf":[],"blog_post_summary":"<p>Note: a more recent documentation is available from Analyzing with SonarQube Extension for VSTS\/TFS In Visual Studio Team Services and Team Foundation Server you can cause a build to fail if the code does not meet the conditions imposed by a SonarQube quality gate. This post describes how to configure this when using SonarQube 5.3 [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/11713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/194"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=11713"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/11713\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/45953"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=11713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=11713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=11713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}