Overview

Merge and Pull Request analysis is available as part of Developer Edition and above.

SonarScanners running in GitLab CI/CD, Azure Pipelines, Cirrus CI, Bitbucket Pipelines, and Jenkins with a Branch Source plugin configured can automatically detect branches and merge or pull requests by using environment variables set in the jobs.

Automatic configuration is disabled if any branch or pull request properties have been set manually.

Failing a pipeline job when the Quality Gate fails

You can ensure your code meets your quality standards by failing your pipeline job when your Quality Gate fails.

With Jenkins, you can suspend pipeline execution until the analysis' Quality Gate status is known. See the Jenkins integration page.

With GitHub Actions, you can fail the pipeline job when the Quality Gate fails using the SonarQube Quality Gate Check Action.

With Bitbucket Pipelines, you can fail the pipeline job when the Quality Gate fails using the SonarQube Quality Gate Check Pipe.

For other CIs, you can use the sonar.qualitygate.wait=true analysis parameter in your configuration file. Setting sonar.qualitygate.wait to true forces the analysis step to poll your SonarQube instance until the Quality Gate status is available. This increases the pipeline duration and causes the analysis step to fail any time the Quality Gate fails, even if the actual analysis is successful. You should only use this parameter if it's necessary.

You can set the sonar.qualitygate.timeout property to the number of seconds that the scanner should wait for a report to be processed. The default is 300 seconds.

GitLab CI/CD

For GitLab CI/CD configuration, see the GitLab integration page.

GitHub Actions

For GitHub Actions configuration, see the GitHub integration page.

Azure Pipelines

For Azure Pipelines configuration, see the Azure DevOps integration page.

Bitbucket Pipelines

For Bitbucket Pipelines configuration, see the Bitbucket Cloud integration page.

Jenkins

For Jenkins configuration, see Jenkins.