We are using Azure DevOps Services for our CI/CD processes and SonarQube on-prem v24 as our code analysis tool.
We want SonarQube to prioritize the analysis when a Pull Request (PR) is created in Azure DevOps. To achieve this, we have added SonarQube build validations and status checks (SonarQube/quality gate) under "branch policies" in Azure DevOps.
When we create a PR, SonarQube successfully performs the analysis, and we can see the results in the SonarQube UI. However, in Azure DevOps, the SonarQube/quality gate status remains stuck in "waiting" and never completes:
I have checked:
The PAT token created in Azure DevOps is valid and has the required permissions.
In the SonarQube analysis pipeline, I tried adding the following parameters to the "Prepare analysis on SonarQube" step:
sonar.pullrequest.vsts.instanceUrl=$(System.TeamFoundationCollectionUri) sonar.pullrequest.vsts.project=$(System.TeamProject) sonar.pullrequest.vsts.repository=$(Build.Repository.Name)
Despite these configurations, the SonarQube/quality gate status in Azure DevOps remains stuck in "waiting".
Has anyone encountered this issue before, or does anyone have any suggestions for resolving it?
We are using Azure DevOps Services for our CI/CD processes and SonarQube on-prem v24 as our code analysis tool.
We want SonarQube to prioritize the analysis when a Pull Request (PR) is created in Azure DevOps. To achieve this, we have added SonarQube build validations and status checks (SonarQube/quality gate) under "branch policies" in Azure DevOps.
When we create a PR, SonarQube successfully performs the analysis, and we can see the results in the SonarQube UI. However, in Azure DevOps, the SonarQube/quality gate status remains stuck in "waiting" and never completes:
I have checked:
The PAT token created in Azure DevOps is valid and has the required permissions.
In the SonarQube analysis pipeline, I tried adding the following parameters to the "Prepare analysis on SonarQube" step:
sonar.pullrequest.vsts.instanceUrl=$(System.TeamFoundationCollectionUri) sonar.pullrequest.vsts.project=$(System.TeamProject) sonar.pullrequest.vsts.repository=$(Build.Repository.Name)
Despite these configurations, the SonarQube/quality gate status in Azure DevOps remains stuck in "waiting".
Has anyone encountered this issue before, or does anyone have any suggestions for resolving it?
Share Improve this question edited Mar 13 at 12:12 jonrsharpe 122k30 gold badges268 silver badges476 bronze badges asked Mar 13 at 12:08 osmancosmanc 415 bronze badges1 Answer
Reset to default 0From your current description, it is very much likely that you have setup an Status Check policy for your PR target branch, but haven't received any status updates yet. You didn't share the exact branch policy configuration, therefore we cannot know that for sure.
As outlined in this documentation:
The branch policy for external services enables third-party services to participate in the PR workflow and enforce policy requirements.
External services can use the PR Status API to post detailed statuses to your pull requests.
Based on the testing of my sample Sonaqube Check policy in Status Check configuration below, I was able to successfully post an iteration status to my pull request (216) using a local PowerShell script acting as an external service.
$anization = "MYOrgName"
$project = "TheProjectName"
$MyPat = 'xxxxxx'
$prID = 216
$headers = @{
'Authorization' = 'Bearer ' + $MyPat
'Content-Type' = 'application/json'
}
$URL = "https://dev.azure/$anization/$project/_apis/git/repositories/IssueRepro/pullRequests/${prID}/statuses?api-version=7.1"
$body = @{
"iterationId" = 1
"state" = "succeeded"
"description" = "SonarQube Check succeeded, approval from local PowerShell"
"context"= @{
"genre" = "SonarQube"
"name" = "quality"
}
} | ConvertTo-Json
Invoke-RestMethod -Method Post -Uri $URL -Headers $headers -Body $body
I recommend confirming with the person who set up the policy to check whether the external service outside Azure DevOps has posted a status to this PR. If necessary, you can manually post a status update using the PR Status API.