Ansible code not detected in SonarQube 2025.1

pw_bil · February 20, 2025, 6:56am

Hi there,

I recently upgraded to SonarQube Enterprise 2025.1 which supports Ansible by default. However, when running an analysis on a repository hosting an Ansible playbook, the engine only detects YAML and nothing related to Ansible. I tried to update the source code to explicitly include a vulnerability covered by the 17 available rules for Ansible, but it does not get spotted.
I have checked the doc to see if there was specific requirements or settings for the Ansible language but could not find anything.

Any idea on what I might be missing here or on how to debug this issue ?

Thanks a lot.

Kind regards

Pierre

ganncamp · February 21, 2025, 1:03pm

Hi Pierre,

Welcome to the community!

I’ll start with the dumb question: are the appropriate rules enabled in your quality profile?

And can you share your analysis log?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

Thx,
Ann