Block "sonar.issue.ignore"

hello :slightly_smiling_face:

is possible to block " sonar .issue .ignore" ? because in our team some developers use the igore rule property for “pass the validation”, we need block this feature in sonar, because we dont trust in dev team.


Welcome to the community!

I suppose you’ve not granted your developers access to the Administer Issues permission because you don’t trust them with that either?

Honestly, if you don’t trust your developers… this whole thing is a losing game. You should get developers you do trust.

First, it’s not possible to block the use of analysis properties, either individually or on the whole. You would have to lock them out of both the CI/CD build configuration and out of modifying the project files, e.g. that contribute to analysis configuration. In most SCMs it’s going to be difficult to do that while allowing them to retain the permissions to actually… do their work.

IMO, you should

  • start trusting your developers or hire developers you can trust
  • have a conversation with your developers about why they want to suppress issues, when it’s appropriate to do so, and what the appropriate mechanisms for that are
  • grant Administer Issues permissions to your developers so they don’t have to resort to shenanigans like configuring issue exclusions, and can instead use the - trackable - mechanisms built into SonarQube for suppressing individual issues, i.e. marking issues Won’t Fix or False Positive
  • and maybe even review the Quality Profiles with your developers to make sure you’re all on the same page about which rules are applied during analysis and why.