what are you trying to achieve
Trying to get the build in Azure DevOps pipeline to be clean and readable. And if we can, then one step better is that we can use our “warnings as errors” task to ensure builds with warnings aren’t considered “passing”.
We started using SonarQube in our Azure DevOps pipelines. While it’s added a lot of value there are a few false-positives that pop up. Within the SonarQube server there’s no issues marking them appropriately and getting the score needed, but the issue is the pipeline.
We have added what’s needed for the Sonarqube scan and also added the “build breaker” step. But we still need to make sure the rests of the tasks within the stage in our pipeline don’t have any issues. So we use the
BuildQualityChecks@6 step to do this. But the problem is that adding in SonarQube causes the new warnings to show up. They are the items we’ve marked as a false positive, have said we’re not going to fix, or in fact marked it as “safe”. Therefore, we had to disable the `BuildQualityChecks@6.
- what have you tried so far to achieve this
So far to achieve this we have disabled warnings in the code for those particular items. For some reason, this only seems to work on certain items.
For example, within the Startup.cs of one of the apps we have the line of code that enables the develop exception page.
But we have wrapped this in an if statement checking if the environment is the development environment. So this item pops up in SonarQube as “Insecure Configuration”, but we review it as “Safe”. Additionally, we have disabled that warning S4507 for the method. Yet this warning still shows up in the build. And it’s noisier as it shows up on both the build task and the task to run the unit tests.
What can we do to clean this up? It makes the pipeline screen far too noisy and it’s hard to tell if those are simply the warnings we can’t seem to get rid of.