Configure External Analyzer Rules

Using Azure DevOps

We have 2 analysers added to our dotnet core projects (c#):

  <ItemGroup>
    <PackageReference Include="SonarAnalyzer.CSharp" Version="8.2.0.14119">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
    </PackageReference>
    <PackageReference Include="StyleCop.Analyzers" Version="1.2.0-beta.113">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
    </PackageReference>
  </ItemGroup>

We also have a code analysis ruleset set up and configured. We’ve built the code to leave just two warnings behind as a test.

SonarCloud is setup to run on our PRs.

All working fine and we get an analysis but every possible rule is being applied so lots of issues.

Is there a way to ensure that the local code analysis ruleset gets imported as we cannot deactivate external analyser rules from the admin settings and I don’t want disable the all client side rules as these need to be enforced along with any SQ rules.

For example, the following gets reported by Sonar Cloud but is not one of our active rules:

Code Smell: Using directive should appear within a namespace declaration ([external_roslyn:SA1200])

How we continue to use the imported rosyln rules along with the correct ruleset?

Hello,
And welcome to the community forum!

It’s not possible to configure external analyzers ruleset from inside SonarCloud. So your external analyzers should be configured so that in the generated report (that you pass to SonarCloud) only the errors from rules that you want to activate are present.
SonarCloud just imports every external analyzers errors that are inside the report that this analyzer generates.