we are currently considering how we should update our Sonarqube Enterprise default settings such as the quality gate.
Starting in 2016 with only legacy projects, our default quality gate had only conditions on new code
Critical issues > 0
Blocker issues > 0
Major issues >0
Now we have 10 times more new projects and if they use the default quality gate all issues in the first analysis are hidden - the quality gate is SUCCESS, even if critical issues.
Therefore i don’t understand why the default Clean Code quality gate in Sonarqube 9.9 LTS and latest Sonarqube 10.4.1 has only on new code conditions.
To my understanding, i have to use on overall code conditions to make sure, there are no issues right from the start.
What’s the reason to have only on new code conditions ?
And my question to other users, what’s your default quality gate ?
The idea behind having only new code conditions in the SonarWay quality gate is that this enables developers to focus on their recent code changes (and associated debt).
However, with the first analysis, I see that we need a better solution.
Can you share what your New Code Definition (NCD) on these new projects is?
our new code definition right now is for almost all projects:
all branches != main have the main branch as reference branch
the main branch itself has previous version
But in the future we will provide provisioning services with flexible options for project settings.
At the moment we are reviewing global settings, quality gates, quality profiles and new code.
We started with legacy projects in 2016, but now we have many more new projects starting from scratch.