- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Using SonarQube 10.0.0.68432
- how is SonarQube deployed: zip, Docker, Helm
local install from zip file.
- what are you trying to achieve
I need to obtain a csv/xlsx from issues list with rule-names and other info, for discussing scope of orders (i.e. what my customers want me to fix, and what they don’t care about).
- what have you tried so far to achieve this
I connect to SonarQube’s database (postreSql) to query for issues and related data, like their rule’s name, and the locations of findings.
The problem is, that many findings in the database do not seem to show up in the web interfaces.
My select is the following:
select r.name,c.path||' '||i.line as "location",i.status,i.resolution,i.severity,i.effort,r.language from issues i,rules r,components c where i.rule_uuid=r.uuid and i.component_uuid=c.uuid order by r.priority desc,r.name asc,r.language asc,c.path asc, i.line asc,i.effort asc;
This select currently gets 171666 of results for the code base, but if I pick a more or less random line from that result, and look into the source file (and line) using the sonarqube web interface, then it often just doesn’t show anything on that file/line, except that I see the culprit that correctly triggered the rule.
In other cases, It finds the same rule applying multiple times on the same file and line, but with varying values for the estimated effort. The source code only has one such spot in that line, though.
Given that the issue actually matches the source code, I wonder why those issues are not displayed in the browser - selecting that file and scrolling to the respective line, I see the culprit triggering the issue, but no markup about that particular issue.
Is there some extra column in the db scheme that would determine whether it is displayed?
To me it looks like the db-query is correct, but the web interfaces filters the results shown by no-idea-what. (all these issues I’m looking for are still “OPEN”, btw.)