Hello,
We manage our sonarqube quality gates using terraform, but we are running into issues with the Clean as You Code feature concept. It is causing our terraform workflow to not work as expected.
We are unable to customize the quality gate for multiple projects on new code with terraform.
We would like to be able to add conditions to the quality gate on new code through terraform.
Version 9.9
Any guidance would be appreciated,
Thanks
Hey there.
Can you demonstrate the issue you’re getting when you try to customize the quality gate through terraform?
Here is the terraform manifest I use to create a quality gate called “test” which should have ONLY one condition on new code: code coverage of 60%.
terraform {
backend "pg" {}
required_providers {
sonarqube = {
source = "jdamata/sonarqube"
}
}
}
data "sonarqube_project" "project" {
project = "projet-key-id"
}
resource "sonarqube_qualitygate" "test" {
name = "test"
is_default = false
}
resource "sonarqube_qualitygate_condition" "test-coverage" {
gatename = sonarqube_qualitygate.test.id
metric = "coverage"
threshold = "60"
op = "LT"
}
resource "sonarqube_qualitygate_project_association" "test" {
gatename = sonarqube_qualitygate.test.id
projectkey = data.sonarqube_project.project.id
}
And below is the result after applying terraform. As you can see, default conditions have been added and the coverage is 80% on New Code. This is not what I want. I would like to get just one condition on new code when I apply terraform.
I have to manually remove those conditions and I want to disable the Clean as You Code feature/not have default conditions in the first place.
The new default clean as you code profile for quality gates prevent us from using terraform to manage quality gates with terraform code
Just a quick bump on this.
Hey there.
Please don’t bump threads after such a short time (especially after a weekend).
It’s not possible to configure whether or not those default conditions are added. You may want to reach out to the maintainers of the terraform provider if you think something should be changed here: GitHub - jdamata/terraform-provider-sonarqube: Terraform provider for managing Sonarqube configuration
Thank you for your response. We understand that the default conditions added by the “Clean as You Code” feature cannot be configured. However, we would like to explain the challenges this is causing and request consideration for reverting or providing an option to disable this feature.
Our organization manages SonarQube Quality Gates using Terraform to maintain consistency and automation in our infrastructure. The addition of default conditions by the “Clean as You Code” feature has created complications in our workflow. When we create a Quality Gate using Terraform with custom conditions, the default conditions are automatically added, which do not align with our organization’s requirements. This forces us to manually remove these conditions, negating the benefits of automation provided by Terraform.
We understand that the “Clean as You Code” feature is intended to encourage best practices and improve code quality. However, each organization has unique requirements and practices that might not necessarily align with the defaults provided by SonarQube. Allowing users to opt-out or configure the default conditions would enable organizations like ours to benefit from both the “Clean as You Code” feature and our existing Terraform-based workflow.
We kindly request that you consider providing an option to disable the “Clean as You Code” feature or allow users to configure the default conditions. This change would greatly improve the usability of SonarQube for organizations like ours that rely on automation tools like Terraform to manage our infrastructure.
Thank you for your understanding and consideration of our feedback. We believe that SonarQube is a valuable tool for maintaining code quality, and we hope that addressing this issue will further enhance its usability for a wider range of users and workflows.
Hey @ryancurrah
I appreciate your feedback. And – in the short-term (because I do not think we will change anything regarding the default conditions for now), I would really recommend reaching out to the maintainer of the terraform provider, who may be able to add a feature that would remove the conditions on a new Quality Gate (or allow them to be overridden.
Hello Ryan,
Thank you for your detailed feedback.
I am curious about your specific project needs and why Clean as You Code is not suitable for your use case. Will you please help me understand this more?
Sorry for the late reply @vivek.reghunath, I just saw it today.
The current metrics defining “clean code” are misaligned with the specific standards we are aiming to establish within our company.
This mismatch has unfortunately resulted in a series of unhelpful UI hints appearing in our system, which have been causing confusion among our developers. The hints are not reflective of the standards and expectations we have set, making them more of a hindrance than a help at the moment.
We would like to retain the autonomy to define what constitutes “clean code” according to our company’s guidelines. This way, we can avoid unnecessary distractions and maintain a focused and coherent approach to code quality.
I appreciate your understanding and am open to further discussing how we can better align this feature with our internal objectives.
Hello, Vivek,
While I appreciate your trying to understand the reasoning behind the requests not to use your “Clean as You Code” strategy, I would submit that the reasons are not relevant to the requests. The literal enforcement of this practice in the inability to, for example, designate a new default quality gate unless it conforms to this arbitrary standard is the problem. While I appreciate this strategy is a good one, and may, in some cases, be the superior strategy, that doesn’t make it right for SonarSource to, once again, literally enforce it on customers. We should be able to set up our quality gates as we choose, even if we want to set up a quality gate that enforces 50% code coverage and nothing else. Yes, I realize that is a bad idea, again, that is not the point. The point is that the customer should be free to do so, regardless of others’ ideas to the contrary.
I would like to add my voice to those requesting that this feature be configurable, and that we be able to once again decide our own strategies, however poor or different from your recommendations they may be.
Thank you,
Morgan Haldane
Hello Ryan,
Appreciate you I appreciate you taking the time to explain.
Just in case, you are not aware, with SonarQube 10.2, we removed some of the Clean as You Code warning messages (displayed widely before).
I am still very interested to know more about your definition of ‘clean code’ and what metrics you are targeting. Coverage and duplication remain configurable. For the rest, I am trying to understand why Quality Profile customization is insufficient for defining your clean code goals. Can you help me understand more?
Hello Morgan,
Thank you for the detailed feedback.
Can you help me understand the underlying need for greater flexibility with the Quality Gate conditions on the new code?
Considering:
Our key intention behind promoting the usage of Clean as You Code compliant Quality Gates is to make sure that the new and changed code is always ‘clean’. New code should be small in quantity and therefore small number of issues to address. This way the code base stays (and even improves) healthy over the long term. You don’t have to fix all the issues in the old code.
