Implement a custom metric to use in Quality Gate checks

Just_some_guy · November 25, 2020, 1:24pm

Hello everyone,

I’m using SonarQube v.7.9.1 and I wanted to ask if it’s possible to define a custom metric to use in my Quality Gates.

For example I’d like to check if:
Vulnerabilities / (Vulnerabilities + Bugs + Code Smells) * 100
is less than X%.

Is it possible to implement something like that inside a Quality Gate condition?

Thanks to everyone that will answer.

Colin · November 25, 2020, 2:25pm

Hey there.

The answer is no.

Can you explain why such a metric would be useful (or more useful than the other metrics available?)

Colin

Just_some_guy · November 25, 2020, 2:32pm

Hi Colin, thanks for your quick answer.

Such metric could be useful because it’s one of the 5 OWASP’s KPI for Web Application Security, called “Security to Quality Defect Ratio”.

You can see it at page 18 of this deck of slides:

Just_some_guy · January 27, 2021, 5:39pm

Is it possible to define the custom metric implementing a SonarQube plugin?

I’m asking again because of this answer given by G Ann Campbell to a similar request: Monitoring custom metrics of a Project - #2 by ganncamp

Thank you

Topic		Replies	Views
Using custom metrics in quality gates Plugin Development	1	551	August 23, 2020
Add Metrics from custom plugin in QualityGate New Code section Plugin Development kotlin , java	6	512	October 6, 2023
Metric or Plugin for My Custom Measure Writing rules	1	617	July 15, 2019
Define Quality Gate with bug percentage? SonarQube Server / Community Build	2	1090	July 4, 2019
Help Quality Gates SonarQube Server / Community Build	2	552	January 7, 2020