Implement a policy/rule that allows just certain developers (security champions) to be able to unlock builds blocked by quality gates applying issues as false positives

alisha_kumar · April 16, 2021, 5:42am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Community Edition
Version 7.9.4
what are you trying to achieve
We would like to implement a policy/rule that allows just certain developers (security champions) to be able to unlock builds blocked by quality gates applying issues as false positives.
Now, as it is, any developer can do it.

We would like to know about what is the policy/rule would be implemented and who will be responsible to make such changes in sonarqube.

We have checked Issues | SonarQube Docs , but no received the outputs as per our requirement.

Colin · April 16, 2021, 7:18am

Hey there.

The Administer Issues permission is probably what you’re looking for, a project-level permission that can be configured by project administrators. See more in the documentation on Security.

alisha_kumar · April 19, 2021, 1:38am

Thanks for the information.

We will try to implement the changes in sonarqube and the outcomes will be shared.