Is there a functionality in Sonarqube to fail quality gate only for bugs with Severity blocker or critical and ignore all other bugs

SonarQube Version: Community Edition Version 7.8

what are you trying to achieve: We have a huge code and some existing bugs and vulnerabilities in the code and we are ignoring the existing issues

With the new code, we want quality gate to fail only if there are blocker or critical bugs.

Basically we are trying to ignore bugs with Severity info, minor and major.

what have you tried so far to achieve this: I have created the quality gate and integrated with the Jenkins Pipeline

Hi,

SonarQube 7.8 is past EOL and is no longer supported. You should upgrade at your earliest convenience:

7.8 → 7.9.4 → 8.4.1 (this last step is optional)

Regarding your Quality Gate, you can absolutely configure it based on issue severity, although I would suggest you focus on New Blocker and Critical issues.

 
Ann

Hi Ann,

Thanks for your quick response, we are planning to upgrade the SonarQube soon

Is there any document which I can refer for configuring quality gate based on issue severity, or at least can you run me through the steps.

Regards,
Mohammed

Hi Mohammed,

The UI should be pretty self-explanatory. Feel free to start new threads with any specific questions you have about it.

 
HTH,
Ann

Hi,

UI does not allow such detailed configuration of a quality Gate.

For example, with 8.5 you can create a new condition for Vulnerability above 0. But those vulnerabilities can be Minor, Major or Critical.

Is there any way to be more specific about the gates?

Regards

Hi @coldari,

Welcome to the community!

Sorry, we don’t define and collect metrics at that granularity.

 
Ann