Not all quality gate metrics are given via SonarQube API

Hi,

we had configured a quality gate with 8 conditions in total (4 conditions for new code & 4 conditions for overall code).

But if we want to include the information in GitLab via SonarQube API call xxx/api/qualitygates/project_status?projectKey it only shows 7 metrics (I guess ‘new_security_hotspots_reviewed’ is missing.)

Is there a bug?

We are using Enterprise Edition v10.6 (92116).

Thanks for any hints.

Greetings,
Eva

Hey @Eva

What’s probably going on is that if you have 0 new security hotspots… it’s not possible to calculate what percentage of new security hotspots are reviewed, because you’d be dividing by zero.

I don’t disagree that it’s confusing, and I wonder what would make sense for you to appear in the API response for measures that aren’t calculated due to a situation like above.

1 Like

The metric ‘new_security_hotspots_reviewed’ is given in percentage of reviewed security hotspots on new code. I assumed that 100.0 % is the success rate if …
a) no security hotspot has to be reviewed
b) all pop-up security hotspots were reviewed

Or?

My assumption is:
If I configure 8 conditions, I want to get 8 measurements for those metrics (could be also 0 :wink: ) including the status OK or ERROR for the metric.

1 Like

Thanks Eva for bringing this to our notice. Will look into it.