Programming language you’re coding in: Java / TypeScript
Is connected mode used:
SonarQube Server Enterprise Edition v10.7 (96327)
And a thorough description of the problem / question:
We are currently accessing or SonarQube Server via SoarQube Plugin for IntelliJ, however this only appears to check against the Quality Rule Set actively set for the project but does not check against any defined Quality Gates.
Would it be possible to add Quality Gate Check inside the plugin as well? Does SonarQube even have an API for this.
I’m happy to help implementing the feature, if you are interessted.
Thank you so much for this detailed feedback and for your kind offer to help, @Bardioc !
You’ve hit on a critical point regarding analysis consistency.
When running SonarQube for IDE in IntelliJ in Connected Mode, the plugin does use the same Quality Profile (ruleset) as your SonarQube server. However, to keep your IDE running fast, SonarLint performs a fast local analysis.
This necessary performance trade-off means resource-intensive checks, like Taint Analysis and SCA(Supply Chain Analysis), that are only executed by the full, deep analysis when you push your code to a branch or create a PR. So after they are found, you will actually see them in the IDE, as we are pulling these issues into SonarQube for IDE.
We recognize the pain point this analysis gap creates! This is valuable feedback, and we will absolutely be checking with the team to find ways to improve the coverage of our local analysis and enhance the visibility of those server-only issues (like Taint and SCA) directly within the IDE to bridge that gap.
Just for my understanding, the custom rules I set up in my SonarQube Server are not used by the SonarQube IDE Plugin for IntelliJ during coding, but only the built-in defaults? My custom rules only get evaluated during scanning on the server-side later?
how do I have to understand the statement from the documentation, that rules are taken from the server?
It would explain though, why I just spent 2h trying to figure out why my custom rules are not being used in my IDE. What makes it even more confusing is that I DO see my custom rules used in the hover-description, but apparently it is not used for validation.
e.g. I adjusted the test class name pattern but I can never satisfy the rule even though I already have
If that is really the case that custom rules are not used for validation, it’s going to be very hard to explain to our developer team of 20 people - getting an issue displayed even though I actually meet all the requirements is the least satisfying there is and doesn’t match “learn as you code” imho. I understand the performance bottle neck, but then at least don’t show me that my rule adjustment has been downloaded or maybe even the profile being used.
The only workaround is probably providing a local ruleset file, I guess?
