which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Developer EditionVersion 8.2 (build 32929)
Azure DevOps Server - Version Dev17.M153.5
what are you trying to achieve
When PullRequest Triggers SonarQube Scan it returns the quality gate status along with Bugs,Code Smells, Security Hot Spot, Vulnerabilities details back into PullRequest’s Overview page.
What we trying to achieve is :
We don’t want “code smells” to get logged here in PullRequest’s OverView page. We still have it in Sonarqube dashborard and developer can go and review that in sonarqube dashboard if any “code smells”
We log other issues in PullRequest’s overview page as it is except “code smells”
We still want to log everything in sonarqube dashbord but selective about what we want to be displayed in PullRequest’s overview page.
- what have you tried so far to achieve this
Currently unable find any options to achieve this. Are there any options available through which we can tell sonarqube that only log selective issues (like only Bug, Security Hotspot displayed in PR and not Vulnerabilities and Bugs)
FYI, I’ve moved this to the ‘Suggest new features’ category.
Could you explain in a bit more detail what’s your use case and especially why you don’t want to see Code Smells in the PR overview (as I understand)?
I’m not sure I understand exactly what you mean by “We log other issues in Pull Request’s overview”, what do you mean?
@aurelie Sorry for the late response. When we enable PR decoration each code smell, Vulnerability are logged back in comment section of PR. If there 30 Code Smell, there are 30 entries in comment section. So it it possible to configure what we need in comment section , Example i need only Security Hotspot are logged back in PR comment section not code smell, This helpful for code reviewer to easily look at PR description to see what sonar scan results are… but when it lot many things it confuses code reviewer some times. I hope i explained better.
I understand thanks.
May I ask additional questions?
- Is your request only because when there are a lot of issues, it is confusing for the code reviewer to focus on the code to review ? Or is there another reason ?
- If you would not see the Code Smells in the PR overview, when and how would you fix the Code Smells ?
Thanks for the clarifications.
This is not possible right now neither on our roadmaps. We are eager to hear about other people’s feedback or interest on this point to consider it.
In the meantime, I would recommend to use SonarLint to be able to detect and fix the issue directly in the IDE before pushing the code, it would allow to decrease the issues in the PR.