We are using SonarQube 8.9.6 in our organization. We have created custom quality profile from existing java quality profile and customised it by making certain changes in rules.
For an example, we have modified severity of one rule in code smell from
However, we still see rule’s severity as
Critical only in sonar scan job. Due to this undesired behaviour, our sonar job is getting failed and not giving expected outcomes.
Rule of code smell in question:
Please help us to understand why SonarQube is not considering updated severity of rule during sonar-scan job.
Whatever is generating your summary isn’t native to SonarQube (and I don’t recognize it from any community integrations I know). What are you using to generate it?
Hi @Colin ,
The major concern here is about severity of rules. Even though we have modified severity of the rule from
Major, SonarQube still considers as
Critical and due to that job is getting failed.
[INFO] Report status=failed, desc=SonarQube reported QualityGate is ok, with 7 ok, 184 issues, with 4 critical (fail) and 44 major and 8 minor and 128 info
You can update the severity of existing rules in the SonarQube UI (assuming you have Administer Issues permission).
And, if this integration still doesn’t reflect the updated issue severity – you’ll need to take it up with the maintainers of this integration. For example – if they are relying on the default severity of the rule, that could cause an issue.