We recently configured SonarQube to analyse our project builds (using on-premise Azure DevOps) and it’s great to see the results. In an ideal world our developers would get to see the SonarQube issues on their machine before check-in. We have a very large codebase, consisting of 15-20 solution files, with each solution containing tens of projects (c# and VB.net). We have a single SonarQube project covering our entire codebase.
I’ve downloaded and installed SonarLint on my machine, and configured a connection to or SonarQube server. I opened one solution and did a bind to our SonarQube project. It checked-out all the project files in the solution and added a ruleset file. Is this correct? Is there a way to create a global ruleset that we can use from all our projects?
If I right-click in solution explorer and choose “Analyse and Code Cleanup/Run code analysis” the results seem a bit hit and miss. Am I doing something wrong? Is there a web page that describes the best way to setup and integrate with a large codebase?
UPDATE: I’ve read through https://jira.sonarsource.com/browse/MMF-1267. I’m using connected mode, I don’t have nuget analysers installed. That issue refers to “A second stage will be stop generating a ruleset file per project, but instead just to set the ruleset property in the project file to point directly to the solution-level ruleset file”. Has this second stage been done? It seems that every time I open a solution I’m prompted by SonarLint “One or more rulesets are out of data or not linked to the SonarQube quality profile ruleset…”. If I click update then a ruleset is added for each project file, which I’m trying to avoid.