Stop SonarQube blocking PR merge when encounter blocker or critical issues

pull-request
sonarqube

(Hou Wang) #1

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) 7.2.1
  • what are you trying to achieve: stop SonarQube block PR merge when there is blocker or critical issue
  • what have you tried so far to achieve this: adjust the severity of rules, but we are ignoring some of the severity of issues

Hi I am configuring SonarQube to work on a iOS repository, and it is blocking PR merge when it founds blocker or critical issue, but most of times they are false negatives (because the team was using a different coding style from SonarQube swift). However we don’t want to totally ignore those issues.

Therefore is there a way to turn off PR blocking feature? I was going through admin pages but didn’t find a way to do it.


(G Ann Campbell) #2

Hi,

First, I’m not aware of PR analysis actually being able to “block” merge in any SCM. This has to be policy or procedure introduced on your side.

That said, there are a few ways to make a red PR green again

  • fix the issue (this is obvious, but I’m obliged to mention it)
  • update the relevant quality profile and reanalyze (you touched on this)
  • mark the remaining issues False Positive / Won’t Fix. Unfortunately, this a “totally ignore” option, which is not what you want
  • confirm the remaining issues. PRs are red when there are Open issues. Acknowledging them in this way moves them out of the Open status without completely losing sight of them.

HTH,
Ann


(Alain O'Dea) #3

EDIT: my response below is a misconception from not reading G. Ann Cambpell’s response above thoroughly. Ignore this and read that.

The Quality Profile lets me activate or deactivate rules, but I can’t see a way to have it still do analysis to find issues, but not post a failed commit check.

Is that in Quality Gates instead? If I set my Quality Gates to F across the board, will it stop posting failed commit checks.

This is mainly a serious problem, because our PR analysis isn’t honoring the base branch we set in sonar-scanner:


(G Ann Campbell) #4

Hi,

I don’t fully understand the question. Analyses raise issues based on the rules in the applicable quality profiles. PRs and short-lived branches with Open issues will show a red status. I believe I described pretty thoroughly in my previous response how to flip that red to green.

 
Ann


(Alain O'Dea) #5

Thank you. That does clarify things. I thought it might work that way. With your reply to my other question, I think I can push this back to developers to confirm or fix their issues to get this to go green.