Unable to get the right severity of rules, for a given quality profile key

Hello,

first here is my Environment:

  • SonarQube Community 7.9.1 (via docker)
  • plugin C++ (Community):1.3.1
  • sonar-scanner 3.0.3.778 (not used here)

Error observed
the rules returned by the API rest api/rules/search are ok but their severity have the values read in the SonarQube interface

steps to reproduce

  • list the issues in the sonarqube dasboard
    select the rats repository
    note the severities (note: they have been modified in this example)

  • get this list by the api rest
    localhost:9000/api/rules/search?qprofile=AW_DzVUQchokphKZ5vLQ&f=name,severity&repositories=rats

Some values of severities (eg MAJOR) are not the values read in the sonarque interface (first step)

  • potential workaround
    I’ve done a backup of the Quality profile : the same severities as provided by the api rest are in the XML output file. So…No workaround by this way.
    FYI information I’ve put an issue in the cxx community issue tracker: it seems that the repository “valgrind” does not exist in SonarQube ( Issue 1793)

please provide suggestion to resolve this.

Thank you.

Hi,

For the record, the community C++ plugin isn’t supported here. However your question seems to be general, so…

It’s not clear to me what you mean by “in the interface”. Is it possible that what you’re seeing is the difference between the rules’ default severities and their activated severities in your profile?

 
Ann

Here is may be another more detailed example:

SonarQube interface = menu in the browser
I have only one rule activated in a given profile (ex: “rats:_cprintf”)
I can see this (severity MAJOR) rule in the browser, clicking only in the name of the quality profile:
http://localhost:9000/coding_rules?activation=true&qprofile=AW_M90DXwqWeLO4WzNs3

if I do a backup of the quality profile, I can check that the XML file contains only this rule.

Now, i want to use the Rest api:

http://localhost:9000/api/rules/search?qprofile=AW_M90DXwqWeLO4WzNs3&name

…and this command displays a lot of rules …but not the expected rule (“rats:_cprintf”)

So it is not a question od severity or default_severity but a bad performance of the api/rest (or of the results in the database ?).
But maybe I’ve done something wrong ?
Thank you…

Hi,

Since your query string doesn’t include &activation=true you’re getting a paginated list of all rules. The rule you expect is in page 2+.

 
HTH,
Ann

Hi (sorry for the delay),
Actually it was due to this missing parameter “=f=actives”

http://localhost:9000/api/rules/search?qprofile=AW_M90DXwqWeLO4WzNs3&activation=true&f=repo,name,severity,actives

I get then the default rule severity and the severity possibly changed into the Quality Profile.
Thank you