Why SonarQube is not Scanning YAML Configuration file in spring boot

We are using 9.7 version of SonarQube Enterprise and i’m trying to scan my Java Code and we have YAML Config and we’re trying to scan those files but for some weird reason YAML Files are not being scanned.

We can see quality profile for YAML and JSON but no rules. I get that you’re indexing YAML and JSON for Terraform and Cloudformation Scanning but it would be nice to have feature like yaml analyzer plugin inbuilt so yaml configuration can be scanned.

Hey there.

You somewhat answered your own question – your YAML configuration files aren’t being analyzed because they are only indexed in the context of IaC scanning.

You might find a community-supported plugin like this one (GitHub - sbaudoin/sonar-yaml: SonarQube plugin to analyze YAML files) useful for scanning generic YAML files.