We are using 9.7 version of SonarQube Enterprise and i’m trying to scan my Java Code and we have YAML Config and we’re trying to scan those files but for some weird reason YAML Files are not being scanned.
We can see quality profile for YAML and JSON but no rules. I get that you’re indexing YAML and JSON for Terraform and Cloudformation Scanning but it would be nice to have feature like yaml analyzer plugin inbuilt so yaml configuration can be scanned.
Hey there.
You somewhat answered your own question – your YAML configuration files aren’t being analyzed because they are only indexed in the context of IaC scanning. 
You might find a community-supported plugin like this one (GitHub - sbaudoin/sonar-yaml: SonarQube plugin to analyze YAML files) useful for scanning generic YAML files.
Hello team,
After installing yaml analyzer plugin recently we are noticing issue reporting in the project.
scanned after installing the plugin https://github.com/sbaudoin/sonar-yaml/releases/download/v1.9.1/sonar-yaml-plugin-1.9.1.jar
we have 7.7k issues reported.
Thank you in advance for your response.
Regards
Shivashree
Please do not bump old threads. Create a new one if needed.
