CODEWITHSUNDEEP
mavensonarqube
revau.lt
revau.lt

Reputation: 2714

Configure Sonar sonar.issue.ignore.multicriteria through maven

I'm using a local instance of Sonar without a centralized infrastructure. In order to keep the configuration of my project in the pom.xml, I want to configure the project through maven and not through the Sonar UI. For me this has the advantage of keeping things in one place and other developers don't have to configure their local Sonar instance, just unpack and play.

The doc on howto configure the sonar.exclusions property through maven is readily available but the format for sonar.issue.ignore.multicriteria is unclear.

How can you configure sonar.issue.ignore.multicriteria through maven?

Upvotes: 20

Views: 24688

Answers (2)

Shaikh Mohib
Shaikh Mohib

Reputation: 288

Suppress the sonar warnings from the sonar.gradle file for the android project.

Add this property on sonar.gradle file.

   property "sonar.issue.ignore.multicriteria","e1"
    property "sonar.issue.ignore.multicriteria.e1.ruleKey","xml:S5604"
    property "sonar.issue.ignore.multicriteria.e1.resourceKey","**/AndroidManifest.xml"

This is mainly for the android read and write permission security hotspots on sonarqube server.

Make sure path is perfect otherwise it would not work. Prefer this link for path. https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/

Upvotes: 0

revau.lt
revau.lt

Reputation: 2714

After stepping through the code the format is:

<properties>
        <sonar.issue.ignore.multicriteria>e1,e2</sonar.issue.ignore.multicriteria>
        <sonar.issue.ignore.multicriteria.e1.ruleKey>squid:S00100</sonar.issue.ignore.multicriteria.e1.ruleKey>
        <sonar.issue.ignore.multicriteria.e1.resourceKey>**/*Steps.java</sonar.issue.ignore.multicriteria.e1.resourceKey>
        <sonar.issue.ignore.multicriteria.e2.ruleKey>squid:S1118</sonar.issue.ignore.multicriteria.e2.ruleKey>
        <sonar.issue.ignore.multicriteria.e2.resourceKey>**/PropertyPlaceholderConfig.java</sonar.issue.ignore.multicriteria.e2.resourceKey>
</properties>

The keys e1,e2 can be chosen arbitrarily as long as they are used with .ruleKey and .resourceKey in the depending properties.

The same works for sonar.issue.ignore.block:

 <sonar.issue.ignore.block>e1</sonar.issue.ignore.block>
 <sonar.issue.ignore.block.e1.beginBlockRegexp>@SonarIgnore</sonar.issue.ignore.block.e1.beginBlockRegexp>
 <sonar.issue.ignore.block.e1.endBlockRegexp></sonar.issue.ignore.block.e1.endBlockRegexp>

Upvotes: 32

Related Questions