Creating a custom Quality Profile in line with your organization’s code quality standards is very important.
To start, navigate to the Quality Profiles menu at the top of your browser. From here you can decide if you would like to create a Quality Profile from scratch or modify an existing profile.
- To create a profile from scratch:
- Click the Create button at the top right of this page.
- Choose the name for your profile and the language you would like to associate it with.
- To modify an existing profile:
- Click the settings icon next to the Quality Profile you would like to modify
- Choose Copy (Self-Hosted CodeScan users will need to log into SonarQube as an Administrator)
- Choose the name for your profile
This will bring you to the page showing the breakdown of you new Quality Profile including how many Bugs, Vulnerabilities and Code-Smells are activated.
To the right of this you will see the projects that are using this quality profile.
Clicking Activate More will take you to the Rules List. It will be filtered on the left by rules for the same language that are inactive in the current profile.
Add the rules to your quality profile by clicking the Activate button next to that rule. This can also be done on the rule's detail page by clicking on the rule name.
When you click Activate you will be able to choose the Quality Profile to assign it to, the Severity level of the violation and configure any parameters the rule may have. In the below example, suppressUnitTestViolations determines whether this rule is applicable in unit tests.
To remove rules from this profile, change the filter on the left to show rules that are inactive and use the Deactivate buttons.
A good Quality Profile utilises the rules you want enforced at the severity levels you set to provide an accurate overview of the health of your code base as soon as you open your project. The amount of rules to be enforced is also a factor. If a Quality Profile has too many violations, they may be ignored and seen as annoying. Too few rules and important issues may slip past. It is very important to find a balance between the two.
Once you have created your custom quality profile, you will need to assign projects to use it. This can be done by setting is as the default Quality Profile (via the settings icon in the Quality Profiles list) or assigning it directly to a project via the project's Administration > Quality Profiles menu.
Done! Your next scan will use your new custom Quality Profile!