Managing Quality Profiles
Quality profiles are a key part of your SonarCloud configuration. They define the set of rules to be applied during code analysis.
Initially, in every organization, there is one quality profile available for each programming language that SonarCloud supports. This built-in profile, called Sonar way, is also set as the default that will be used in all new projects.
Though the Sonar way quality profile is suitable for most projects, there are cases where you may want to make adjustments. In those situations, an organization administrator can create a new quality profile for any language and either just make it available to projects or set it as the default for all new projects. At the project level, a project administrator can change the active profile for any language.
Defining new quality profiles for your organization
To create a new quality profile or change the default assigned to new project, you must be an organization administrator. You can make the changes in Your Organization > Quality Profiles.
You can create a new quality profile for a given language in multiple ways:
- Start with an empty profile and add the rules you want.
- Copy an existing profile and add and remove rules.
- Inherit from an existing profile and add rules to the child profile.
The recommended method is to create a new profile by inheriting from the built-in Sonar way profile. Since the built-in profile is not editable, inheriting from it allows you to take what we regard as the best starting point and fine-tune it by adding additional rules. It also means that the Sonar way profile becomes a baseline against which you can track your customized quality profile. Finally, with this approach, you can benefit from new rules as they are added to the central SonarSource rules repository (see below).
Updating profiles with new rules
From time to time SonarSource updates its rules repository. When new rules are released they will only be added automatically to the built-in profiles and those that inherit from built-in profiles. Custom profiles that do not inherit from built-ins need to be manually updated.
Setting the quality profiles for your project
To select a quality profile for your project from among those available in your organization go to Your Organization > Your Project > Administration > Quality Profiles.
You must be a project administrator to make this change.
Why multiple quality profiles?
Ideally, all of your projects will be measured with the same quality profile, but that is not always practical. In some cases, you may find that:
- You have different technical requirements from one project to another (different rules might apply to a threaded/non-threaded Java application)
- You want to ensure stronger requirements for some of your projects (internal frameworks, for example)
While it is recommended to have as few quality profiles as possible to ensure consistency across projects, you can define as many as are necessary to fit your specific needs.
Quality gates and SonarLint
If you are using the SonarLint IDE extension, your quality profiles will be taken into account during the in-IDE analysis; before you even commit any code at all. (This requires SonarLint connected mode).