1

I want to setup one build automation environment, in which code should be statically analysed first, and the issues which are identified as part of static analysis should be raised as bugs.

for static analysis, I am using sonarQube and for bugs, I am using Bugzilla.

Is there some Bugzilla plugin are available for sonarQube, So that once issues are identified they can be directly raised to Bugzilla?

Dheeraj Arya
  • 71
  • 1
  • 6

1 Answers1

4

Not only is this not available, it's not recommended, for a couple of reasons.

First, not every issue raised by SonarQube should be an individual work ticket:

  • some will be resolved as Won't Fix - i.e. valid issues but not relevant for your context.
  • some issues can be handled en masse, so rather than creating a ticket per, say, naming convention violation, you would create one ticket to fix all naming convention violations
  • some - very few - tickets will be false positives.

Further, even if there were a SonarQube plugin to create work tickets for issues, the other side of the integration would be missing. I.e. if I comment on a work ticket in Bugzilla, I might reasonably expect that comment to show up in SonarQube as well. And it wouldn't.

In short, this type of integration would be an exercise in frustration for all involved - either immediately or eventually.

G. Ann - SonarSource Team
  • 22,346
  • 4
  • 40
  • 76