Start FreeLog in
SonarQube Cloud | Managing your projects | Administering your project | Setting up Clean as You Code

Setting up Clean as You Code

On this page

As a project administrator, you set up Clean as You Code in three steps: 

  1. You set the quality standard for your project.
  2. You set a new code definition.
  3. You set up pull request and branch analysis. 

Setting your quality standard

We recommend using the default Sonar way quality profile and quality gate. For details and configuration options, see the Quality profiles and Quality gates pages.

Setting a new code definition

This section describes how to set up a new code definition for your project. To learn about new code, see About new code.

For each project you create in SonarQube Cloud, you need to choose a new code definition (NCD).

New code definition configuration levels.
  • Organization level: Set a global new code definition for new projects at My Organization > Administration > New Code. What you define as new code at the organization level will then be used as the default setting for your new projects and only applies to new projects when they are first imported into the SonarQube Cloud organization.
  • Project level: Modify the new code definition for your existing project at My Organization > My Project > Administration > New Code. What you define as new code at the project level has priority over what is defined at the organization level.

Option-specific details

Previous version

Recommended for projects with regular versions or releases. Defines new code as any code that has changed since the most recent version increment of the project. 

The current version of a project is determined in different ways depending on the build system:

  • If the analysis is done using the SonarScanner for Maven, then SonarQube Cloud reads the version from the pom.xml file.
  • If the analysis is done with the SonarScanner for Gradle then SonarQube Cloud reads the version from the build.gradle file.
  • In all other cases, the version must be explicitly specified by setting the analysis parameter sonar.projectVersion.

Number of days

Recommended for projects following continuous delivery. Available at the global, project, and branch levels. Defines new code as any code that has changed in the last X days. 

For example, setting the Number of days to 30 creates a new code period beginning 30 days before the current date. If no action is taken on a new code issue after 30 days, this issue becomes part of the overall code.

The default value is 30 days, 7 or 14 days are other common values. The maximum possible value is 90 days.

Recommendations

  • We recommend completing your merges using the fast-forward option without a merge commit; examples include GitHub’s squash and merge or rebase and merge options. In this way, the blame for the merged commits will always have a more recent commit date.
  • While choosing an option, you should take into account your development context. If you're importing several projects at once (bulk project import) using the Web API, it's important to know about the new code definition options and how they affect your analysis results.

Setting the new code definition using the Web API

To use the Web API to set your New Code definition, you need to use an alternative endpoint, POST api/settings/set:  https://sonarcloud.io/web_api/api/settings?query=settings&deprecated=false

New code definition - API calls 

To set your new code definition, you need to make two separate API calls. You can choose one of the four NCD options listed below

Previous version
Previous version
First call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period

value: previous_version



Second call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period.type


value: previous_version

Specific version
Specific version
First call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period

value: <version>



Second call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period.type


value: version

Number of days
Number of days
First call
Endpoint                                                                               api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period

value: <number_of_days>



Second call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component: <project_key>

key: sonar.leak.period.type


value: days

Specific date
Specific date
First call
Endpoint                                                                           api/settings/set
MethodPOST

Parameters

component:  <project_key>

key: sonar.leak.period

value: <YYYY-MM-DD>



Second call
Endpoint                                                                                api/settings/set
MethodPOST

Parameters

component:  <project_key>

key: sonar.leak.period.type

value: date

Setting up the analysis

To learn how to set up analysis in your IDE and with SonarQube Cloud, refer to the following links: 


Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License