Qodana 2024.1 Help

Inspection profiles

Inspection profiles configure inspections, file scopes that these inspections analyze, and severities. Using inspection profiles, you tell Qodana about a scope and methods of inspection.

Qodana profiles

Out of the box, you can employ these Qodana profiles:

Profile name

Description

How to configure

qodana.starter

The default Qodana profile, subset of the qodana.recommended profile

No configuration is required

qodana.recommended

Implements default profiles of JetBrains IDEs like IntelliJ IDEA and others. Contains inspections for critical or severe issues in the codebase. Does not perform style checks and ignores non-critical folders like tests

See Set up a Qodana profile

Both profiles are hosted on GitHub, so you can learn them in details.

You can override these profiles as explained in the Custom profiles section.

Set up a Qodana profile

This section shows how you can apply the qodana.recommended profile.

YAML file

The qodana.yaml file is the universal configuration method that you can use across all software products.

  1. In the root directory of your project, create the qodana.yaml file.

  2. In the qodana.yaml file, save the following configuration:

    version: "1.0" profile:     name: qodana.recommended

JetBrains IDE

If you have already configured the qodana.yaml file, you can skip this step and run Qodana. Otherwise, follow this procedure.

  1. In your IDE, navigate to Tools | Qodana | Try Code Analysis with Qodana.

  2. In the profile section of the Run Qodana dialog, replace this block:

    profile:   name: qodana.starter

    with:

    profile:   name: qodana.recommended
    Configuring a Qodana profile
  3. In the lower part of the dialog, check the Save qodana.yaml to project root option.

  4. Click Run for inspecting your code using the qodana.recommended profile.

GitHub Actions

If you have already configured the qodana.yaml file, you can skip this step. Otherwise, you can configure the Qodana Scan GitHub action as shown below.

  1. On the Settings tab of the GitHub UI, create the QODANA_TOKEN encrypted secret and save the project token as its value.

  2. On the Actions tab of the GitHub UI, set up a new workflow and create the .github/workflows/code_quality.yml file.

  3. To inspect the main branch, release branches and the pull requests coming to your repository, save this workflow configuration to the .github/workflows/code_quality.yml file:

    name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.1 with: args: --profile-name,qodana.recommended env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}

    Here, the line --profile-name option specifies the qodana.recommended profile.

Local run

If you have already configured the qodana.yaml file, you can skip this step. Otherwise, you can use --profile-name CLI option to configure the qodana.recommended profile.

docker run \ -v $(pwd):/data/project/ \ -e QODANA_TOKEN="<cloud-project-token>" \ jetbrains/qodana-<linter> \ --profile-name qodana.recommended
qodana scan \ -e QODANA_TOKEN="<cloud-project-token>" \ --profile-name qodana.recommended

Custom profiles

You can create your own profile either by overriding the existing Qodana profiles or creating it from scratch. Currently, Qodana supports the following formats:

Set up your profile

After you created your own profile, you can specify a relative path to the file containing it. The recommendation is to store custom profile configurations inside the .qodana directory of your project root because Qodana does not analyze this directory.

YAML file

The qodana.yaml file is the universal configuration method that you can use across all software products.

  1. In the root directory of your project, create the qodana.yaml file.

  2. In the qodana.yaml file, save the following configuration:

    version: "1.0" profile:     path: .qodana/<custom-profile.yaml>

JetBrains IDE

If you have already configured the qodana.yaml file, you can skip this step and run Qodana. Otherwise, follow this procedure.

  1. In your IDE, navigate to Tools | Qodana | Try Code Analysis with Qodana.

  2. In the profile section of the Run Qodana dialog, replace this block:

    profile:   name: qodana.starter

    with:

    profile:   path: .qodana/<custom-profile.yaml>
    Configuring a Qodana profile
  3. In the lower part of the dialog, check the Save qodana.yaml to project root option.

  4. Click Run for inspecting your code using the qodana.recommended profile.

GitHub Actions

If you have already configured the qodana.yaml file, you can skip this step. Otherwise, you can configure the Qodana Scan GitHub action as shown below.

  1. On the Settings tab of the GitHub UI, create the QODANA_TOKEN encrypted secret and save the project token as its value.

  2. On the Actions tab of the GitHub UI, set up a new workflow and create the .github/workflows/code_quality.yml file.

  3. To inspect the main branch, release branches and the pull requests coming to your repository, save this workflow configuration to the .github/workflows/code_quality.yml file:

    name: Qodana on: workflow_dispatch: pull_request: push: branches: # Specify your branches here - main # The 'main' branch - 'releases/*' # The release branches jobs: qodana: runs-on: ubuntu-latest permissions: contents: write pull-requests: write checks: write steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} # to check out the actual pull request commit, not the merge commit fetch-depth: 0 # a full history is required for pull request analysis - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.1 with: args: --profile-path,.qodana/<custom-profile.yaml> env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}

    Here, the line --profile-path option specifies the relative path to the profile.

Local run

If you have already configured the qodana.yaml file, you can skip this step and run Qodana without additional configuration options. Otherwise, you can use the --profile-path option to specify the relative path to the directory containing the profile.

docker run \ -v $(pwd):/data/project/ \ -v $(pwd)/.qodana/<custom-profile.yaml>:/data/project/myprofiles/<custom-profile.yaml> \ -e QODANA_TOKEN="<cloud-project-token>" \ jetbrains/qodana-<linter> \ --profile-path /data/project/myprofiles/<custom-profile.yaml>
qodana scan \ -v .qodana/<custom-profile.yaml>:/data/project/myprofiles/<custom-profile.yaml> \ -e QODANA_TOKEN="<cloud-project-token>" \ --profile-path .qodana/<custom-profile.yaml>
Last modified: 17 May 2024