A quality profile rule seems ignored when analyses is done on Pull Request

Hi,

I run Sonar code analyses with the following setup:

SonarQube 8.9
Jenkins Pipelines
Java source code

While code analyses on PR work fine in most cases, we do experience issues when Duplicated Blocks on New Code are introduced.

According to our Quality Profile there should be an issue with Major severity and the quality gate check should fail, when duplicated block on new code is detected.

The ignored rule on PR analysis is:
Source files should not have any duplicated blocks

During PR analyses, Duplicated Blocks on New Code are detected and those code blocks are marked grey, the Percents of Duplicated Code are increased as well, but the issue is not recognised as Major, and as a result the Quality Gate is successful.

When the PR code is merged into the main branch, new Major issues (Duplicated Blocks on New Code) are registered and the Quality Gate fails as expected.

Could you please help to understand this different behaviour?

Thanks!
Luigi

We are currently looking into this issue.

Hi @luilomb ,

The reason that common-java:DuplicatedBlocks (or any other language’s similar rule) issues aren’t detected at PR analysis is that file-level issues (based on file-level rules like common-java:DuplicatedBlocks) cannot be raised due to issue detection algorithm changes since SonarQube 8.1 (see SONAR-12627). In other words, when running Sonar analysis on PRs, certain file-level rules like common-java:DuplicatedBlocks will not detect new “file-level” rules until they are merged into the PR’s target branch.

For now, I suggest utilizing the duplication density (the percent value on the SonarQube UI dashboard) for the PR and looking at the “Estimated after merge” value to see the true impact after the PR is merged into the main branch.

If you feel strongly about this feature, please visit our SonarQube Productboard portal where you can submit feature requests and observe our roadmap for features.

1 Like