I need help on how Sonar Cloud analyzes pull Requests?. Does it analyses only the files changed in the pull request or it analyses complete project.?
When analyzing a pull request you will see only data about the new code (it’s the code that changed in this pull request).
You can find more information about this in our documentation about Pull Request Analysis.
Thanks for your response. But it didn’t happen in our case.
i created a branch pull request was performed after code analysis it analysed the code and gave 24 bugs . After successful merging branch was deleted later i had another issue which require a fix so i had a local branch i committed a the fix and pushed the code it again showed same analysis as previous.
Can you please suggest what went wrong.
The SCM data is used to know what code is new or not, so depending on the branch you used I guess you could get some unexpected results.
It’s hard to help with so few information. If you project is public could you share the PR and analysis results you are talking about ?
Or if it’s private code could you share a reproducer ?
Gregoire our project is private let me share PR screen shots which i guess would help you out.
When ever we send the pull request it shows analysis of complete branch rather than the files changed.
I’m sorry but I can’t help on your issue with just this… And those two screenshots are the same no ? They have the same analysis date…
Could you share a reproducer of your issue ? That we could have access to ? It’s most probably a configuration problem…
Those screen shots are not same they are of pull request of same project with different branches. SonarCloud instead of analyzing impacted files in pull request it analysed complete project.
Gregoire Can you please help us out what type of configuration issue it might have.
Maybe you sent the wrong one, I see the same branches name, analysis date and pr number in both screenshots, anyway I doubt those screenshots will be helpful.
Like I said before, I need to know more about your case to be able to help you… The best would be to have public reproducer so that we can investigate…
Is your “develop” branch (target of your PR) correctly analyzed ?
What ALM do you use ?
What CI do you use ?
What’s your configuration for the SonarCloud analysis ?
Do you have logs of those analysis ?
LEt me answer your questions
- Branch was correctly analysed but it analysed complete project rather than PR files.
- We Use AzureDevops
- Azure CI
Let me attach complete Logs of CI Build plus PR files and Sonar Analysis6_Prepare analysis on SonarCloud.txt (1.9 KB) 9_Run Code Analysis.txt (32.6 KB) 10_Publish Quality Gate Result.txt (982 Bytes) .
I would suggest if we could have a video conference on this to analyse it completely.
Looking at the logs you just provided everything seems fine.
There is only one explication for your problem: the develop branch is not correctly analyzed, either there is no lines of code in it or just a few line.
You have to make sure your pipeline and a new SonarCloud analysis is triggered for develop every time something is merged on it.
This is already being done. But still pull request does not analyse only files part but it analyse complete project.
Can you tell me the number of lines analyzed in your develop branch versus in your PR ?
You can see this in the measure page of SonarCloud in the “Size” section, like here:
Attached is the list line of code analysed in PR
Here is an example of another issue PR contains very little files but it analyses complete project. Your prompt response shall be highly appreciated on this issue.
Ok thanks, can you tell me which one is the “develop” branch ?
Just to clarify a few things when analyzing a project/branch/PR:
- The analysis in itself: that is done by your CI and that always analyze everything, because a change in a file could impact how we analyze another file that might not have been changed in your pull request.
- The analysis report: that is the view you can see in SonarCloud with the result and the different metrics.
For a long living branch (your develop, or master): it shows the metrics related to all analyzed files.
For a pull request: it shows only metrics on new lines, that means all the lines that have changed or been added compared to the target branch of the PR in SonarCloud.
So you won’t be able change the way the analysis on the CI side is done, it will always analyze everything.
And regarding the report, if the analysis result of your develop branch in SonarCloud shows 5K lines and you trigger a PR analysis of 45K lines that target this develop branch, you will see 40K new lines in the PR analysis report.
Both pull request are merged into the development branch.
Thanks a lot for your support and help things are now clear to me.