Analyze whole project on GitLab Merge Request rather than just changed lines


So I understand that running sonarscanner from GitLab pipelines on merge requests will trigger a pull request analysis. (These pull request analysis only analyze new/changed code rather than the whole scope of code that’s analyzed on a regular branch analysis.)

We have had a few instances where we have new code smells post-merge (i.e Unused “using” should be removed) but nothing was picked up on the Merge Request analysis because the new/changed code was all OK.

Basically we want to run a full analysis on all code files when the pipeline is triggered by a merge request.

There’s no difference in the pipeline that gets run in the merge requests and on actual branches, the scanner somehow knows its a merge request and acts accordingly.

I have tried to overwrite the following analysis parameters to trick the scanner to think its not running on a merge request.

  • sonar.pullrequest.provider
  • sonar.pullrequest.branch
  • sonar.pullrequest.key

e.g. dotnet sonarscanner begin /k:$SONAR_PROJECT /v:$VERSION_NUMBER /d:sonar.token=$SONAR_TOKEN /$SONAR_HOST_URL /d:"sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml" /d:sonar.qualitygate.wait=true /d:sonar.qualitygate.timeout=1000 /d:sonar.junit.reportPaths=test/****.****.****.Tests,test/****.****.****.ApiTests /d:sonar.pullrequest.provider="" /d:sonar.pullrequest.branch=="" /d:sonar.pullrequest.key==""

This does not work - e.g. The format of the analysis property sonar.pullrequest.provider= is invalid
Maybe the scanner is picking up environment variables exported by GitLab. E.g. something from here

What do I need to do to get the scanner to run full analysis on merge/pull requests.

Catching these pre-merge is the only option for our workflow. And our automated ci/cd processes make it hard to run pipelines without them being on MR’s (i.e just on a branch). Our merge request pipelines actually run on what would be the result of the merge (merged_results_pipelines).

We are using SonarQube Developer Edition* Version 9.9 (build 65466).
We are using the .Net SonarScanner installed as a dotnet tool (dotnet-sonarscanner 5.14.0).
We are using a self-hosted version of GitLab.
We are using a docker executor GitLab runner.

Hey there.

Putting aside whether or not I think this is a good idea, the two variables that are checked in a Gitlab CI environment are CI_MERGE_REQUEST_IID and CI_MERGE_REQUEST_SOURCE_BRANCH_NAME. When these two are set, Pull Requests are automatically configured.