Branch analysis contains warnings about the target branch set in "new code"

liortal53 · September 22, 2022, 1:09pm

We are scanning a C# (.NET) based project using branch analysis, getting warnings for each scan.
SonarQube version: 9.6.1 (build 59531)

When executing the scan using the SonarScanner for MSBuild (triggered from TeamCity), seeing these warnings in the UI (even though we did not run the scan as a PR decoration):

Could not find ref ‘refs/heads/integration’ in refs/heads, refs/remotes, refs/remotes/upstream or refs/remotes/origin. You may see unexpected issues and changes. Please make sure to fetch this ref before pull request analysis and refer to the documentation.

Failed to report status to Devops platform: couldn’t get the branch details. Contact your SonarQube administrator to check the server logs.

New Code is set to “reference branch” for our project, and i believe that it’s results are not correct, not sure if these warnings are related to the problem or not. In any case i would be to understand if there’s anything not set up right with out SonarQube instance.

ganncamp · September 22, 2022, 5:36pm

Hi,

Could you check scanner context (Project Settings → Background Tasks → [cog menu] → Show Scanner Context) for your most recent analysis and see if any PR-related parameters were passed in the analysis?

Ann

liortal53 · September 22, 2022, 5:44pm

This resulted in a very long list, anything in particular i should be looking for ?

ganncamp · September 22, 2022, 5:55pm

Hi,

From the docs:

sonar.pullrequest.key
'sonar.pullrequest.branch`
'soanr.pullrequest.base`

From our own internal server’s background task, I see
sonar.analysis.prNumber (this appears in the context of PRs and not of branches). Generally, we’re looking for something that could have misled SonarQube that it was a PR rather than a branch analysis.

Speaking of which, are you getting a PR UI for this, i.e. New Code only? Or do you also see overall code?

Ann

liortal53 · September 22, 2022, 6:10pm

None of these arguments are passed as far as i can see in the “context” i got from background tasks.

Regarding your other question - not sure what you mean - here’s a screenshot of what it looks like. I do have NEW CODE as well as Overall code in there.

ganncamp · September 22, 2022, 6:11pm

Hi,

Thanks for checking. I’ve flagged this for more expert attention.

Ann

jacek.poreda · September 23, 2022, 12:02pm

Hello @liortal53 ,

Could you share with us how you checkout the repository within TeamCity? Have you set the clone depth limitation by any chance?

If you are using a reference branch strategy for New Code Period, during analysis refs of those branches should be fetched by git to make a code comparison.

liortal53 · September 25, 2022, 5:02am

Checking it out as usual - i am not even sure there’s a setting for depth limitation.

Logging in to the target build machine, i could also find a .git folder in the checkout with refs, heads and remotes that include this branch name.

We are using reference branch strategy for new code period - the integration branch is indeed checked out.