Clean as you Code with Large Repos

SonarQube Server / Community Build
1

SonarQube Enterprise 9.9
Sonar-Scanner-cli 4.8 (sonar-scanner-cli:latest)
SonarQube runs on Docker
Scans are run on GitLabCI runners in our local data center

The scan portion of the CICD job can take anywhere from 5-10 minutes, making it impractical to use as part of a regular process. That is, if pushing to GitLab kicks off a process that takes 10 minutes instead of 1 minute, then it isn’t practical to do scans on push, so devs aren’t getting immediate feedback on code they’re pushing to GitLab.
Does anyone have experience with Scan on Push that doesn’t add a lot of overhead to the process?
I know there isn’t any way to only scan code Deltas. But any other suggestions would be appreciated.

2

Hey there.

What language(s) are you analyzing?

1 Like
3

Hi Colin,
Python and Node, as well as a lot of IaC stuff. Helm, Terraform.

4

Thanks.

I think a good first step would be identifying what is taking the longest in your scanning process. 5-10 minutes is quite a lot, but of course it depends on the size of your codebase.

A grep command like this might be useful:

grep -E 'time=[0-9]{6,}ms' scanner.log

This finds any duration with more than 6 digits, but if nothing is taking that long it can be adjusted to 5, 4, etc…

1 Like