Hi there! We are using SonarQube Cloud as a required status check in our GitHub repo settings.
A recent commit today reported that the status check took 17 minutes to report back, but it actually took 43 minutes. The PR had already been open for a day, and this was the latest commit pushed to it.
Is there a reason for this discrepancy, or some way that we can fix it?
Can we gain visibility into the logs produced by this process? In years past, code analysis took five-ish minutes, so I’d like to investigate a possible decline in performance.
Thanks for the reply - I’m happy to provide what I can. We aren’t running this on GitHub Actions or any self-hosted infrastructure. My understanding is that Sonar owns the CI run with Automatic Analysis.
In Administration > Background Tasks, I see a list of activities where each duration is between 3-5 seconds. I’ve attached the file produced by clicking the ellipses.
If there is a place where I can view the full logs, can you please point me in the right direction?
I pushed a fresh commit and Sonar just reported 39 minutes, which was the correct amount of time that I waited.
Given my previous run from earlier in this thread, I expected to see something closer to 17 minutes. I’m definitely still interested in finding the logs if it’s possible, since anything above ten minutes in our CI pipeline is a limiting factor.
I get it. I don’t have direct access to those logs, so I’ll need to escalate this. Before I do, can you characterize your project for me in terms of languages and size?
Thanks, understood! Our project is a Ruby on Rails application with ~110k lines of Ruby code. We have some non-Ruby files like ERB view templates with embedded JS, Gettext translation files, and bash scripts.
I appreciate your patience while waiting on our response here.
I was able to check the logs for the information you provided, and the scanning part of the analysis is what takes long (30+ minutes).
Adding additional patterns to the exclusion properties (e.g. sonar.exclusions) should help here, so please make sure to review the current patterns and add more to cover any non-code files that would not need to be analyzed. I can suggest some in private message for your review.
