False-Positive doesn't retain that status after merge

SonarQube Developer Edition 9.9.2 LTS
Sonar-scanner 5.0.1.3006
Jenkins 2.440.2 LTS
SonarQube Scanner for Jenkins plugin 2.15
SonarQube deployed inside Kubernetes with Docker image

Hi Community,
We are using the SonarQube in our CI infrastructure to analyse C/C++ code.
Recently we have faced with the issue related to retaining issue resolution status after merge into master.
How the workflow looks like:

1. During the feature branch scan, SonarQube found an issue:
   
2. We resolved the issue status as “False Positive”:

3. We re-run sonar scanner on the feature branch and after successful scan merged it into master
4. After merge feature branch into master sonar scanner fails with the issue that was previously resolved as " False Possitive" in the feature branch before merging:

For all feature branches, master branch is configured as reference branch in the project settings.
As I know from documentation, issue resolution retain its status after merge if reference branch is configured for the feature branch. Branch FAQ
Please help us to find the root of the issue.
Thank you for your advice.

Hi,

Just to dot the i’s could I also have a screenshot of that (re)open issue in the main branch?

 
Thx,
Ann

Hi @ganncamp ,
Thank you for reply. We’ve already resolved it manually as Won't Fix and for this reason I did not attach it.
Here is the resolved issue:

Hi,

Would you mind showing the issue changelog? Click on ‘6 days ago’ to see it.

 
Thx,
Ann

As I see - the issue was created by another branch (not the same branch where we’ve resolved it),
But in this branch - all scans were passed successfully without any issues, besides I can’t find this issue neither in new code nor in old code.
Here is activity for the that branch scans:

Hi,

And does phy-index-fix, use the fp-branch as the reference branch?

This might be about timing. Someone pointed me to an internal discussion about a newer merge overriding issue marking from an older one.

You can’t find it in phy-index-fix?

 
Thx,
Ann

For the phy-index-fix - master branch configured as a reference.

Yes, I can’t find it in phy-index-fix branch.

Hi,

Thanks for those details. I’m going to flag this for more expert eyes.

 
Ann

Hello Yevhen,

In our Issue-tracking algorithm, there are a few ways that issues will propagate to the master branch. For example, an issue will persist if the algorithm identifies a similar enough existing in master but not exactly the same one (for example, different line numbers).

The reason you might not be able to see the issue in phy-index-fix is if the issue was already closed (not found in the latest analysis) or marked as resolved by a user. The fact that phy-index-fix shows up in the issue log of master makes it almost certain that the issue did exist in phy-index-fix when master was analyzed.

Could you go to the issue page for that branch (phy-index-fix) and try to change the issue “resolution” search criteria to include resolved issues (accepted, false positive, fixed) and then see if it shows up?

(should look something like this, sorry the screenshot is from the latest SQ version)

This will tell us if the issue did exist in the branch analysis, and that it was resolved within the branch. Unfortunately, if the issue was indeed “closed” (as mentioned above) it won’t show up in the UI, although it might still be in the database.

I’m not sure if this helps at all, but the hope is to understand better if this is a valid persistence of the issue or if, indeed, it is a bug.

Thanks,
Lucas

Hi @Lucas_Paulger ,
Thank you for your answer. Unfortunately, phy-index-fix no longer exists in SQ, and I can’t provide additional details.
Thank you for your help.