Files do not get indexed if not version-controlled, breaking special cases

I have 2 cases where some files do not get indexed ever since upgrading SonarQube from 6.7.5 to 7.6, and which is causing a problem for us.

1. Sonar analysis executed with the Gradle Runner

My company is developing a Gradle plugin, which apart from reusing the Sonar Gradle plugin, sets some meaningful defaults for certain Sonar properties. We use the Gradle Runner to test if the plugin works correctly. However the SCM feature does not like this structure:

Git checkout with a ".git" folder
`- Gradle project implementing our Gradle plugin
    `- Inner Gradle project in directory "build/" created by the Gradle Runner to test the plugin.
      `- "src/main.js" 

If I remove the “.git” folder or move the test Gradle project out of the Git checkout directory, the analysis works fine.

2. Using a symlink for a test analysis

I got a JS project that uses Ant, but I wanted to test Sonar upgrades on that project using our Gradle plugin described above. Why not keep using Ant? Well, it’s just much simpler to do all our tests the same way without having to deal with legacy limitations…

So what I did was I symlinked the source folder of the JS project into a minimalistic Gradle project:

Git checkout with a ".git" folder
`- Gradle project using our Gradle plugin
    `- symlink to the source folder of an Ant-based JS project
       `- lots of JS files

Those files could be found and indexed until upgrade to SonarQube 7.

What worked for me in both cases is:

sonarqube {
    properties {
        property 'sonar.scm.disabled', 'true'
    }
}

However, I would like to know:

  • Why these special cases get broken.
  • If there is any better solution other than disabling the SCM feature.
  • I don’t think it affects the credibility of my test analyses too much if not enabling SCM on files that aren’t even version controlled, but I am not sure.

Thanks in advance.

Hi there,

I didn’t really get what are the problem you end up having in both cases. Do you have logs from the scanner to show? Are the files simply ignored or is there an error? Is it a regular analysis or are you analyzing branches or pull requests?

Disabling SCM is not a good workaround since you will miss a lot of features, specially if you end up using branches and pull request analysis.

They are simply ignored (0 files indexed, no errors). The second case should be fairly simple to reproduce. I’m analyzing master branches.

1 Like