Get all issues for multiple project analysis in pull request

Hi,
I have sonarqube 8.2.0.32929 developer edition, with bitbucket ALM.
Right now it is possible to run multiple project analysis using gradle task like, “gradle :subproject:proj1:sonarqube :subproject:proj2:sonarqube”
This command runs analysis on sonarqube proj1 and proj2.
But When I do pull request analysis, only comments from last proj (in this case proj2) are displayed in pull request.
Is it possible to display all possible issues under this pull request.

I even tried to get all open issues in the PR manually via API but I had no success.

I tried to use API
curl “http://our-sonar-cloud/api/issues/search?projectKeys=proj1&pullRequest=123&resolved=false&facets=severities”
it only works on one project at a time.

but I’m not able to get all open issues for multiple projects in this pull request, I tried following request but api returns “ALL issues” instead of one from this PR.
curl “http://our-sonar-cloud/api/issues/search?projectKeys=proj1,proj2&pullRequest=123&resolved=false&facets=severities”
and
curl “http://our-sonar-cloud/api/issues/search?pullRequest=123&resolved=false&facets=severities”

Hi,

It’s not clear to me why you want/need to run all of these as one job.

This makes it sound like you have one PR that spans multiple projects…?

To be clear, all the projects’ PRs show up as analyzed in SonarQube?

 
Ann

Hi @ganncamp,

Thanks for you reply,

So we have multiple sub projects with in a big bitbucket repo, and we treat each sub project as a separate project in sonarqube.

so in a pull request it might happen that multiple sub projects are changed.

With the gradle command ( mentioned in prev comment ) , all sub projects are analysed and I can see branches in sonarqube server, but the comments on pull request from sonarqube extension are only displayed for one project and not the rest.

so, I was wondering if one of the option is a possibility,

1. Allow extension to show all comments from multiple projects.
2. Get the open issues in a pull request across multiple SQ project via API. ( and then I can comment on pull request via bitbucket api )

Hi,

So I guess you’ve got a monorepo(?).

This is par for the course. We’ve got monorepo support in our grand vision for the year, but we haven’t started working on it yet. And unfortunately, I can’t think of a workaround that wouldn’t explode your billed LOC.

There are web services to supply this data. The best way to figure out what they are is to look at it in the UI and sniff the network traffic via developer tools.

 
HTH,
Ann

okay, thank you

We have a similar issue: A multi-language project.

• Java which is build with ant and analyzed
• C++ which is build with msbuild and analyzed
  The code interacts via JNI.

In Azure DevOps we build the two parts in parallel jobs (i.e. separate build servers).
Only one QualityGate is displayed and issues commented in the PR. On SonarQube server both parts are available.

I assume that the slower build deletes the report of the faster one.

Addition: In the summary tab of the build, both analyses are shown. Only in the PR there is only one reported.

Addition 2: Seems to be discussed and given to your dev team in this discussion

Hi @milbrandt,

So you know, handling this nicely might make it into the LTS, although time/space for that gets increasingly tight.

At the same time, I want to point out that this would work (yes, I understand you may have external constraints that make this solution unavailable to you)

• Check out all
• Run Java/Ant build
• Run C++ build with build-wrapper
• Analyze all (-Dsonar.sources=path/to/java,path/to/C++ -Dsonar.cfamily.build-wrapper-output=build_wrapper_output_directory ...)

 
Ann

Hi @ganncamp

yes, we had the build in one job in the past. We split it up in 3 jobs to speed it up, especially for pull requests.

With SonarQube analysis a complete build in one job would probably go for 3-4 hours. Seems not very appealing … but I can give it a try.