I’m using the scanner CLI (JAR version, 126.96.36.19947), reporting to a server running
Community Edition Version 8.7.1 (build 42226). The scanner was run by a Jenkins job, automatically scanning every commit to our
master branch, recently migrated to Gitlab CI (using the official Docker image). This worked great, but at some point in the past we added a new Typescript compiler option for what turned out to be an unsupported version of Typescript. This quietly broke our scanning process – other sensors ran as expected, so issues in e.g. CSS or HTML would still be flagged, but most of the project is written in Typescript and so wouldn’t actually be checked.
It sounds like officially, analysis is not supposed to “fail” if one step fails, but the end result for us is that our quality reports look fine even though most of our code is not actually being scanned at all. I’d like to avoid that situation in the future. What’s the recommended best practice here? Is there a scanner option I can set to avoid sending partially-complete analysis reports? Should the CI job that performs the scan be set to
grep its output for
ERROR:? Can I configure the server to notice that the project went from 50k LOC in a given language to zero overnight? Basically, how can I set up an alarm that goes off when the scanner is not scanning exactly what I expect it to scan?