SonarQube version: Community Edition Version 7.9.1 (build 27448)
Scanner version: SonarQube Scanner 4.0.0.1744
What are you trying to achieve?
Detect new code compared with my master branch (git as VCS) so apply the default quality gate over it.
Coverage on New Code is less than 80.0%
Duplicated Lines on New Code is greater than 3.0%
Maintainability Rating on New Code is worse than A
Reliability Rating on New Code is worse than A
Security Rating on New Code is worse than A
What have you tried so far to achieve this?
Run analysis only in branches starting in master and setting âNew Code Periodâ as âprevious_versionâ.
Hi,
Let me put some context before my question:
We just want to have a quality gate over the new code
We just want to run an analysis for checking the quality gate on branches starting from master but not in the master branch
We want to detect new code as the difference between current code in master and the code in the branch where the analysis is executed in the moment the analysis is performed
Our current sonar-project.properties is something like the following:
sonar.projectKey=myproject
sonar.projectName=myproject
sonar.projectVersion=1.0
sonar.sources=src
sonar.exclusions=src/tests
sonar.language=py
sonar.sourceEncoding=UTF-8
sonar.python.coverage.reportPaths=cov.xml
Our current SonarQube configuration for âNew code periodâ is âprevious_versionâ
New code is currently detected as the difference between the code used for the first analysis we did (couple of weeks ago in a branch when we first integrated it) and the current code (on the branch the analysis is executed)
Based on previous context, looks like all the code that was added after the first run will always be detected as new code and never updated.
How should we configure SonarQube or sonar-project.properties to get the comparison we would like to have?
Youâre talking about branches in a Community Edition context, so itâs not super clear to me how youâre trying to go about this. If youâre analyzing each branch as a separate project, then yes, the first analysis will be the baseline and whatâs added after that will be considered ânewâ.
No, I am not having separate branches as different projects. The idea is that we compare code in the branch with code in master branch. Based on what Iâve read, new code is automatically identified based on SCM blame information. If thatâs the case, I guess the comparison we want to get is possible.
If youâre in Community Edition, then you donât have the option to analyze branches without either overwriting the analysis of master or creating independent projects for them.
That said, yes the SCM blame data is used to recognize whatâs new since the start of the leak period.
We now have Developer Edition under evaluation but we are finding the same issue. We say different reports for branches, PRs and master, but the new code detection is not properly done. Branches and PRs are reporting 0 new lines of code.
Is SCM data available to your analysis? What is your New Code Period set to? When were the lines of code you expect to see marked ânewâ last modified?
Weâre running the analysis after downloading the repository with all the SCM info.
New Code Period is set to previous_version.
It depends, the branches where we expect to see the differences can contains commits created before the last commit of the master branch or after it. We expect something like the PR diff in Sonar as the new code regardless of which commit contains the changes. Is that right?