How to configure SonarQube to detect new code compared with current master status

Versions used

  • SonarQube version: Community Edition Version 7.9.1 (build 27448)
  • Scanner version: SonarQube Scanner 4.0.0.1744

What are you trying to achieve?
Detect new code compared with my master branch (git as VCS) so apply the default quality gate over it.

  • Coverage on New Code is less than 80.0%
  • Duplicated Lines on New Code is greater than 3.0%
  • Maintainability Rating on New Code is worse than A
  • Reliability Rating on New Code is worse than A
  • Security Rating on New Code is worse than A

What have you tried so far to achieve this?
Run analysis only in branches starting in master and setting “New Code Period” as “previous_version”.

Hi,

Let me put some context before my question:

  • We just want to have a quality gate over the new code
  • We just want to run an analysis for checking the quality gate on branches starting from master but not in the master branch
  • We want to detect new code as the difference between current code in master and the code in the branch where the analysis is executed in the moment the analysis is performed
  • Our current sonar-project.properties is something like the following:
    sonar.projectKey=myproject
    sonar.projectName=myproject
    sonar.projectVersion=1.0
    sonar.sources=src
    sonar.exclusions=src/tests
    sonar.language=py
    sonar.sourceEncoding=UTF-8
    sonar.python.coverage.reportPaths=cov.xml
  • Our current SonarQube configuration for “New code period” is “previous_version”
  • New code is currently detected as the difference between the code used for the first analysis we did (couple of weeks ago in a branch when we first integrated it) and the current code (on the branch the analysis is executed)

Based on previous context, looks like all the code that was added after the first run will always be detected as new code and never updated.

How should we configure SonarQube or sonar-project.properties to get the comparison we would like to have?

Thanks in advance.

1 Like

Hi,

You’re talking about branches in a Community Edition context, so it’s not super clear to me how you’re trying to go about this. If you’re analyzing each branch as a separate project, then yes, the first analysis will be the baseline and what’s added after that will be considered “new”.

Does this help?

 
Ann

Hi Ann,

Thanks for the answer.

No, I am not having separate branches as different projects. The idea is that we compare code in the branch with code in master branch. Based on what I’ve read, new code is automatically identified based on SCM blame information. If that’s the case, I guess the comparison we want to get is possible.

Am I wrong?

Thanks.

Hi,

If you’re in Community Edition, then you don’t have the option to analyze branches without either overwriting the analysis of master or creating independent projects for them.

That said, yes the SCM blame data is used to recognize what’s new since the start of the leak period.

 
Ann