How to scan all branches with autoscan?

Hi,

I followed the guide how to activate autoscan and now it scans only master. How do I scan all of the available branches on every commit to branch? We are using Github and Jenkins as CI if it matters.

In general, I find documentation missing information HOW to enable short lived branches scan or how to add other non master long lived branches to scanner.

Hi @dreic and welcome to the community !

Autoscan is still in Beta, thus for the moment, we can only analyze the default branch of the repo,or a pull request.

Mickaël

Aha, thanks for the info. Any way to do this using jenkins?

Sure ! We have a dedicated Scanner for that.

Here is the documentation : https://sonarcloud.io/documentation/analysis/scan/sonarscanner-for-jenkins/

Mickaël

I managed to make it work but few observations…

The idea is that on every branch update, sonarcube runs and output results to sonarcloud. The behavior I am observing is that even if I run tests in test branch, results appear in master branch at sonarcloud. Is it even possible to have there multiple branches at sonarcloud and click on each and get results of each branch tests?

Also I don’t understand why I see only master branch in Sonarcloud if I made scan on test branch for example.

Hi,

Currently, you have to pass branch/PR parameters manually to the scanner in your Jenkins job.
See for example this pipeline (if you are using Jenkins pipelines):

This will improve with:
https://jira.sonarsource.com/browse/SONAR-11853

We are using Gradle to start scan. With Jenkins multibranch pipeline I was able to achieve automatic scan of all branches and specific branch on commit. So only lose end is SonarCloud which is not detecting branch which branch is being tested and the results are in the master branch on sonarcloud.

Here is my whole pipeline:

pipeline {
agent any

stages {
    stage('Checkout repo') {
        steps {
            checkout scm
        }
    }
    stage('SonarQube analysis') {
        steps {
            withSonarQubeEnv('SonarCloud') { // Will pick the global server connection you have configured
            sh 'npm install'
            sh './gradlew sonarqube'
            }
        }
    }
}

post {
    // Clean up our workspace
    always {
        echo 'Reached end of pipeline, cleaning workspace'
        deleteDir() 
    }
}

Gradle scanner use same parameters than Maven. So you should change:

    stage('SonarQube analysis') {
        steps {
            withSonarQubeEnv('SonarCloud') { // Will pick the global server connection you have configured
            sh 'npm install'
            sh './gradlew sonarqube'
            }
        }
    }

by something like:

    stage('SonarQube branch analysis') {
        when {
                not {
                    changeRequest()
                }
            }
        steps {
            withSonarQubeEnv('SonarCloud') { // Will pick the global server connection you have configured
            sh 'npm install'
            sh './gradlew sonarqube -Dsonar.branch.name=${env.BRANCH_NAME}'
            }
        }
    }
    stage('SonarQube PR analysis') {
        when {
                changeRequest()
            }
        steps {
            withSonarQubeEnv('SonarCloud') { // Will pick the global server connection you have configured
            sh 'npm install'
            sh './gradlew sonarqube -Dsonar.pullrequest.key=${env.CHANGE_ID} \
                        -Dsonar.pullrequest.base=${env.CHANGE_TARGET} \
                        -Dsonar.pullrequest.branch=${env.CHANGE_BRANCH}'
            }
        }
    }

Waiting for SONAR-11853

Thanks, that worked!

one more question, auto scan detected source to have JavaScript, CSS, TypeScript, HTML, XML but gradle scan only detected Java. Can I define manually in configuration file which quality profiles sonarqube should use?

The scanner for Gradle only includes source folders by default (src or src/main/java, depending on your project type). If you want you can override the properties sonar.sources and sonar.tests to include more files.

I am not sure we are on the same page. So Autoscanner scanned the repo and found all those languages (all are in src/main). But if Gradle scanner runs it finds only java. I was reading documentation and I can’t find way to specify for JavaScript, CSS, TypeScript, HTML, XML types and define source folder where files of those type are (and everything is in src).