Incremental scan in SonarQube 6.7.x

sonarqube

(Elavarasan Chidambaram) #1

Hello, We are using SonarQube 6.7.4 and evaluating how incremental Sonar static code analysis can be achieved. We usually do full code quality check and post the results on Sonarqube dashboard.
The requirement is to run incremental scan on the modified changes from Git repository. My concern is results will be overwritten every time incremental scan is executed. Is there a way to resolve that issue? I need to have full report and also delta scan results (on every build) on Sonarqube project. Is it possible?
Other questions :
Is it recommended to do incremental scan and post results in the centralized Soanrqube server?
There was something called differential view that shows different version of scan report in earlier version. But looks like that feature is not available in 6.x.x. I am trying to find out alternate way.


(Dinesh Bolkensteyn) #2

SonarQube does not support incremental analysis as of today. We only support and recommend complete analysis every single time.


(Elavarasan Chidambaram) #3

@dbolkensteyn Thanks for the confirmation. Is there a way to show code coverage captured between last scan and recent scan? For example: Though it is complete analysis, Could you advise if i can differentiate the bugs appeared (on Sonar dashboard) in the modified code from recent commit in Git repository?


(Dinesh Bolkensteyn) #4

Yes SonarQube is able and recommends to focus on the quality of new code. You can read more about it here:

  1. https://docs.sonarqube.org/latest/user-guide/fixing-the-water-leak/
  2. https://docs.sonarqube.org/latest/analysis/pull-request/