We are facing an issue when scanning a short lived branch like feature/some-branch.
We are using Jenkins Grade pipeline to automate scanning every time a commit is made on BitBucket.
The analysis seems to complete OK but the results are empty on SonarQube UI, and I know there should be some code smells.
We are using SonarQube 7.6 Developer Edition
The strange thing is that when I manually run the scan on my laptop and passing the exact same parameters used in jenkins pipeline the results are uploaded successfully and reported on the project
The pipeline used to work when you donât set the -Dsonar.branch.name parameter but it was reporting as Master every branch it was scanning.
To be clear, are the issues youâre expecting issues that are new to the code? I.e. they were added in the PR and not present in earlier versions of the code?
Also, does the project use the default quality profile?
Hi Ann,
At this point I think it is irrelevant because the same code analyzed locally on my laptop using the same arguments as jenkins file publishes the report on the target project on the UI and the same code when analyzed using jenkins pipeline finishes successfully but reports no issue.
But to answer your question there isnât any new PR and the project is using the default security profile.
In the past we didnât use sonar.branch.name on jenkins, and any branch scan was published under the name master under the project, later on as we upgraded to developer edition for branch analysis we introduced the sonar.branch.name parameter to jenkins and the scans were published as short living branches and thatâs the time this issue was introduced.
To be clear, when you analyze from your laptop, you see issues and when you analyze from Jenkins you donât? If so, what if any differences do you see between the two analysis logs? Also, I donât suppose youâd share a screenshot of the result of the from-my-laptop analysis?
Both of your screenshots omit the Resolution facet on the issues page. Since the âemptyâ branch was analyzed a few days ago, itâs possible that someone has marked the two missing issues False Positive or Wonât Fix. Could you check. And if thatâs not the case, could you post the two analysis logs?
Could not find ref: master in refs/heads or refs/remotes/origin
Thatâs from your Jenkins log, line 578 (itâs repeated at line 664). I donât recall all the details, but PR analysis does some sophisticated narrowing of what to report based on changes in the PR versus the base. This is to make sure that all and only the issues new in the PR are reported. For instance, if an issue is fixed in master after the PRâs branch was started, without this versus-base analysis the issue would be reported as ânewâ in the PR when clearly itâs old-but-not-caught-up.
Anyway, back to your logs, lines 658-659 in the Jenkins log
2 files to be analyzed
2/2 files analyzed
Versus the analogous lines (782-784) from your local analysis tell the story:
3 files to be analyzed
3/3 files analyzed
And as a side note, God Bless the maintainers of the Meld diff viewer.
