We’re attempting to use Sonarqube quality gates to block PRs that contain new bugs from being merged.
There isn’t much more to say, but let me be explicit so there is no confusion.
Developer creates branch from “master” and makes some code changes
Developer pushes branch to github and initiates pull request
Jenkins tests pull request including triggering sonarqube testing.
Sonarqube does analysis on the new code in that PR and fails the quality gate if that code would introduce a bug.
I had assumed that this would be the default behavior: only fail on the code that’s actually changed in that PR, but it seems that any bug that previously existed in the repo is also included.
I’ve looked all through the documentation and read all the threads I could find on this topic, if this has already been covered please point me to the right documentation. I feel like I’m missing something incredibly obvious here.
Hi Josh,
The behavior that you described is the one I would expect in SQ v7.9.1.
Only new bugs introduced in the P/R should show up. If that’s not the case, perhaps the target of the P/R wasn’t analyzed or wasn’t up to date in SonarQube?
One of the ways SonarQube detects “new issues” in the P/R is by comparing issues in the P/R with issues in its target branch. So if the target branch isn’t up to date in SonarQube some issues might be missing there, making them appear in the P/R.