The scanner uses sonar.cfamily.compile-commands. I had to move the project base directory to the workspace root. That allows to scan modules, drivers, etc… The project base (workspace root) is not under version control (application, modules, etc… are).
Normal scans work fine. The goal is to get merge request decorators to work. Based on SonarQube documentation it is possible to configure the sonar properties to detect merge requests.
When using GitLab CI, you shouldn’t have to specify anything in order for Merge Requests to be analyzed (the scanner should pick up anything related to branch and pull request analysis automatically)
I have a feeling that you might have triggered an analysis on a branch (where CI_COMMIT_REF_NAME is present`), and not a merge request.
Are you sure you’ve triggered the build from a merge request, and not just a one-off scan of a branch?
When using GitLab CI, you shouldn’t have to specify anything in order for Merge Requests to be analyzed (the scanner should pick up anything related to branch and pull request analysis automatically)
Projects do have not an ordinary structure, as mentioned in the comment. We had to disable scm as the scan happens in a workspace directory that is not under git (actual application sources are).
the scanner should pick up anything related to branch and pull request analysis automatically
The idea is to manually fill required MR/PR variables so that sonarqube creates a comment in the correct project, MR/PR about the results.
I have a feeling that you might have triggered an analysis on a branch (where CI_COMMIT_REF_NAME is present`), and not a merge request.
What matters is $CI_PIPELINE_SOURCE which must be equal to merge_request_event (the only way by GitLab documentation). It is buggy too, as requires workflow with a related rule to be set. Without the workflow, the variable won’t be set to merge_request_event. An issue exists in the issue tracker…
Are you sure you’ve triggered the build from a merge request, and not just a one-off scan of a branch?
The job runs exactly when MR is detected based on the $CI_PIPELINE_SOURCE.
and propagated to the scan via the sonar-project.properties file. However, the scanner still picks up a branch name and considers it to be a branch scan. Is there a way to disable such automatic behavior?