Description: There is a misalignment between the SONAR_USER_HOME directory and the cached path in the current GitLab CI configuration for SonarQube. This issue may result in ineffective caching, leading to potential inefficiencies in the CI pipeline.
Changes to .gitlab-ci.yml proposed by SonarQube tutorial
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
stages:
- sonarqube-check
- sonarqube-vulnerability-report
sonarqube-check:
stage: sonarqube-check
dependencies:
- get-binaries
- build
cache:
policy: pull
key: "${CI_COMMIT_SHORT_SHA}"
paths:
- sonar-scanner/
script:
- sonar-scanner
allow_failure: true
rules:
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
- if: $CI_COMMIT_BRANCH == 'master'
- if: $CI_COMMIT_BRANCH == 'main'
- if: $CI_COMMIT_BRANCH == 'develop'
Steps to Reproduce:
- Create new project in SonarQube Enterprise Edition 10.6 and go to select analysis method with Gitlab Ci.
- On step Create or update the configuration file select “What option best describes your project?Other”
- On step 3 of tutorial note the
SONAR_USER_HOMEvariable, which is set to${CI_PROJECT_DIR}/.sonar. - Observe the cache configuration, which is caching the
sonar-scanner/directory instead of.sonar.
There is a correct pipeline on Documentation page Adding SonarQube analysis to GitLab CI/CD
Expected Behavior: The cache should be properly utilized, speeding up the SonarQube analysis by reusing previously cached data.
Actual Behavior: The cache is ineffective because it is pointing to the wrong directory, leading to no performance gain.
Proposed Solution: Align the cached path with SONAR_USER_HOME to ensure that the cache is utilized correctly. This can be done in one of the following ways: